zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions 1 Activity
708 Commits 7 Branches 0 Tags
cf71b74d6fb862bfb66ebd4881823fea5a65a089
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Zuckerberg cf71b74d6f Add Incus container support to sandboxed workspaces 
- Add incus.nix module for fully declarative Incus/LXC containers
- Build NixOS LXC images using nixpkgs.lib.nixosSystem
- Ephemeral containers: recreated on each start, cleaned up on stop
- Use flock to serialize concurrent container operations
- Deterministic MAC addresses via lib.mkMac to prevent ARP cache issues
- Add veth* to NetworkManager unmanaged interfaces
- Update CLAUDE.md with coding conventions and shared lib docs
2026-02-08 15:16:40 -08:00
.gitea/workflows
Update to NixOS 24.05
2024-06-02 21:12:07 -06:00
common
Add Incus container support to sandboxed workspaces
2026-02-08 15:16:40 -08:00
home
Add claude-code to personal machines
2026-02-07 22:37:35 -08:00
lib
Add Incus container support to sandboxed workspaces
2026-02-08 15:16:40 -08:00
machines
Add Incus container support to sandboxed workspaces
2026-02-08 15:16:40 -08:00
overlays
Use upstream pykms and Actual Budget. Move Actual to s0. Add automated backups for Actual.
2025-03-29 18:36:13 -07:00
patches
Update nixpkgs
2026-01-11 14:25:03 -08:00
secrets
Update digitalocean key
2026-01-14 19:32:21 -08:00
skills/create-workspace
Add sandboxed-workspace module for isolated dev environments
2026-02-07 22:43:08 -08:00
.gitignore
Add .gitignore
2022-05-20 16:37:33 -04:00
CLAUDE.md
Add Incus container support to sandboxed workspaces
2026-02-08 15:16:40 -08:00
flake.lock
Add sandboxed-workspace module for isolated dev environments
2026-02-07 22:43:08 -08:00
flake.nix
Add sandboxed-workspace module for isolated dev environments
2026-02-07 22:43:08 -08:00
LICENSE
Add LICENSE
2021-05-21 13:01:02 +00:00
Makefile
Add activate deploy command
2026-01-24 14:58:40 -08:00
new_machine.md
Update install steps
2023-04-19 21:17:45 -06:00
README.md
If machine role is personal set de.enable = true; automatically
2025-03-28 20:16:26 -07:00
TODO.md
update TODOs
2023-04-23 10:16:54 -06:00

README.md

My NixOS configurations

Source Layout

  • /common - common configuration imported into all /machines
    • /boot - config related to bootloaders, cpu microcode, and unlocking LUKS root disks over tor
    • /network - config for tailscale, and NixOS container with automatic vpn tunneling via PIA
    • /pc - config that a graphical PC should have. Have the personal role set in the machine's properties.nix to enable everthing.
    • /server - config that creates new nixos services or extends existing ones to meet my needs
  • /machines - all my NixOS machines along with their machine unique configuration for hardware and services
    • /kexec - a special machine for generating minimal kexec images. Does not import /common
  • /secrets - encrypted shared secrets unlocked through /machines ssh host keys
Reference in New Issue View Git Blame Copy Permalink
Description
My NixOS configurations
Readme MIT 46 MiB
Languages
Nix 92.5%
Shell 6.9%
Makefile 0.6%