Introduction
Darkone NixOS Framework is a working base for a multi-user, multi-services and multi-host configuration.
- 🔥 Declarative, reproducible, immutable 🡕.
- 🚀 Ready-to-use modules 🡕.
- ❄️ Simple main configuration 🡕.
- 🧩 Consistent structure 🡕.
- 🌎 A full network.
Features
Section titled “Features”| Feature | Description | |
|---|---|---|
| ⚙️ | Quick install | Fully automated host install with nixos-anywhere 🡕 & disko 🡕 Fully automated host update with colmena 🡕 |
| 👤 | User profiles | User profiles 🡕 and modules 🡕 with Home Manager 🡕 Admin, Nix-Admin, Developer, Gamer, Student, Beginner, Child… |
| 🖥️ | Host profiles | Profiles for hosts 🡕 with the option to customize each one Workstation, Laptop, Server, VM, Gateway, VPN Coordination… |
| 🌐 | Tailnet VPN | Full-mesh VPN 🡕 with headscale 🡕 + tailscale 🡕, independent subnets |
| 🛡️ | Ad-Free web | Secure, ad-free internet with AdguardHome 🡕 and effective firewall |
| 🧩 | SSO | Authentication with Kanidm 🡕: one identity for (almost) all services |
| 🤗 | Services | Immich 🡕, Nextcloud 🡕, Forgejo 🡕, Vaultwarden 🡕, Mattermost 🡕, Jellyfin 🡕, etc. 🡕 |
| 💻 | Clean Gnome | NixOS hosts with streamlined GNOME UI 🡕 + stable and useful apps |
| 💾 | Backups | Robust and widespread 3-2-1 backups with Restic 🡕 |
| 🏠 | Homepage | Automated homepage -> quick access to all configured services |
Specificities
Section titled “Specificities”| Specificity | Description | |
|---|---|---|
| ❄️ | Declarative & Immutable | Fully reproducible configuration based on Nix / NixOS 🡕 |
| 🔑 | Enhanced security | Simple and reliable security strategy with sops-nix 🡕 |
| 📦 | High-level modules | High-level NixOS modules 🡕, easy to enable and use |
| 📐 | Consistent architecture | Extensible and scalable architecture 🡕 |
| ✴️ | Reverse proxy | Distributed services with Caddy 🡕 proxies |
| 🛜 | Auto-networking | Zero-conf network plumbing with dnsmasq 🡕 |
Files organisation
Section titled “Files organisation”Main folders:
dnf-> Framework: tools + modules + profiles (users, hosts, themes)usr-> Local project: config, modules + profiles, machines, userssrc-> Generator and scripts for toolsvar-> Generated files and logsdoc-> Framework documentation
Layers
Section titled “Layers”The lower layers serve the upper layers.
The configurations are also organized by category:
- Standard modules: Ready-to-use simple modules.
- Mixin modules: Ready-to-use collections of modules.
- Home profiles: Home Manager 🡕 configurations for each user profile.
- Tools & configurations: Manage the generation and quality of Nix declarations.
Structure
Section titled “Structure”- flake.nix Main flake
- Justfile Project management with just
Directorydnf/ Framework (modules & common files)
Directorymodules/ Framework modules
Directorystandard Standard nix modules
Directorysystem/ System / Hardware configurations
- …
Directoryconsole/ CLI applications
- …
Directorygraphic/ X applications
- …
Directoryservice/ Daemons
- …
Directoryadmin/ Nix administration settings
- …
Directoryuser/ User management (not home)
- …
Directorymixin Mixin modules
Directoryhost/ Host profiles (desktop, server…)
- …
Directoryprofile/ Host profiles (student, admin…)
- …
Directoryhome Home Manager configuration
Directorymodules/ HM Modules (features)
- …
Directoryprofiles/ admin, student, advanced…
- …
Directoryusr/ Writable zone for local network project
- config.yaml Local configuration used by the generator
Directorymodules/ Local nixos modules, the same as
dnf/modules- …
Directoryhome/ Local HM conf, the same as
dnf/home- …
Directorysecrets/ Local secrets file
- secret.yaml SOPS secrets
Directorymachines/ Host specific confs (hardware, overload)
- …
Directoryusers/ User specific confs (stateVersion, overload)
- …
Directoryvar/ Generated files
Directorylog/
- …
Directorygenerated/ Generated nix files
- hosts.nix Hosts to deploy
- users.nix Users to deploy
- network.nix Local network configuration
Directorysrc/ Generator sources
- …
Directorydoc/ This documentation
- …