My NixOS and Home Manager config.
- Declarative disk partitioning with disko.
- LUKS full disk encryption and auto unlocking with TPM.
- Secure Boot with Lanzaboote.
- BTRFS with home directory snapshots.
- Secrets provisioning with sops-nix. The secrets are stored in a separate, private repo.
- The entire configuration is modularized and exported from the flake. This allows using selected (or all) parts in other flakes.
- Semi-automated installation.
See the Installation instruction.
I used this to learn about NixOS and might have copied some stuff from there.