main
.ast-grep/
.claude/
.githooks/
.pi/
android/
docs/
dots/
home/
home-assistant/
imperative/
infra/
keyboards/
lib/
modules/
overlays/
pkgs/
secrets/
systems/
tools/
.cache
rw-r--r--
229 B
.dir-locals.el
rw-r--r--
128 B
.envrc
rw-r--r--
104 B
.gitignore
rw-r--r--
1.3 KB
.gitleaks.toml
rw-r--r--
167 B
.ignore
rw-r--r--
6 B
AGENTS.md
rw-r--r--
5.3 KB
CLAUDE.md
rw-r--r--
24 B
COPYING
rw-r--r--
34.3 KB
Makefile
rw-r--r--
4.8 KB
README.md
rw-r--r--
5.0 KB
flake.lock
rw-r--r--
36.0 KB
flake.nix
rw-r--r--
13.3 KB
globals.nix
rw-r--r--
19.3 KB
install.sh
rwxr-xr-x
2.8 KB
nixpkgs.nix
rw-r--r--
362 B
remote-install.sh
rwxr-xr-x
6.9 KB
secrets.nix
rw-r--r--
7.0 KB
sgconfig.yml
rw-r--r--
757 B
shell.nix
rw-r--r--
687 B
tektoncd-pac-migration.md
rw-r--r--
56.4 KB

home monorepo

A comprehensive monorepo for personal infrastructure, system configurations, and tools — primarily built with Nix.

Overview

This repository manages:

  • NixOS system configurations for desktops, servers, and Raspberry Pis
  • Home-manager configurations for user environments
  • Custom tools — media management, DNS, keyboards, system utilities
  • Dotfiles for apps not managed by home-manager
  • Secrets via agenix with Yubikey encryption

Repository Structure

.
├── systems/          # NixOS configurations per host + shared common modules
├── home/             # Home-manager configs (desktop, dev, shell, services)
├── pkgs/             # Custom Nix packages (exposed via overlays)
├── modules/          # Custom NixOS modules (wireguard, govanityurl, gosmee, ...)
├── overlays/         # Nix overlays (additions, modifications, unstable)
├── lib/              # Flake helpers (mkHost, mkHome, mkSystemManager)
├── tools/            # Custom tools and scripts
├── dots/             # Dotfiles managed outside home-manager
├── keyboards/        # QMK/ZMK keyboard firmware (Moonlander, Corne)
├── imperative/       # Idempotent config scripts for non-NixOS hosts
├── secrets/          # Agenix-encrypted secrets
├── docs/             # Additional documentation
├── flake.nix         # Main entry point
├── globals.nix       # Machine definitions, DNS zones, VPN settings
└── Makefile          # Build, deploy, and management targets

Host Configuration Pattern

Each host lives in /systems/<hostname> and typically contains:

  • boot.nix — bootloader, initrd, kernel modules
  • hardware.nix — hardware imports, filesystem mounts
  • extra.nix — additional host-specific configuration (optional)
  • home.nix — host-specific home-manager overrides (optional)

Shared modules in /systems/common cover base setup, desktop environments (Sway, Niri), hardware, programs, services, and users.

Usage

Run make help for a full list of targets. Key ones:

System Management

make build          # Build current host configuration
make switch         # Build and activate immediately
make boot           # Build and activate on next boot
make dry-build      # Test build without changes

Remote Hosts

make host/<hostname>/build    # Build for a specific host
make host/<hostname>/switch   # Deploy and activate on remote host
make host/<hostname>/boot     # Deploy, activate on next boot

Keyboards

make keyboards/moonlander/build       # Build Moonlander QMK firmware
make keyboards/moonlander/flash       # Build and flash
make keyboards/eyelash_corne/build    # Build Corne ZMK firmware
make keyboards/eyelash_corne/flash    # Build and flash
make keyboards/draw                    # Generate keymap SVGs

DNS

make dns-show                  # Display DNS zone configuration
make dns-update-gandi          # Sync records to Gandi Live DNS
make dns-update-gandi-dry-run  # Preview changes

Maintenance

make fmt             # Format Nix files
make pre-commit      # Run pre-commit checks
make clean           # Clean old generations and build results
make update          # Update flake inputs

Installing a New System

For hosts with an existing configuration, use the install script (uses disko):

./install.sh <hostname> [additional-disko-options]

Hosts

Desktops

Host Arch Desktop Notes
kyushu x86_64 Niri Work laptop
okinawa x86_64 Niri Personal laptop

Servers (NixOS unstable)

Host Arch Notes
aomi x86_64 Server
sakhalin x86_64 Server

Servers (NixOS stable)

Host Arch Notes
athena aarch64 Raspberry Pi 4
demeter aarch64 Raspberry Pi 4
aix aarch64 Raspberry Pi 4
aion aarch64 Server
rhea aarch64 Server
kerkouane x86_64 Server

Non-NixOS (Imperative)

Host OS Notes
nagoya Debian Server

See imperative/ for details.

Development

nix develop  # Enter dev shell with git, deadnix, nixfmt, agenix, etc.

Pre-commit hooks run automatically for: Go (gofmt), Nix (nixfmt, deadnix), Python (ruff), and Shell (shellcheck).

CI (GitHub Actions) builds all NixOS configurations, packages, and keyboard firmware on every push.

Supported Platforms

  • x86_64-linux
  • aarch64-linux

References

See docs/references.md for NixOS/dotfile repositories that inspired this configuration.

License

GNU GPL v3 — see COPYING for details.