Claude-skill-registry configuration-patterns

Enforce Nix + Pixi + direnv + Home-manager configuration patterns

install

source · Clone the upstream repo

git clone https://github.com/majiayu000/claude-skill-registry

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/configuration-patterns" ~/.claude/skills/majiayu000-claude-skill-registry-configuration-patterns && rm -rf "$T"

manifest: skills/data/configuration-patterns/SKILL.md

Configuration Patterns Skill

Hard Guardrails for configuration management in this repository. Reference:
docs/adr/adr-003-version-management.md

Architecture Overview

┌──────────────────────────────────────────────────────────────────┐
│                      USER ENVIRONMENT                             │
├──────────────────────────────────────────────────────────────────┤
│  direnv (.envrc)                                                  │
│    └── `use flake` → Automatic environment activation             │
├──────────────────────────────────────────────────────────────────┤
│  Nix Flake (flake.nix)                    Pixi (pixi.toml)       │
│  ├── System packages (git, helix)         ├── ROS2 Humble         │
│  ├── Development tools (cargo, gcc)       ├── Python packages     │
│  ├── LSP servers (pyright, nil)           ├── Node.js             │
│  └── Home-manager modules                 └── Conda ecosystem     │
├──────────────────────────────────────────────────────────────────┤
│  Home-manager Modules (modules/)                                  │
│  ├── common/    Cross-platform (shells, editor, direnv)          │
│  ├── linux/     Linux-specific (systemd, docker, udev)           │
│  └── macos/     macOS-specific (homebrew, system.nix)            │
├──────────────────────────────────────────────────────────────────┤
│  DevPod (.devcontainer/devcontainer.json)                        │
│    └── Remote development with Nix + volume caching              │
└──────────────────────────────────────────────────────────────────┘

Hard Guardrails

MUST USE

Tool	File	Purpose
Nix flakes	`flake.nix`	System packages, dev shells
Pixi	`pixi.toml`	ROS2, Python, conda packages
direnv	`.envrc`	Auto-activate `use flake`
Home-manager	`modules/`	User configuration
Lock files	`*.lock`	Reproducibility

MUST NOT USE

Tool	File	Violation
mise/rtx	`.mise.toml` , `.tool-versions`	Redundant with Nix + Pixi
asdf	`.asdfrc`	Superseded by mise, which is superseded by Nix
0install	`*.0install.xml`	Conflicts with Nix store
pyenv	`.python-version`	Use pixi.toml Python version
nvm	`.nvmrc`	Use pixi.toml or flake.nix Node.js
Symlinks	`*` (type=symlink)	Causes Git/Windows/tooling issues

Symlink Warning

Nix and Home-manager use symlinks by design:

~/.config/*

→

/nix/store/...-home-manager-files/...

```
~/.nix-profile
```
→
```
/nix/var/nix/profiles/...
```

If symlinks are unacceptable:

For project configs: Use actual files, not symlinks
For user dotfiles: Consider chezmoi instead of Home-manager
For Nix itself: No alternative - Nix fundamentally uses symlinks

Responsibility Matrix

Category	Primary Tool	File Location
System CLI tools	Nix	`flake.nix`
Development shells	Nix devshell	`flake.nix`
ROS2 packages	Pixi + RoboStack	`pixi.toml`
Python packages	Pixi + conda-forge	`pixi.toml`
Node.js runtime	Pixi or Nix	`pixi.toml` or `flake.nix`
Rust toolchain	Nix	`flake.nix`
Shell configuration	Home-manager	`modules/common/shell/`
Editor configuration	Home-manager	`modules/common/editor/`
Docker images	DevContainer	`.devcontainer/`

