Skip to content

bphenriques/dotfiles

BranchesTags

Repository files navigation

bphenriques's fleet (Homelab & Laptops & Misc)

Modules Packages selfhost-nix NixOS Install

Hi! 👋 This is my personal NixOS flake that works for me. I hope this helps you!

Hosts

Host Platform Description
compute NixOS Self-hosted homelab (OIDC SSO, secret provisioning).
laptop NixOS Personal workstation
inky Raspberry Pi Imager Raspberry Pi Zero 2W connected to Inky Impression and speakers

The compute host runs selfhost-nix, my declarative service framework: a single service registration drives ingress, OIDC, secrets, monitoring, homepage, and backups.

Nix Stack

Layout:

  • hosts/: per-host configurations (hardware, services, users)
  • modules/: personal NixOS/home-manager modules (the selfhost.* framework lives in selfhost-nix)
  • profiles/: shared opinionated configuration that sets standard options (imported by hosts)
  • packages/: custom packages and scripts
  • lib/: custom helpers and builders
  • apps/: runnable scripts (installation, post-install)

Key dependencies:

Not using flake-utils or impermanence intentionally.

Sensitive Configuration

I use a companion private dotfiles-private repository as a flake input for private configuration mapped to self.private because:

  • I do not want to expose private information such as public domain, user definitions, and SMTP settings.
  • I do not want to overexpose the sops encrypted file nor the .sops.yaml.
Structure of dotfiles-private 
.
├── flake.lock
├── flake.nix
├── hosts
│   ├── compute
│   │   ├── default.nix
│   │   ├── secrets.yaml    <- Encrypted
│   │   ├── settings.nix
│   │   └── users
│   │       ├── bphenriques.nix
│   │       └── johndoe.nix
│   └── laptop
│       ├── default.nix
│       └── secrets.yaml    <- Encrypted
├── packages
│   └── wallpapers
│       ├── default.nix
│       └── src
│           ├── beach-night-sky.jpg
│           ├── ...
│           └── watch-tower.png
├── README.md
└── shell.nix               <- With sops package inside

Workflow

A dot CLI wraps the native rebuild tools:

dot . s              # build, preview changes, and apply to the current host
dot . b              # build and preview changes without applying
dot . u              # update flake inputs
dot . c              # show changelog between last two local profiles
dot compute s        # deploy to the compute host remotely
dot compute c        # show changelog for the compute host

AI Disclaimer

AI was used from January 2026 onwards, starting with the compute host to learn and iterate faster, not to replace understanding. I drive the architecture, review and own every line.

Acknowledgements

Thanks to everyone sharing dotfiles, maintaining the Arch Wiki and NixOS Wiki, and helping in the NixOS community.

About

dotfiles using Nix

Topics

dotfiles nix nixos nix-dotfiles nixos-configuration dotfiles-installer nix-darwin home-manager dotfiles-macos nix-flake nixos-config nix-flakes

Resources

Readme

License

MIT license
Activity

Stars

9 stars

Watchers

1 watching

Forks

0 forks
Report repository

Contributors

Languages