zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity
712 Commits 7 Branches 0 Tags
8293a7dc2a16f7da431fd44f16ca2c8061cf0d0d
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Zuckerberg 8293a7dc2a Rework Claude Code config in sandboxed workspaces 
Remove credential passing to sandboxes (didn't work well enough).
Move onboarding config init from host-side setup into base.nix so
each workspace initializes its own Claude config on first boot.
Wrap claude command in VM and Incus workspaces to always skip
permission prompts.
2026-02-09 19:56:11 -08:00
.gitea/workflows
Update to NixOS 24.05
2024-06-02 21:12:07 -06:00
common
Rework Claude Code config in sandboxed workspaces
2026-02-09 19:56:11 -08:00
home
Add claude-code to personal machines
2026-02-07 22:37:35 -08:00
lib
Add Incus container support to sandboxed workspaces
2026-02-08 15:16:40 -08:00
machines
Add Incus container support to sandboxed workspaces
2026-02-08 15:16:40 -08:00
overlays
Use upstream pykms and Actual Budget. Move Actual to s0. Add automated backups for Actual.
2025-03-29 18:36:13 -07:00
patches
Update nixpkgs
2026-01-11 14:25:03 -08:00
secrets
Update digitalocean key
2026-01-14 19:32:21 -08:00
skills/create-workspace
Add sandboxed-workspace module for isolated dev environments
2026-02-07 22:43:08 -08:00
.gitignore
Add .gitignore
2022-05-20 16:37:33 -04:00
CLAUDE.md
Add Incus container support to sandboxed workspaces
2026-02-08 15:16:40 -08:00
flake.lock
Add use flake for fresh claude code
2026-02-09 18:04:09 -08:00
flake.nix
Add use flake for fresh claude code
2026-02-09 18:04:09 -08:00
LICENSE
Add LICENSE
2021-05-21 13:01:02 +00:00
Makefile
Add activate deploy command
2026-01-24 14:58:40 -08:00
new_machine.md
Update install steps
2023-04-19 21:17:45 -06:00
README.md
If machine role is personal set de.enable = true; automatically
2025-03-28 20:16:26 -07:00
TODO.md
update TODOs
2023-04-23 10:16:54 -06:00

README.md

My NixOS configurations

Source Layout

  • /common - common configuration imported into all /machines
    • /boot - config related to bootloaders, cpu microcode, and unlocking LUKS root disks over tor
    • /network - config for tailscale, and NixOS container with automatic vpn tunneling via PIA
    • /pc - config that a graphical PC should have. Have the personal role set in the machine's properties.nix to enable everthing.
    • /server - config that creates new nixos services or extends existing ones to meet my needs
  • /machines - all my NixOS machines along with their machine unique configuration for hardware and services
    • /kexec - a special machine for generating minimal kexec images. Does not import /common
  • /secrets - encrypted shared secrets unlocked through /machines ssh host keys
Reference in New Issue View Git Blame Copy Permalink
Description
My NixOS configurations
Readme MIT 46 MiB
Languages
Nix 92.5%
Shell 6.9%
Makefile 0.6%