██████╗  ██████╗ ██╗  ██╗███╗   ██╗███████╗████████╗
██╔═══██╗██╔═══██╗██║ ██╔╝████╗  ██║██╔════╝╚══██╔══╝
██║   ██║██║   ██║█████╔╝ ██╔██╗ ██║█████╗     ██║   
██║   ██║██║   ██║██╔═██╗ ██║╚██╗██║██╔══╝     ██║   
╚██████╔╝╚██████╔╝██║  ██╗██║ ╚████║███████╗   ██║   
 ╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═══╝╚══════╝   ╚═╝ .org

A monorepo for all my nix expressions powered by flake-parts.

The goals of this repository are:

1. To maintain a centralized location for all my personal computing infrastructure
2. To provide a place to experiment and learn about networking, administration, security, unix, design, and programming

• NixOS configurations for all my hosts
• Home-Manager configuration for my workstations
• Custom packages
• Development environments
• Declarative secrets with agenix
• Personal website
• Templates for bootstrapping projects

Below are all the hosts I currently maintain within this flake:

As this project serves as a learning environment, its architecture changes frequently. While I'll try to keep this documentation current, what follows is a high-level overview of the current design.

The current architecture enables straightforward bootstrapping of new hosts while maintaining fine-grained configuration on a per-host basis. This is accomplished using a roles and profiles pattern (similar to Puppet's roles and profiles method).

• Workstation: Desktop/laptop systems with a GUI environment
• Server: Headless systems running specific services
• Installer: Bootable ISO images for provisioning new hosts

Hosts are declared as plain data under flake.ooknet.{workstations,servers,images}. The builders in outputs/builder/ map that data with mapAttrs into nixosConfigurations / darwinConfigurations, wiring up the right platform modules (lib.nixosSystem for linux, nix-darwin's darwinSystem for macos) and importing the matching host module from hosts/<hostname>. The host attribute name is the hostname, so a declaration only carries what makes the host unique while the builder absorbs the boilerplate.

Workstations:

flake.ooknet.workstations = {
  ookst480s = {
    system = "x86_64-linux";
    type = "laptop";
  };
  ooksair = {
    system = "aarch64-darwin";
    type = "laptop";
  };
};

Servers:

flake.ooknet.servers = {
  ooknode = {
    system = "x86_64-linux";
    type = "vm";
    profile = "linode";
    domain = "ooknet.org";
    services = ["website" "forgejo"];
  };
};

Installer images:

flake.ooknet.images = {
  ooksinstall = {
    system = "x86_64-linux";
    type = "iso";
    role = "installer";
  };
};

Profiles are collections of related software and configuration that can be enabled on a per-host basis. Some example workstation profiles:

• gaming: Steam & emulators
• communication: Discord, Teams, Matrix
• productivity: Document editing, note-taking
• creative: Art and design tools
• media: Audio/video playback and management
• virtualization: Virtual machine support
• infra: Infrastructure and ops tooling
• work: Work specific tooling

Example:

ooknet.workstation.profiles = ["gaming" "creative" "media"];

Servers pick a base profile (for VMs, e.g. linode) and a list of services to run. Some example services:

• website: My static website
• forgejo: Git server
• ookflix: Media server services
• monitoring: Metrics and dashboards
• authentik: Identity provider

ooknet.server.services = ["ookflix" "monitoring"];

• Compositor: Hyprland
• Utilities:
  • Idle: hypridle
  • Screen locker: hyprlock
  • Wallpaper: hyprpaper
  • Bar: Waybar
  • Notifications: Mako
• Color Palette: Gruvbox extended

I want to give some appreciation to the many people/resources who have helped in some way to build this project.

• ghuntley
• NobbZ
• notashelf
• mic92
• fabaff
• gerg-l
• viperML
• colemickens
• fufexan
• max-privatevoid

• nix.dev
• noogle
• nix-pills