UGA-Innovation-Factory/athenix
3
1
Fork 0
Code Issues Pull Requests Actions Projects Releases Activity

documentation overhaul

Browse Source
This commit is contained in:
Hunter Halloran
2025-12-17 09:25:51 -05:00
parent c7c8101b81
commit 22b1fc549b
9 changed files with 2141 additions and 944 deletions
Download Patch File Download Diff File Expand all files Collapse all files

700
README.md
View File

@@ -1,118 +1,105 @@
# UGA Innovation Factory - NixOS Systems
This repository contains the NixOS configuration for the Innovation Factory's fleet of laptops, desktops, surface tablets, and containers. It provides a declarative, reproducible system configuration using Nix flakes.
This repository contains the NixOS configuration for the Innovation Factory's fleet of laptops, desktops, Surface tablets, and containers. It provides a declarative, reproducible system configuration using Nix flakes.
## Table of Contents
## Documentation
- [Quick Start](#quick-start)
- [Repository Structure](#repository-structure)
- [Configuration Namespace](#configuration-namespace)
- [User Management](#user-management)
- [Host Configuration](#host-configuration)
- [External Modules](#external-modules)
- [Building Artifacts](#building-artifacts)
- [Development](#development)
- [Troubleshooting](#troubleshooting)
- **[Quick Start](#quick-start)** - Get started in 5 minutes
- **[docs/INVENTORY.md](docs/INVENTORY.md)** - Configure hosts and fleet inventory
- **[docs/NAMESPACE.md](docs/NAMESPACE.md)** - Configuration options reference (`ugaif.*`)
- **[docs/USER_CONFIGURATION.md](docs/USER_CONFIGURATION.md)** - User account management
- **[docs/EXTERNAL_MODULES.md](docs/EXTERNAL_MODULES.md)** - External configuration modules
- **[docs/BUILDING.md](docs/BUILDING.md)** - Build ISOs and container images
- **[docs/DEVELOPMENT.md](docs/DEVELOPMENT.md)** - Development and testing workflow
## Quick Start
### For End Users: Updating Your System
### For End Users
Update your system to the latest configuration from GitHub:
Update your system to the latest configuration:
```bash
update-system
```
This command automatically:
- Fetches the latest configuration
- Rebuilds your system
- Uses remote builders on Surface tablets to speed up builds
This command automatically fetches the latest configuration, rebuilds your system, and uses remote builders on Surface tablets to speed up builds.
**Note:** If you use external user configurations (personal dotfiles), run `sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems --impure` instead.
**Note:** If you use external user configurations (personal dotfiles), run:
```bash
sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems --impure
```
### For Administrators: Applying Configuration Changes
### For Administrators
1. Make changes to configuration files
2. Test the configuration builds:
```bash
nix flake check
```
3. Commit and push changes:
```bash
git add .
git commit -m "Description of changes"
git push
```
4. Users can now run `update-system` to get the changes
```bash
# 1. Make changes to configuration files
vim inventory.nix
# 2. Test configuration
nix flake check
# 3. Format code
nix fmt
# 4. Commit and push
git add .
git commit -m "Description of changes"
git push
```
Users can now run `update-system` to get the changes.
**See [docs/DEVELOPMENT.md](docs/DEVELOPMENT.md) for detailed development workflow.**
## Repository Structure
```
nixos-systems/
├── flake.nix # Flake entry point with inputs/outputs
├── inventory.nix # Fleet inventory (hosts, types, counts)
├── users.nix # User account definitions
├── hosts/ # Host generation logic and hardware types
│ ├── default.nix # Core host generation functions
── types/ # Hardware type definitions
│ │ ├── nix-desktop.nix
│ │ ├── nix-laptop.nix
│ │ ├── nix-surface.nix
│ │ ├── nix-lxc.nix
│ │ ├── nix-wsl.nix
│ │ └── nix-ephemeral.nix
│ └── user-config.nix # User configuration integration
├── flake.nix # Flake entry point
├── inventory.nix # Fleet inventory - Define hosts here
├── users.nix # User accounts - Define users here
├── hosts/ # Host generation logic
│ ├── types/ # Hardware types (desktop, laptop, surface, lxc, wsl, ephemeral)
── ...
