القائمة
Nix Best Practices
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Bash Shell Script Development Guidelines
Go Project Planning Skill
Godot C# Game Development Skill
Godot Game Development Skill
Golang Development Guidelines
Grill Me - Relentless Design Interview
| name | nix |
| description | Nix Best Practices |
Comprehensive guide for working with Nix, including flakes, NixOS, home-manager, nix-darwin, and development environments.
Always prefer flakes over channels for new projects. Flakes provide:
flake.lock# In configuration.nix or nix.conf
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nixos-config/
├── flake.nix # Entry point
├── flake.lock # Pinned dependencies
├── systems/ # Per-machine configs
│ ├── x86_64-linux/
│ │ └── hostname/default.nix
│ └── aarch64-darwin/
│ └── hostname/default.nix
├── modules/
│ ├── nixos/ # NixOS-specific modules
│ ├── darwin/ # macOS-specific modules
│ └── home/ # Home-manager (cross-platform)
├── homes/ # Per-user home-manager configs
├── packages/ # Custom packages
└── secrets/ # Encrypted secrets (sops-nix)
Configurations build up in layers, each can override the previous:
# BAD: Implicit scope with `with`
environment.systemPackages = with pkgs; [ git vim wget ];
# GOOD: Explicit references
environment.systemPackages = [ pkgs.git pkgs.vim pkgs.wget ];
# Or use a let binding
environment.systemPackages = let p = pkgs; in [ p.git p.vim p.wget ];
# Build and switch NixOS configuration
sudo nixos-rebuild switch --flake .#hostname
# Build and switch nix-darwin
darwin-rebuild switch --flake .#hostname
# Build home-manager standalone
home-manager switch --flake .#user@hostname
# Update all flake inputs
nix flake update
# Update specific input
nix flake update nixpkgs
# Search packages
nix search nixpkgs packagename
# Enter development shell
nix develop
# Garbage collection (with generation cleanup)
sudo nix-collect-garbage -d --delete-older-than 7d
# Show flake outputs
nix flake show
# Check flake for errors
nix flake check
{
description = "NixOS configuration";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; # Avoid duplicate nixpkgs
};
};
outputs = { self, nixpkgs, home-manager, ... }@inputs: {
nixosConfigurations.hostname = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; }; # Pass inputs to modules
modules = [
./configuration.nix
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.username = import ./home.nix;
}
];
};
};
}
# modules/home/git/default.nix
{ config, lib, pkgs, ... }:
let
cfg = config.custom.git;
in {
options.custom.git = {
enable = lib.mkEnableOption "Git configuration";
userName = lib.mkOption {
type = lib.types.str;
description = "Git user name";
};
userEmail = lib.mkOption {
type = lib.types.str;
description = "Git user email";
};
};
config = lib.mkIf cfg.enable {
programs.git = {
enable = true;
userName = cfg.userName;
userEmail = cfg.userEmail;
extraConfig = {
init.defaultBranch = "main";
pull.rebase = true;
};
};
};
}
# In flake.nix inputs
sops-nix.url = "github:Mic92/sops-nix";
# In configuration
sops = {
defaultSopsFile = ./secrets/secrets.yaml;
age.keyFile = "/var/lib/sops-nix/key.txt";
secrets.my-secret = {};
};
| Library | Purpose |
|---|---|
| Snowfall Lib | Standardized config structure |
| sops-nix | Encrypted secrets in git |
| home-manager | User environment management |
| nix-darwin | macOS declarative config |
| flake-utils | Multi-system helpers |
| devenv | Simplified dev environments |
follows to avoid duplicate nixpkgs in inputswith pkgslib.mkIf for conditional configurationnixos-rebuild build first