🏠 Alex's Universal Dotfiles

A comprehensive, production-ready Nix configuration using flake-parts for managing NixOS, Darwin, and Home Manager configurations across multiple architectures and environments.

✨ Features

• 🔧 Multi-Platform Support: macOS (Darwin), NixOS (x86_64 & aarch64), Mobile NixOS
• 🏗️ Modular Architecture: Clean separation using flake-parts
• 🔐 Production-Ready Secrets: SOPS-nix with age encryption
• 🚀 Automated CI/CD: GitHub Actions with comprehensive checks
• 📱 Mobile Support: OnePlus 6T with Mobile NixOS
• 🎯 Environment Separation: Production, staging, development configurations
• 🛠️ Developer Experience: Rich development shells and tools

How much code?

👨‍💻 Code Statistics:

Total LOC (including blanks, comments): 54873

🔍 Click to expand code stats.

Language	Files	Lines	Code	Comments	Blanks
CSS	8	5586	4248	316	1022
JSON	1	402	402	0	0
Lua	1	225	138	50	37
Markdown	13	3448	0	2476	972
Nix	286	39118	33000	3635	2483
Python	5	1617	1407	61	149
Shell	17	3936	2915	365	656
Plain Text	1	1	0	1	0
TOML	1	56	47	5	4
Vim script	0	0
YAML	9	484	304	160	20
Total	342	54873	42461	7069	5343

Last updated: Fri Aug 1 11:55:02 PDT 2025

🖥️ Supported Systems

System	Architecture	Hostname	Status
macOS	aarch64-darwin	NIXY	✅ Active
macOS	x86_64-darwin	NIXI	✅ Active
NixOS Desktop	x86_64-linux	NIXSTATION64	✅ Active
NixOS ARM	aarch64-linux	NIXY2	✅ Active
Mobile NixOS	aarch64-linux	NIXEDUP (OnePlus 6T)	🧪 Experimental

🏗️ Repository Structure

This repository follows a standardized flake-parts structure for better organization and maintainability:

.
├── flake.nix                 # Main flake entry point
├── flake.lock               # Flake lock file
├── parts/                   # Flake-parts modules
│   ├── lib.nix             # Library functions
│   ├── overlays.nix        # Nixpkgs overlays
│   ├── sops.nix            # SOPS secrets management
│   ├── common.nix          # Common configurations
│   ├── nixos-configurations.nix
│   ├── darwin-configurations.nix
│   ├── home-configurations.nix
│   ├── packages.nix        # Custom packages
│   ├── apps.nix            # Flake applications
│   ├── devshells.nix       # Development shells
│   ├── docs.nix            # Documentation
│   ├── ci.nix              # CI/CD scripts
│   ├── formatter.nix       # Code formatting
│   └── checks.nix          # Flake checks
├── modules/                 # Reusable modules
│   ├── nixos/              # NixOS modules
│   ├── darwin/             # Darwin modules
│   └── home-manager/       # Home Manager modules
├── hosts/                   # System configurations
│   ├── nixos/              # NixOS hosts
│   │   ├── NIXSTATION64/   # Desktop workstation
│   │   ├── NIXY2/          # ARM development board
│   │   └── NIXEDUP/        # OnePlus 6T mobile
│   ├── darwin/             # Darwin hosts
│   │   └── NIXY/           # MacBook Pro M1
│   └── extraConfig/        # SSH keys and additional configs
├── profiles/                # Reusable configuration profiles
│   ├── desktop/            # Desktop environment
│   ├── server/             # Server configuration
│   ├── mobile/             # Mobile optimizations
│   └── development/        # Development tools
├── users/                   # User-specific configurations
│   ├── alex/               # Primary user
│   └── susu/               # Secondary user
├── secrets/                 # SOPS-encrypted secrets
│   ├── production/         # Production environment
│   ├── staging/            # Staging environment
│   ├── development/        # Development environment
│   ├── systems/            # System-specific secrets
│   └── users/              # User-specific secrets
├── scripts/                 # Management scripts
├── docs/                   # Comprehensive documentation
├── lib/                    # Helper functions
├── overlays/               # Package overlays
├── shared/                 # Shared configurations
└── tools/                  # Utility tools