├── sw/ # Software configurations by system type
│ ├── desktop/ # Desktop system software
│ ├── tablet-kiosk/ # Surface tablet kiosk mode
│ ├── stateless-kiosk/# Stateless kiosk systems
│ ├── headless/ # Headless server systems
── ghostty.nix # Ghostty terminal emulator
│ ├── nvim.nix # Neovim configuration
│ ├── python.nix # Python development tools
│ ├── theme.nix # UI theme configuration
│ └── updater.nix # System update service
├── installer/ # Build artifact generation
│ ├── artifacts.nix # ISO, LXC, Proxmox builds
│ ├── auto-install.nix # Automated installer
│ └── modules.nix # Exported modules
│ ├── desktop/ # Full desktop environment
│ ├── tablet-kiosk/ # Surface kiosk mode
│ ├── stateless-kiosk/# Diskless PXE kiosks
│ ├── headless/ # Servers and containers
── ...
├── installer/ # ISO and container builds
├── templates/ # Templates for external configs
│ ├── system/ # System configuration template
│ └── user/ # User configuration template
├── docs/ # Documentation
│ ├── INVENTORY.md # Host configuration guide
│ ├── NAMESPACE.md # Option reference
│ ├── BUILDING.md # Building artifacts
│ └── DEVELOPMENT.md # Development guide
└── assets/ # Assets (Plymouth theme, etc.)
```
## Configuration Namespace
## Configuration Overview
All UGA Innovation Factory-specific options are under the `ugaif` namespace:
All Innovation Factory options use the `ugaif.*` namespace. See **[docs/NAMESPACE.md](docs/NAMESPACE.md)** for complete reference.
### `ugaif.host` - Hardware Configuration
- **`ugaif.host.filesystem`**: Disk device and swap size settings
- `ugaif.host.filesystem.device` - Boot disk device (default: `/dev/sda`)
- `ugaif.host.filesystem.swapSize` - Swap file size (default: `"32G"`)
- **`ugaif.host.buildMethods`**: List of supported artifact types (`["iso"]`, `["lxc", "proxmox"]`, etc.)
- **`ugaif.host.useHostPrefix`**: Whether to prepend type prefix to hostname (default: `true`)
- **`ugaif.host.wsl`**: WSL-specific configuration
- `ugaif.host.wsl.user` - Default WSL user
**Quick examples:**
### `ugaif.sw` - Software Configuration
- **`ugaif.sw.enable`**: Enable software configuration module (default: `true`)
- **`ugaif.sw.type`**: System type - `"desktop"`, `"tablet-kiosk"`, `"stateless-kiosk"`, or `"headless"`
- **`ugaif.sw.kioskUrl`**: URL for kiosk mode browsers
- **`ugaif.sw.python`**: Python development tools configuration
- `ugaif.sw.python.enable` - Enable Python tools (pixi, uv)
- **`ugaif.sw.remoteBuild`**: Remote build configuration
- `ugaif.sw.remoteBuild.enable` - Use remote builders (default: enabled on tablets)
- `ugaif.sw.remoteBuild.hosts` - List of build servers
- **`ugaif.sw.extraPackages`**: Additional system packages to install
```nix
# Host configuration
ugaif.host.filesystem.device = "/dev/nvme0n1";
ugaif.host.filesystem.swapSize = "64G";
### `ugaif.users` - User Management
- **`ugaif.users.accounts`**: Attrset of user definitions with account settings
- **`ugaif.users.enabledUsers`**: List of users to enable on this system (default: `["root", "engr-ugaif"]`)
- **`ugaif.forUser`**: Convenience option to set up a system for a specific user (sets `enabledUsers` and `wslUser`)
# Software configuration
ugaif.sw.type = "desktop"; # or "headless", "tablet-kiosk"
ugaif.sw.extraPackages = with pkgs; [ vim docker ];
### Prerequisites
# User management
ugaif.users.myuser.enable = true;
ugaif.forUser = "myuser"; # Convenience shortcut
```
## Prerequisites
To work with this repository, install Nix with flakes support:
@@ -120,538 +107,157 @@ To work with this repository, install Nix with flakes support:
# Recommended: Determinate Systems installer (includes flakes)
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
# Alternative: Official installer (requires enabling flakes)
# Alternative: Official installer (requires enabling flakes manually)
sh <(curl -L https://nixos.org/nix/install) --daemon
```
## User Management
### Understanding User Configuration
Users are defined in `users.nix` but are **not enabled by default** on all systems. Each system must explicitly enable users via `ugaif.users.enabledUsers` in `inventory.nix`.
