kyle/imladris
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
master
imladris/CLAUDE.md

2.3 KiB
Raw Permalink Blame History

CLAUDE.md

This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.

What This Is

A flake-based NixOS configuration managing 6 hosts (all x86_64-linux). Pinned to nixpkgs nixos-25.11.

Common Commands

  • Build/deploy locally: rebuild-nixos (installed to ~/.local/bin via make)
    • This runs on the target machine: pulls from local git remote, then doas nixos-rebuild switch --flake .
  • Build a specific host (dry run): nixos-rebuild build --flake .#<hostname>
  • Flash a remote machine: ./script/flash.sh <config-name> <ssh-address> (uses nixos-anywhere)
  • Check if reboot needed: ./script/check-restart.sh
  • Install the rebuild script: make

Architecture

Flake Structure

All hosts are generated via lib.genAttrs in flake.nix. Each host gets:

  • disko module (declarative disk management)
  • nix-index-database with comma
  • Host-specific config from ./hw/<hostname>/
  • Shared base from ./configuration.nix

Custom packages ke and kte are flake inputs from git.wntrmute.dev/kyle/.

Host Layout

Each host has a directory under hw/<hostname>/ containing:

  • default.nix — imports hardware-config and (for desktops) desktop/qemu modules
  • hardware-configuration.nix — auto-generated hardware config
  • disk-config.nix — disko disk layout (where applicable)

Desktop hosts (imladris, orion, vade, ono-sendai) import configs/desktop.nix and configs/qemu.nix. Server hosts (rift, sk) are minimal — hardware config + disk config only.

Shared Modules (configs/)

  • pkgs.nix — system-wide packages
  • desktop.nix — GDM + i3, PipeWire audio, Bluetooth, CUPS
  • desktop-packages.nix — GUI applications (imported by desktop.nix)
  • git.nix — git identity config
  • qemu.nix — QEMU/KVM virtualization

Key Design Decisions

  • No home-manager — all config is system-level NixOS modules
  • No overlays — packages are used directly; allowUnfree = true
  • No secrets manager — SSH keys via gpg-agent, doas (not sudo) for privilege escalation
  • Podman with Docker compatibility enabled on all hosts
  • Tailscale and Syncthing enabled on all hosts
  • LUKS encryption on some hosts (rift, ono-sendai)
  • inputs are passed to modules via specialArgs
Reference in New Issue View Git Blame Copy Permalink