🚀 Quick Start

Prerequisites

# Install Nix with flakes support
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install

# Clone the repository
git clone https://github.com/yourusername/dotfiles.git ~/.dotfiles
cd ~/.dotfiles

Building Systems

# NixOS systems
nix build .#nixosConfigurations.NIXSTATION64.config.system.build.toplevel
nix build .#nixosConfigurations.NIXY2.config.system.build.toplevel
nix build .#nixosConfigurations.NIXEDUP.config.system.build.toplevel

# Darwin systems
nix build .#darwinConfigurations.NIXY.system
nix build .#darwinConfigurations.NIXI.system

# Home Manager configurations
nix build .#homeConfigurations.alex.activationPackage

Deploying Systems

# NixOS (run on target system)
sudo nixos-rebuild switch --flake .#NIXSTATION64
sudo nixos-rebuild switch --flake .#NIXY2
sudo nixos-rebuild switch --flake .#NIXEDUP

# Darwin (run on macOS)
darwin-rebuild switch --flake .#NIXY
darwin-rebuild switch --flake .#NIXI

# Home Manager (run as user)
home-manager switch --flake .#alex

# Automated deployment (detects current system)
nix run .#ci-deploy

Development Workflow

# Enter development shell with all tools
nix develop

# Format code
nix fmt

# Check flake validity
nix flake check

# Run comprehensive CI checks
nix run .#ci-check

# Serve documentation locally
nix run .#docs-serve

📦 Available Applications

Run applications with nix run .#<app-name>:

Application	Description
default	System information and flake overview
system-info	Detailed system information
secrets-manager	Interactive SOPS secrets management
mobile-installer	Mobile NixOS installer for OnePlus 6T
update-readme	Update README.md with current code statistics
ci-check	Comprehensive CI/CD checks
ci-deploy	Automated system deployment
docs-serve	Local documentation server

Examples

# Get system information
nix run .#default

# Manage secrets interactively
nix run .#secrets-manager

# Update code statistics in README
nix run .#update-readme

# Run all CI checks
nix run .#ci-check

# Deploy current system
nix run .#ci-deploy

🔧 Configuration Management

Adding a New Host

1. Create host directory:

   mkdir -p hosts/{nixos,darwin}/hostname

2. Create configuration:

   # hosts/nixos/hostname/default.nix
   { config, lib, pkgs, ... }: {
     imports = [
       ./hardware-configuration.nix
       ../../../profiles/desktop
     ];
     
     networking.hostName = "hostname";
     # Additional configuration...
   }

3. Add to flake configuration:

   # parts/nixos-configurations.nix
   hostname = inputs.nixpkgs.lib.nixosSystem {
     # Configuration...
   };

Adding a New Module

1. Create module:

   mkdir -p modules/{nixos,darwin,home-manager}/module-name

2. Implement module:

   # modules/nixos/module-name/default.nix
   { config, lib, pkgs, ... }: {
     options = {
       # Module options...
     };
     
     config = {
       # Module implementation...
     };
   }

3. Import in default.nix:

   # modules/nixos/default.nix
   {
     imports = [
       ./module-name
       # Other modules...
     ];
   }

Adding a New Profile

1. Create profile directory:

   mkdir -p profiles/profile-name

2. Define profile:

   # profiles/profile-name/default.nix
   { config, lib, pkgs, ... }: {
     imports = [
       # Required modules...
     ];
     
     # Profile configuration...
   }

3. Import in profiles:

   # profiles/default.nix
   {
     profile-name = import ./profile-name;
   }

🔐 Secrets Management

This configuration uses SOPS-nix with age encryption for production-ready secrets management:

Quick Commands

# Edit secrets (environment-specific)
sops secrets/production/secrets.yaml
sops secrets/development/secrets.yaml
sops secrets/users/alex.yaml

# Rekey secrets after adding new recipients
sops updatekeys secrets/production/secrets.yaml

# Interactive secrets management
nix run .#secrets-manager

# Validate all secrets
./scripts/secrets-manager.sh validate

# Audit secret access
./scripts/secrets-manager.sh audit

Environment Structure

• Production: secrets/production/ - Live environment secrets
• Staging: secrets/staging/ - Pre-production testing
• Development: secrets/development/ - Local development
• Users: secrets/users/ - Personal API keys and configs
• Systems: secrets/systems/ - Host-specific secrets