**Default enabled users on all systems:**
- `root` - System administrator
- `engr-ugaif` - Innovation Factory default account
## Common Tasks
### Adding a New User
1. Edit `users.nix` and add a new user:
1. Edit `users.nix`:
```nix
ugaif.users.accounts = {
# ... existing users ...
myuser = {
description = "My Full Name";
extraGroups = [ "networkmanager" "wheel" ];
shell = pkgs.zsh; # or pkgs.bash, pkgs.fish
hashedPassword = "$6$..."; # Generate with: mkpasswd -m sha-512
opensshKeys = [
"ssh-ed25519 AAAA... user@machine"
];
# enable = false; # Will be enabled per-system in inventory.nix
};
myuser = {
description = "My Full Name";
extraGroups = [ "wheel" "networkmanager" ];
shell = pkgs.zsh;
hashedPassword = "$6$..."; # Generate with: mkpasswd -m sha-512
opensshKeys = [ "ssh-ed25519 AAAA... user@host" ];
};
```
2. Generate a hashed password:
```bash
mkpasswd -m sha-512 # Enter password when prompted
```
3. Enable the user on specific hosts in `inventory.nix`:
2. Enable on hosts in `inventory.nix`:
```nix
nix-laptop = {
devices = 2;
overrides.extraUsers = [ "myuser" ]; # Enables on all nix-laptop hosts
overrides.ugaif.users.myuser.enable = true;
};
```
**See [docs/USER_CONFIGURATION.md](docs/USER_CONFIGURATION.md) for complete user management guide.**
### Adding Hosts
Edit `inventory.nix`:
```nix
# Simple: Create 5 laptops
nix-laptop = {
devices = 5; # Creates nix-laptop1 through nix-laptop5
};
# Or for individual devices:
nix-desktop = {
# With configuration
nix-surface = {
devices = {
"1".extraUsers = [ "myuser" "otheruser" ];
"1".ugaif.sw.kioskUrl = "https://dashboard1.example.com";
"2".ugaif.sw.kioskUrl = "https://dashboard2.example.com";
};
};
# With overrides for all devices
nix-desktop = {
devices = 3;
overrides = {
ugaif.users.student.enable = true;
ugaif.sw.extraPackages = with pkgs; [ vim ];
};
};
```
### User Configuration Options
**See [docs/INVENTORY.md](docs/INVENTORY.md) for complete host configuration guide.**
Each user in `users.nix` can have:
### Using External Configurations
Users and systems can reference external Git repositories for configuration:
```nix
# In users.nix - External dotfiles
myuser = {
description = "Full Name"; # User's full name
isNormalUser = true; # Default: true
extraGroups = [ ... ]; # Additional groups (wheel, docker, etc.)
shell = pkgs.zsh; # Login shell
hashedPassword = "$6$..."; # Hashed password
opensshKeys = [ "ssh-ed25519 ..." ]; # SSH public keys
homePackages = with pkgs; [ ... ]; # Home-manager packages (if no external config)
useZshTheme = true; # Use system Zsh theme (default: true)
useNvimPlugins = true; # Use system Neovim config (default: true)
# External home-manager configuration (optional)
description = "My Name";
home = builtins.fetchGit {
url = "https://github.com/username/dotfiles";
rev = "abc123...";
};
};
```
### External User Configuration
Users can maintain their dotfiles and home-manager configuration in separate repositories. See [External Modules](#external-modules) and [USER_CONFIGURATION.md](USER_CONFIGURATION.md) for details.
