Skip to content

Architecture

This section explains how the configuration is built and, more importantly, why each choice was made. Every page leads with the problem it solves.

  • Philosophy & Why

    The guiding principles: explicitness, thin hosts, trusting the module system, security by default.

  • Host Template System

    One parameterised template builds every host. How profile selects workstation vs laptop behaviour.

  • Feature Flags

    Typed feature toggles with dependency and conflict validation — the dials that shape each host.

  • Hardware Profiles

    AMD / NVIDIA / Intel GPU stacks abstracted into reusable profiles.

  • Overlays

    How custom packages and upstream fixes are layered onto nixpkgs.

  • Theming (Stylix)

    A single base16 palette driving colours across the whole desktop stack.

  • Secrets (agenix)

    Age-encrypted secrets committed to git and loaded at runtime, never at evaluation.

  • Home Manager

    User environments as a flake module — activated by the system rebuild.

The data flow

flowchart TD
    A[flake.nix] -->|profile + hostUsers| B[lib/hostTypes.nix]
    B --> C[hosts/templates/desktop.nix]
    C -->|explicit imports| D[modules/ tree]
    H[hosts/<name>/variables.nix] --> C
    SV[shared-variables.nix] --> H
    HP[hardware-profiles/*.nix] --> H
    D -->|features.*| E[Enabled services & programs]
    F[home/ profiles] -->|HM flake module| E
    S[secrets/*.age] -->|runtime| E
    style A fill:#5e35b1,color:#fff
    style E fill:#00897b,color:#fff