# nixfiles NixOS / nix-darwin / home-manager configuration for all hosts, built from a single flake. ## Hosts Defined in the host table in [`flake.nix`](./flake.nix): | Configuration | System | Machine | | --------------------- | ---------------- | -------------------------------------------------------------------------------------------------------------------- | | `lyrathorpe-mbp` | `aarch64-linux` | MacBook Pro (Apple Silicon, Asahi) | | `lyrathorpe-t400` | `x86_64-linux` | ThinkPad T400 — [install notes](./system/machine/T400/README.md) | | `lyrathorpe-macpro31` | `x86_64-linux` | Mac Pro 3,1, desktop — [install notes](./system/machine/MacPro31/README.md) | | `emmathorpe-edaas` | `x86_64-linux` | Work WSL box (NixOS-WSL) | | `lyrathorpe-rpi5` | `aarch64-linux` | Raspberry Pi 5 headless server: Docker host + nginx reverse proxy — [install notes](./system/machine/RPi5/README.md) | | `lyrathorpe-mac` | `aarch64-darwin` | macOS (nix-darwin) | Shared layers: `lyrathorpe/home` (home-manager: shell, git, editor), `system/modules/common-nixos.nix` (all NixOS hosts: fonts, nix-ld, caches), `system/modules/workstation.nix` (physical graphical hosts: audio, thermald, earlyoom, fwupd), `system/modules/laptop.nix` (laptops: Wi-Fi, Bluetooth, power, lid), and `system/modules/ssh.nix` (key-only sshd). The x86 hosts also pull `nixos-hardware` profiles. ## Applying ```sh # NixOS sudo nixos-rebuild switch --flake .# # Darwin darwin-rebuild switch --flake .#lyrathorpe-mac ``` ## Shell environment & keybindings - Interactive shell features (zsh, tmux, git, ssh, CLI tools, auto-tmux): [`lyrathorpe/home/README.md`](./lyrathorpe/home/README.md). - All Sway / tmux / foot / zsh keyboard shortcuts: [`lyrathorpe/home/KEYBINDINGS.md`](./lyrathorpe/home/KEYBINDINGS.md). ## Login / greeter Graphical (Sway) hosts log in through a Wayland greeter — `greetd` running ReGreet inside the `cage` kiosk compositor — implemented in [`lyrathorpe/swaywm.nix`](./lyrathorpe/swaywm.nix), gated on `features.swayDesktop.enable` (the option is declared in [`system/modules/features.nix`](./system/modules/features.nix), so headless hosts can leave it off without importing `swaywm.nix`). The greeter is forced to Dvorak to match the console and Sway session. Headless hosts (the WSL work box and the Raspberry Pi server) keep plain TTY login. The target account needs a password (`passwd `) before it can log in. ## MacBook (Asahi) firmware The MBP host references `system/modules/firmware/` for Apple peripheral firmware (Wi-Fi/Bluetooth). These blobs are **committed** (tracked) even though `.gitignore` lists the directory: the flake is `git+file`, so it only sees tracked files — untracking them breaks `lyrathorpe-mbp` evaluation (and the CI host-eval) because the config can't find the firmware. They are not redistributable; the repo is private. To refresh them, copy the firmware extracted during the Asahi install (from `/etc/nixos/firmware`, or re-extract per the [Asahi NixOS docs](https://github.com/tpwrules/nixos-apple-silicon)) into `system/modules/firmware/` and commit with `git add -f`. ## Development A dev shell and a formatting/lint gate are wired through the flake: - `nix develop` — shell with `deadnix`, `statix`, `treefmt`, and the git `pre-commit` hooks (installed automatically on first entry). - `nix fmt` — formats the tree via `treefmt` (nixfmt + shfmt + prettier; generated files and `flake.lock` are excluded). - `nix flake check` — runs formatting, `deadnix`, `statix`, the pre-commit hooks, and evaluates every host. `.editorconfig` carries the base style; `statix.toml` disables the two house-style lints (`repeated_keys`, `empty_pattern`). ## CI [`.gitea/workflows/ci.yaml`](./.gitea/workflows/ci.yaml) runs `nix flake check` (formatting, `deadnix`, `statix`, the pre-commit hooks) and evaluates every NixOS and Darwin host configuration on push/PR.