Validation Commands

# Validate configuration policies
conftest test . --policy .claude/policies/configuration.rego

# Check for forbidden files
ls .tool-versions .mise.toml .asdfrc 2>/dev/null && echo "VIOLATION!" || echo "OK"

# Verify direnv integration
grep -q "use flake" .envrc && echo "OK" || echo "VIOLATION: .envrc missing 'use flake'"

# Verify lock files exist
[[ -f flake.lock && -f pixi.lock ]] && echo "OK" || echo "VIOLATION: Missing lock files"

# Verify Home-manager module structure
find modules/ -name "*.nix" -exec grep -L "lib\|mkDefault\|mkOption" {} \;

When to Consider Alternatives

chezmoi (Dotfile Management)

Consider When:

Users need portable dotfiles across non-Nix systems
Template-heavy per-user configuration is needed
1Password/pass secret integration required

Do NOT Use For:

Project configuration (use
```
flake.nix
```
)
Development shells (use devshell)
Package management (use Nix/Pixi)

mise (Runtime Version Manager)

Consider When:

Non-Nix users need quick onboarding
Runtime version switching during active development
CI environments without Nix available

Do NOT Use For:

ROS2 packages (no RoboStack equivalent)
Reproducible builds (less rigorous than Nix)
Primary development workflow

Decision Tree

Need to manage configuration?
├── Project-level packages → Nix (flake.nix) or Pixi (pixi.toml)
├── Project-level shells → Nix devshell
├── User-level dotfiles?
│   ├── Nix system available → Home-manager
│   └── Portable/non-Nix → chezmoi
├── Runtime version switching?
│   ├── Reproducibility critical → Nix + pixi environments
│   └── Quick switching needed → mise (fallback only)
└── Remote development → DevPod with .devcontainer/

Module Patterns

Home-manager Module Template

# modules/common/example.nix
{ config, lib, pkgs, ... }:
let
  inherit (lib) mkDefault mkOption types;
in
{
  options.example = {
    enable = mkOption {
      type = types.bool;
      default = true;
      description = "Enable example configuration";
    };
  };

  config = lib.mkIf config.example.enable {
    # Configuration here
  };
}

direnv stdlib Extensions

# In modules/common/direnv.nix → programs.direnv.stdlib

# Enhanced use_flake with pixi integration
use_flake_pixi() {
  use flake
  if [[ -f pixi.toml ]]; then
    eval "$(pixi shell-hook)"
  fi
}

# ROS2 workspace layout
layout_ros2() {
  export ROS_DOMAIN_ID=${ROS_DOMAIN_ID:-0}
  if [[ -f install/local_setup.bash ]]; then
    source install/local_setup.bash
  fi
}

DevContainer Requirements

{
  "name": "project-name",
  "features": {
    "ghcr.io/devcontainers/features/nix:1": {
      "extraNixConfig": "experimental-features = nix-command flakes"
    }
  },
  "mounts": [
    "source=nix-store,target=/nix,type=volume"
  ],
  "postCreateCommand": "direnv allow && nix develop"
}

Enforcement Integration

Pre-commit Hook

# .pre-commit-config.yaml
repos:
  - repo: local
    hooks:
      - id: config-policy-check
        name: Configuration Policy Check
        entry: conftest test --policy .claude/policies/configuration.rego
        language: system
        files: '(flake\.nix|pixi\.toml|\.envrc|modules/.*\.nix)$'

CI Workflow

# .github/workflows/config-check.yml
name: Configuration Policy Check

on:
  push:
    paths:
      - 'flake.nix'
      - 'pixi.toml'
      - '.envrc'
      - 'modules/**'
      - '.devcontainer/**'

jobs:
  validate:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Check forbidden files
        run: |
          ! ls .tool-versions .mise.toml .asdfrc 2>/dev/null
      - name: Validate with conftest
        run: |
          conftest test . --policy .claude/policies/configuration.rego

Routing Command

@config - Route to Configuration Patterns validation

References

ADR-003:
```
docs/adr/adr-003-version-management.md
```
Tooling Analysis:
```
docs/TOOLING-ANALYSIS.md
```
OPA Policies:
```
.claude/policies/configuration.rego
```
direnv config:
```
modules/common/direnv.nix
```