Declarative System, Package & Home Configurations - WIP Always

• Nix Flakes - 100% Nix Flakes-based configuration, no Nix channels.
• Hybrid Infrastructure - Nix & Terraform defined local bearmetal hosts and cloud resources.
• Centralized Identity Management (testing) - Globally unified user identity via LDAP and SSSD.
• User Home Management (legacy) - Per-user declarative configuration via HomeManager.
• Zero Trust Networking - Tailscale provided private mesh networking across all infrastructure nodes.
• Secret Management (testing) - Google Secret Manager based secret storage and distribution.
• Bitwarden Managed Secrets (legacy) - System wide encrypted secrets managed by bsm & bw.
• Secure By Default Operating System - Hardened NixOS linux based operating system.
• Desktop Environments - Fully featured wayland GNOME desktop environment.

This workspace follows the following structure:

├── assets            # Static assets
├── home              # User HomeManager modules 
├── hosts             # Host NixOS modules 
├── infrastructure    # Terraform infrastructure
├── modules           # NixOS modules
├── pkgs              # Package definitions
├── shells            # Ad-hoc shells environments
├── flake.nix         # Nix flake
├── lib.nix           # Nix utils
├── overlays.nix      # Package overlays
├── shell.nix         # Workspace development shell
└── topology.nix      # Topology module configuration