**Quick example:**
```nix
myuser = {
description = "My Name";
home = builtins.fetchGit {
url = "https://github.com/username/dotfiles";
rev = "commit-hash";
};
};
```
The external repository should contain:
- `home.nix` (required) - Home-manager configuration
- `nixos.nix` (optional) - System-level user configuration
**Create a template:**
```bash
nix flake init -t github:UGA-Innovation-Factory/nixos-systems#user
```
## Host Configuration
### Understanding Inventory Structure
The `inventory.nix` file defines all hosts in the fleet using a flexible system:
**Hostname Generation Rules:**
- Numeric suffixes: no dash (e.g., `nix-laptop1`, `nix-laptop2`)
- Non-numeric suffixes: with dash (e.g., `nix-laptop-alpha`, `nix-laptop-beta`)
- Set `ugaif.host.useHostPrefix = false` to use suffix as full hostname
### Adding Hosts
**Method 1: Quick count (simplest)**
```nix
nix-laptop = {
devices = 5; # Creates: nix-laptop1, nix-laptop2, ..., nix-laptop5
};
```
**Method 2: Explicit count with overrides**
```nix
nix-laptop = {
devices = 5;
overrides = {
# Applied to ALL nix-laptop hosts
extraUsers = [ "student" ];
ugaif.sw.extraPackages = with pkgs; [ vim git ];
};
};
```
**Method 3: Individual device configuration**
```nix
nix-surface = {
devices = {
"1".ugaif.sw.kioskUrl = "https://dashboard1.example.com";
"2".ugaif.sw.kioskUrl = "https://dashboard2.example.com";
"3".ugaif.sw.kioskUrl = "https://dashboard3.example.com";
};
};
```
**Method 4: Mixed (default count + custom devices)**
```nix
nix-surface = {
defaultCount = 2; # Creates nix-surface1, nix-surface2
devices = {
"special" = { # Creates nix-surface-special
ugaif.sw.kioskUrl = "https://special-dashboard.example.com";
};
};
overrides = {
# Applied to all devices (including "special")
ugaif.sw.kioskUrl = "https://default-dashboard.example.com";
};
};
```
### Device Configuration Options
**Convenience shortcuts** (automatically converted to proper options):
- `extraUsers` → `ugaif.users.enabledUsers`
- `hostname` → Custom hostname (overrides default naming)
- `buildMethods` → `ugaif.host.buildMethods`
- `wslUser` → `ugaif.host.wsl.user`
**Direct configuration** (any NixOS or ugaif option):
```nix
"1" = {
# Convenience
extraUsers = [ "myuser" ];
# UGAIF options
ugaif.host.filesystem.swapSize = "64G";
ugaif.sw.extraPackages = with pkgs; [ docker ];
ugaif.sw.kioskUrl = "https://example.com";
# Standard NixOS options
networking.firewall.enable = false;
services.openssh.enable = true;
time.timeZone = "America/New_York";
};
```
### Convenience: `ugaif.forUser`
Quick setup for single-user systems (especially WSL):
```nix
nix-wsl = {
devices = {
"alice".ugaif.forUser = "alice-username";
};
};
```
This automatically:
- Adds user to `extraUsers` (enables the account)
- Sets `ugaif.host.wsl.user` to the username (for WSL)
### External System Configuration
For complex configurations, use external modules. See [External Modules](#external-modules) and [EXTERNAL_MODULES.md](EXTERNAL_MODULES.md).
```nix
# In inventory.nix - External system config
nix-lxc = {
devices = {
"special-server" = builtins.fetchGit {
url = "https://github.com/org/server-config";
rev = "abc123...";
};
devices."server" = builtins.fetchGit {
url = "https://github.com/org/server-config";
rev = "abc123...";
};
};
```
**Create a template:**
**Create templates:**
```bash
# User configuration (dotfiles)
nix flake init -t github:UGA-Innovation-Factory/nixos-systems#user
# System configuration
nix flake init -t github:UGA-Innovation-Factory/nixos-systems#system
```
## External Modules
**See [docs/EXTERNAL_MODULES.md](docs/EXTERNAL_MODULES.md) for complete guide.**
External modules allow you to maintain user or system configurations in separate Git repositories and reference them from `users.nix` or `inventory.nix`.
