Configuration files for NixOS + Home Manager.
jasmine
15b4851e8e
Major improvements to borgbackup configuration for better reliability and
maintainability:
**Shared staging directory:**
- Use single /btrfs-subvolumes directory (was /subvolumes-{onsite,offsite})
- Eliminates redundant path suffixes in archive structure
- Archive paths now semantic: /btrfs-subvolumes/srv-forgejo clearly indicates
BTRFS subvolume content without redundant backup job metadata
**Defense-in-depth protection:**
- Layer 1: Systemd ordering - offsite waits for onsite completion
- Layer 2: Self-healing preHook - auto-cleanup orphaned snapshots from
crashes/power loss
- Prevents cascading failures from race conditions or abnormal terminations
**Code quality improvements:**
- Extract subvolume lists to reduce duplication (DRY principle)
- Add /* sh */ syntax hints for proper editor highlighting
- Silent operation for consistency with existing hooks
- Improved readability with clearer comments and formatting
- All lines ≤ 100 characters
**Timing:**
- Offsite: *-*-* 00:15:00 (daily at 12:15 AM, waits for onsite)
- Onsite: hourly (unchanged)
|
||
|---|---|---|
| assets | ||
| home-manager/sajenim | ||
| modules | ||
| nixos | ||
| overlays | ||
| pkgs | ||
| .envrc | ||
| .gitignore | ||
| .mcp.json | ||
| CLAUDE.md | ||
| flake.lock | ||
| flake.nix | ||
| justfile | ||
| LICENSE | ||
| README.md | ||
| shell.nix | ||
NixOS & Home-Manager Configuration
My NixOS and Home-Manager config files. Based upon Misterio77's starter configs.
This repo is often neglected and doesn't necesarrily follow best practices.
I recommend only using this repo for inspiration and instead use this boilerplate
Preview
Features
- Opt-in persistance with ephermeral btrfs.
- Secrets managed with agenix and rekeyed with yubikey.
- Standalone nixvim configuration for neovim.
- Custom haskell packages for xmonad & xmobar.
- Declarative minecraft server with nix-minecraft.
- Borgbackup of mutable service/container data.
- Media server with typical *arr stack.
- FQDN with private DNS for all internal services.
- Crowdsecurity for all public services.
Installation
# Prepare disks, create an EFI System partition and Linux Filesystem partition
fdisk /dev/nvme0n1
# Create our filesystems
mkfs.fat -F32 -n ESP /dev/nvme0n1p1
mkfs.btrfs -L ${hostname} /dev/nvme0n1p2
# Create our subvolumes
mount /dev/nvme0n1p2 /mnt/btrfs
btrfs subvolume create /mnt/btrfs/{root,nix,persist,swap}
umount /mnt/btrfs
# Prepare for installation
mount -o compress=zstd,subvol={root,nix,persist,swap} /dev/nvme0n1p2 /mnt/{nix,persist,swap}
mount /dev/nvme0n1p1 /mnt/boot
# Clone the configuration files and enter repo
git clone https://github.com/sajenim/dotfiles.nix.git && cd dotfiles.nix
# Install our system configuration
nixos-install --flake .#hostname
FAQ
- What is nix?
Nix is a tool that takes a unique approach to package management and system configuration. - Nix benefits
Nix is reproducible, declarative and reliable. - Why flakes?
Flakes allow you to specify your code's dependencies (e.g. remote Git repositories) in a declarative way, simply by listing them inside a flake.nix file.