57 lines
2.3 KiB
Markdown
57 lines
2.3 KiB
Markdown
# CLAUDE.md
|
|
|
|
This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
|
|
|
|
## What This Is
|
|
|
|
A flake-based NixOS configuration managing 6 hosts (all x86_64-linux). Pinned to nixpkgs `nixos-25.11`.
|
|
|
|
## Common Commands
|
|
|
|
- **Build/deploy locally**: `rebuild-nixos` (installed to `~/.local/bin` via `make`)
|
|
- This runs on the target machine: pulls from local git remote, then `doas nixos-rebuild switch --flake .`
|
|
- **Build a specific host** (dry run): `nixos-rebuild build --flake .#<hostname>`
|
|
- **Flash a remote machine**: `./script/flash.sh <config-name> <ssh-address>` (uses nixos-anywhere)
|
|
- **Check if reboot needed**: `./script/check-restart.sh`
|
|
- **Install the rebuild script**: `make`
|
|
|
|
## Architecture
|
|
|
|
### Flake Structure
|
|
|
|
All hosts are generated via `lib.genAttrs` in `flake.nix`. Each host gets:
|
|
- `disko` module (declarative disk management)
|
|
- `nix-index-database` with comma
|
|
- Host-specific config from `./hw/<hostname>/`
|
|
- Shared base from `./configuration.nix`
|
|
|
|
Custom packages `ke` and `kte` are flake inputs from `git.wntrmute.dev/kyle/`.
|
|
|
|
### Host Layout
|
|
|
|
Each host has a directory under `hw/<hostname>/` containing:
|
|
- `default.nix` — imports hardware-config and (for desktops) desktop/qemu modules
|
|
- `hardware-configuration.nix` — auto-generated hardware config
|
|
- `disk-config.nix` — disko disk layout (where applicable)
|
|
|
|
Desktop hosts (imladris, orion, vade, ono-sendai) import `configs/desktop.nix` and `configs/qemu.nix`.
|
|
Server hosts (rift, sk) are minimal — hardware config + disk config only.
|
|
|
|
### Shared Modules (`configs/`)
|
|
|
|
- `pkgs.nix` — system-wide packages
|
|
- `desktop.nix` — GDM + i3, PipeWire audio, Bluetooth, CUPS
|
|
- `desktop-packages.nix` — GUI applications (imported by desktop.nix)
|
|
- `git.nix` — git identity config
|
|
- `qemu.nix` — QEMU/KVM virtualization
|
|
|
|
### Key Design Decisions
|
|
|
|
- **No home-manager** — all config is system-level NixOS modules
|
|
- **No overlays** — packages are used directly; `allowUnfree = true`
|
|
- **No secrets manager** — SSH keys via gpg-agent, `doas` (not sudo) for privilege escalation
|
|
- **Podman** with Docker compatibility enabled on all hosts
|
|
- **Tailscale** and **Syncthing** enabled on all hosts
|
|
- **LUKS encryption** on some hosts (rift, ono-sendai)
|
|
- `inputs` are passed to modules via `specialArgs`
|