### Benefits
- **Separation**: Keep configs in separate repositories
- **Versioning**: Pin to specific commits for reproducibility
- **Reusability**: Share configurations across deployments
- **Flexibility**: Mix external modules with local overrides
### Templates
Initialize a new external configuration:
### Building Installation Media
```bash
# User configuration (home-manager, dotfiles)
nix flake init -t github:UGA-Innovation-Factory/nixos-systems#user
# System configuration (services, packages, hardware)
nix flake init -t github:UGA-Innovation-Factory/nixos-systems#system
```
### User Module Example
In `users.nix`:
```nix
myuser = {
description = "My Name";
home = builtins.fetchGit {
url = "https://github.com/username/dotfiles";
rev = "abc123..."; # Pin to specific commit
};
};
```
External repository structure:
```
dotfiles/
├── home.nix # Required: Home-manager configuration
└── nixos.nix # Optional: System-level user configuration
```
See [USER_CONFIGURATION.md](USER_CONFIGURATION.md) and [templates/user/](templates/user/) for details.
### System Module Example
In `inventory.nix`:
```nix
nix-lxc = {
devices = {
"custom-server" = builtins.fetchGit {
url = "https://github.com/org/server-config";
rev = "abc123...";
};
};
};
```
External repository structure:
```
server-config/
└── default.nix # Required: NixOS module
```
See [EXTERNAL_MODULES.md](EXTERNAL_MODULES.md) and [templates/system/](templates/system/) for details.
### Fetch Methods
**Recommended: fetchGit with revision**
```nix
builtins.fetchGit {
url = "https://github.com/user/repo";
rev = "abc123def456..."; # Full commit hash
ref = "main"; # Optional: branch name
}
```
**Local path (for testing)**
```nix
/path/to/local/config
```
**Tarball (for releases)**
```nix
builtins.fetchTarball {
url = "https://github.com/user/repo/archive/v1.0.0.tar.gz";
sha256 = "sha256:...";
}
```
## Building Artifacts
Build installation media and container images from this flake.
### Installer ISOs
Build an auto-install ISO for a specific host:
```bash
# Build locally
# Build installer ISO
nix build github:UGA-Innovation-Factory/nixos-systems#installer-iso-nix-laptop1
# Build using remote builder
nix build github:UGA-Innovation-Factory/nixos-systems#installer-iso-nix-laptop1 \
--builders "ssh://engr-ugaif@nix-builder x86_64-linux"
```
# Build LXC container
nix build .#lxc-nix-builder
Result: `result/iso/nixos-*.iso`
### Available Artifacts
```bash
# List all available builds
# List all available artifacts
nix flake show github:UGA-Innovation-Factory/nixos-systems
# Common artifacts:
nix build .#installer-iso-nix-laptop1 # Installer ISO
nix build .#iso-nix-ephemeral1 # Live ISO (no installer)
nix build .#ipxe-nix-ephemeral1 # iPXE netboot
nix build .#lxc-nix-builder # LXC container tarball
nix build .#proxmox-nix-builder # Proxmox VMA
```
### Using Remote Builders
**See [docs/BUILDING.md](docs/BUILDING.md) for complete guide on building ISOs, containers, and using remote builders.**
Speed up builds by offloading to a build server:
## System Types
```bash
# In ~/.config/nix/nix.conf or /etc/nix/nix.conf:
builders = ssh://engr-ugaif@nix-builder x86_64-linux
- **`desktop`** - Full GNOME desktop environment
- **`tablet-kiosk`** - Surface tablets in kiosk mode
- **`stateless-kiosk`** - Diskless PXE boot kiosks
- **`headless`** - Servers and containers (no GUI)
# Or use --builders flag for one-time builds
nix build ... --builders "ssh://engr-ugaif@nix-builder x86_64-linux"
```
Set via `ugaif.sw.type` option. See [docs/NAMESPACE.md](docs/NAMESPACE.md) for all options.
## Development
### Testing Configuration Changes
Before committing changes:
**Quick commands:**
```bash
# Check all configurations build correctly
nix flake check
# Check with verbose trace on error
nix flake check --show-trace
# Build a specific host configuration
nix build .#nixosConfigurations.nix-laptop1.config.system.build.toplevel
# Test rebuild locally
sudo nixos-rebuild test --flake .
nix flake check # Validate all configurations
nix fmt # Format code
nix flake update # Update dependencies
nix build .#installer-iso-nix-laptop1 # Build specific artifact
```
### Manual System Rebuilds
For testing or emergency fixes:
```bash
# Rebuild current host from local directory
sudo nixos-rebuild switch --flake .
