harivansh-afk/nix
1
1
Fork 0
mirror of https://github.com/harivansh-afk/nix.git synced 2026-04-15 08:03:44 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
nix/leverage.md
Harivansh Rathi f63d51ee26 update
2026-03-31 00:23:05 -04:00

3.4 KiB
Raw Blame History

Nix Leveraging

flake.nix is the root lever: one flake, one lockfile, one graph for both macOS and Linux. modules/hosts/darwin.nix composes nix-darwin, home-manager, and nix-homebrew; modules/hosts/netty.nix composes nixosSystem, disko, and home-manager. The point is not “using Nix”; it is collapsing laptop state and VPS state into one reproducible interface.

modules/nixpkgs.nix and lib/hosts.nix are the next leverage layer. They define the global username, per-host metadata, feature flags, and the specialArgs boundary. That removes random isDarwin checks from leaf modules and turns host differences into data.

lib/package-sets.nix, modules/base.nix, modules/packages.nix, and modules/homebrew.nix are the package policy. core, extras, and fonts give one place to reason about the machine surface; custom inputs like googleworkspace-cli, claude-code-nix, OpenSpec, neovim-nightly, nix-homebrew, and disko are pinned in flake.nix instead of installed ad hoc.

home/default.nix and home/common.nix turn Home Manager into the userland control plane. home/xdg.nix pushes Rust, Go, Node, Python, AWS, Claude, npm, wget, psql, and sqlite into XDG paths; home/security.nix fixes SSH and GPG permissions on activation; home/migration.nix cleans legacy ~/dots links during the cutover instead of relying on manual cleanup.

lib/theme.nix, home/ghostty.nix, home/tmux.nix, home/zsh.nix, and home/scripts.nix are the ergonomic leverage. One palette renders Ghostty, tmux, fzf, zsh highlights, bat, and delta. The generated theme script hot-swaps light/dark across those surfaces. tmux gets session restore, directory-based window names, and a generated session list; zsh gets vi mode, cursor-shape switching, XDG history, prompt theming, and deterministic PATH assembly.

home/nvim.nix, home/codex.nix, home/claude.nix, and home/skills.nix are the agent/editor layer. Neovim is pinned with the nightly overlay and seeded lockfile state; Codex and Claude configs are repo-owned; global skills are installed declaratively via npx skills add -g and hash-stamped so the activation only resyncs when the manifest changes.

scripts/default.nix, justfile, scripts/render-bw-shell-secrets.sh, and scripts/restore-bw-files.sh are the operational leverage. writeShellApplication turns local scripts into managed tools (ga, ghpr, gpr, ni, theme, wt, wtc); Bitwarden stays the secret source of truth; just switch, just switch-netty, and nixos-anywhere keep deployment small.

Finally, hosts/netty/configuration.nix turns the VPS into a declarative service bundle: static networking, nginx + ACME, Forgejo with GitHub mirror sync, sandbox-agent plus its CORS proxy, bounded GC/journald retention, and a machine that can be rebuilt instead of repaired.