Documentation

• 📖 SOPS-nix Implementation Guide - Complete production deployment guide
• 🔧 Secrets Management Guide - Comprehensive secrets documentation

📚 Documentation

Core Documentation

• 🚀 Development Guide - Development setup and workflows
• 🤝 Contributing Guidelines - How to contribute to this project
• 🚢 Deployment Guide - Production deployment procedures
• 📋 Deployment Runbook - Step-by-step deployment instructions
• 🔍 Troubleshooting Guide - Common issues and solutions
• 📊 Project Status - Current project status and roadmap

Quick Links

• Module Documentation - Detailed module documentation
• Host Configuration Examples - Host-specific configuration guides
• API Documentation - Internal API documentation

🧪 Testing & Quality Assurance

Automated Testing

# Run all checks (recommended before commits)
nix flake check

# Test specific system builds (dry-run)
nix build .#nixosConfigurations.NIXSTATION64.config.system.build.toplevel --dry-run
nix build .#darwinConfigurations.NIXY.system --dry-run

# Format check
nix fmt --check

# Comprehensive CI checks
nix run .#ci-check

Manual Testing

# Test secrets decryption
./scripts/secrets-manager.sh validate

# Test system deployment (dry-run)
sudo nixos-rebuild dry-run --flake .#NIXSTATION64

# Test Home Manager configuration
home-manager build --flake .#alex

Continuous Integration

• ✅ Flake validation: Ensures flake.nix is valid
• ✅ Format checking: Code formatting with treefmt
• ✅ Build testing: All system configurations build successfully
• ✅ Secrets validation: All secrets can be decrypted
• ✅ Documentation: Links and references are valid

🚀 Deployment

Automated Deployment

# Deploy current system automatically
nix run .#ci-deploy

Manual Deployment

# NixOS systems
sudo nixos-rebuild switch --flake .#NIXSTATION64

# Darwin systems
darwin-rebuild switch --flake .#NIXY

# Home Manager
home-manager switch --flake .#alex

Remote Deployment

# Deploy to remote NixOS system
nixos-rebuild switch --flake .#NIXSTATION64 --target-host user@hostname

# Deploy using deploy-rs (if configured)
deploy .#NIXSTATION64

🛠️ Development

Development Shell

# Enter development environment
nix develop

# Available tools in dev shell:
# - nix, nixpkgs-fmt, treefmt
# - sops, age, ssh-to-age
# - git, gh, pre-commit
# - mdbook (for documentation)

Code Formatting

# Format all code
nix fmt

# Check formatting
nix fmt --check

Pre-commit Hooks

# Install pre-commit hooks
pre-commit install

# Run hooks manually
pre-commit run --all-files

📱 Mobile NixOS (Experimental)

This configuration includes experimental support for Mobile NixOS on OnePlus 6T:

# Build mobile image
nix build .#nixosConfigurations.NIXEDUP.config.system.build.android-bootimg

# Install mobile helper
nix run .#mobile-installer

# Flash to device (requires unlocked bootloader)
fastboot flash boot result/boot.img
fastboot reboot

Note: Mobile NixOS support is experimental and may require additional setup.

🤝 Contributing

We welcome contributions! Please see our Contributing Guidelines for details on:

• Code style and formatting
• Commit message conventions
• Pull request process
• Testing requirements
• Documentation standards

Quick Contribution Workflow

1. Fork and clone the repository
2. Create a feature branch: git checkout -b feature/amazing-feature
3. Make changes and test thoroughly
4. Format code: nix fmt
5. Run checks: nix flake check
6. Commit changes: Follow conventional commit format
7. Push and create a pull request

📄 License

This configuration is available under the MIT License. See LICENSE for details.

🙏 Acknowledgments

• NixOS - The purely functional Linux distribution
• nix-darwin - Nix modules for macOS
• Home Manager - User environment management
• flake-parts - Modular flake framework
• SOPS - Secrets management
• Mobile NixOS - NixOS for mobile devices

---

Made with ❤️ and Nix | Report Issues | Discussions