# Rebuild specific host
sudo nixos-rebuild switch --flake .#nix-laptop1
# Test without switching (temporary, doesn't persist reboot)
sudo nixos-rebuild test --flake .#nix-laptop1
# Rebuild from GitHub
sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems
```
### Updating Flake Inputs
Update nixpkgs, home-manager, and other dependencies:
```bash
# Update all inputs
nix flake update
# Update specific input
nix flake lock --update-input nixpkgs
# After updating, test and commit
git add flake.lock
git commit -m "Update flake inputs"
```
### Python Development
All systems include `pixi` and `uv` for project-based Python environments:
**Pixi (recommended for projects):**
```bash
pixi init my-project
cd my-project
pixi add pandas numpy matplotlib
pixi run python script.py
```
**uv (quick virtual environments):**
```bash
uv venv
source .venv/bin/activate
uv pip install requests
```
### Adding Packages System-Wide
**To all desktop systems:**
- Edit `sw/desktop/programs.nix`
**To all tablet kiosks:**
- Edit `sw/tablet-kiosk/programs.nix`
**To all headless systems:**
- Edit `sw/headless/programs.nix`
**To specific hosts:**
- Add to `ugaif.sw.extraPackages` in `inventory.nix`
Example:
```nix
nix-laptop = {
devices = 2;
overrides = {
ugaif.sw.extraPackages = with pkgs; [ vim docker ];
};
};
```
### Changing System Type
System types are defined in `hosts/types/` and set the software profile:
- **`desktop`**: Full desktop environment (GNOME)
- **`tablet-kiosk`**: Surface tablets with kiosk mode browser
- **`stateless-kiosk`**: Diskless PXE boot kiosks
- **`headless`**: Servers and containers without GUI
To change a host's type, edit the type module it imports in `hosts/types/`.
**See [docs/DEVELOPMENT.md](docs/DEVELOPMENT.md) for complete development guide.**
## Troubleshooting
### Common Issues
**Common issues:**
**"error: executing 'git': No such file or directory"**
- The `update-system` service needs git in PATH (fixed in latest version)
- Workaround: Run `sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems` manually
- **Build errors:** Run `nix flake check --show-trace` for details
- **External modules not loading:** Check repository access and module structure (see templates)
- **Remote build failures:** Test SSH access: `ssh engr-ugaif@nix-builder`
- **Out of disk space:** Run `nix-collect-garbage -d && nix store optimise`
**Build errors after flake update**
**Useful commands:**
```bash
# Check what changed
git diff flake.lock
# Try with show-trace for details
nix flake check --show-trace
# Revert if needed
git checkout flake.lock
nix flake show # List all available outputs
nix flake metadata # Show flake info
nix eval .#nixosConfigurations --apply builtins.attrNames # List all hosts
```
**External modules not loading**
- Ensure repository is accessible (public or SSH configured)
- Module must export proper structure (see templates)
- For users: requires `home.nix` and optionally `nixos.nix`
- For systems: requires `default.nix` that accepts `{ inputs, ... }`
**See [docs/DEVELOPMENT.md](docs/DEVELOPMENT.md) and [docs/BUILDING.md](docs/BUILDING.md) for detailed troubleshooting.**
**Remote build failures**
```bash
# Test SSH access
ssh engr-ugaif@nix-builder
## Getting Help
# Check builder disk space
ssh engr-ugaif@nix-builder df -h
# Temporarily disable remote builds in inventory.nix:
ugaif.sw.remoteBuild.enable = false;
```
**"dirty git tree" warnings**
- Commit or stash uncommitted changes
- These warnings don't prevent builds but affect reproducibility
### Getting Help
- Check documentation: [USER_CONFIGURATION.md](USER_CONFIGURATION.md), [EXTERNAL_MODULES.md](EXTERNAL_MODULES.md)
- Review templates: `templates/user/` and `templates/system/`
- Review documentation in `docs/` directory
- Check templates: `templates/user/` and `templates/system/`
- Contact Innovation Factory IT team
### Useful Commands
```bash
# Show all available outputs
nix flake show
# Evaluate a specific option
nix eval .#nixosConfigurations.nix-laptop1.config.networking.hostName
# List all hosts
nix eval .#nixosConfigurations --apply builtins.attrNames
# Check flake metadata
nix flake metadata
# Update and show what changed
nix flake update && git diff flake.lock
```