This repository provides a comprehensive personal NixOS configuration for managing diverse infrastructure, including development machines, servers, and VPS instances. It targets power users and engineers seeking a declarative, reproducible, and robust system for infrastructure management, self-hosted services, and dotfiles, leveraging Nix's functional package management and ZFS for system state management.

How It Works

The configuration employs NixOS and Nix flakes for declarative system management across multiple hosts. Core to its design is the use of ZFS for storage, enabling system rollbacks and impermanence, ensuring that only necessary state persists. This approach allows for granular control over system configurations, services, and user dotfiles, facilitating consistent deployments and easy recovery.

Quick Start & Requirements

Initial setup involves creating a bootable NixOS live ISO with the configuration or using an official live ISO and manually setting up SSH. Deployment requires running agenix for secret management and specific commands like nix build --print-out-paths --no-link .#images.<target-system>.live-iso for custom ISOs or nix copy for installer transfer. Prerequisites include NixOS installation, ZFS support, and potentially specific hardware for services. Detailed steps for adding new machines are provided but marked as incomplete.

Highlighted Details

• Manages a wide array of self-hosted services including AdGuard Home, Kanidm (SSO), Vaultwarden, Immich, Stalwart Mailserver, Paperless, and local LLM setups (llama-cpp, open-webui).
• Features a dynamic tiling window manager (niri), extensive Neovim configuration via nixvim, and custom screenshot tools.
• Utilizes ZFS with boot-time rollbacks for system impermanence and robust state management.
• Includes configurations for networking (WireGuard VPN, nftables), monitoring (Grafana, Loki, InfluxDB), and secure secret management with agenix.

Maintenance & Community

This appears to be a personal configuration repository. No specific community links (Discord, Slack) or explicit maintenance signals beyond the project's activity are provided.

Licensing & Compatibility

The repository's license is not explicitly stated in the provided README. This lack of clear licensing information may pose a blocker for commercial use or integration into closed-source projects.

Limitations & Caveats

The "How-To Add new machine" section is noted as incomplete. The setup for repository-wide secrets requires specific Nix plugin configurations, which may need manual intervention if automatic setup fails. Some configurations are marked as Work In Progress (WIP).