reorganized and imported from README

add home lab page

Home Lab.md

@@ -0,0 +1,12 @@
+## Services
+| Service          | Description                       | Source/Runtime                       | Domain                           |
+|------------------|-----------------------------------|--------------------------------------|----------------------------------|
+| Nix Binary Cache | LAN cache for nix derivations.    | nix-serve (nixpkgs)                  | https://nixcache.raffauflabs.com |
+| Navidrome        | SubSonic-compatible music server. | nix-container (nixpkgs)              | https://music.raffauflabs.com    |
+| Plex             | Music, TV, and Movie streaming.   | OCI: plexinc/pms-docker:public       | https://plex.raffauflabs.com     |
+| Audiobookshelf   | Podcasts & audiobooks.            | OCI: advplyr/audiobookshelf:latest   | https://podcasts.raffauflabs.com |
+| FreshRSS         | RSS & News reader.                | OCI: freshrss/freshrss:latest        | https://news.raffauflabs.com     |
+| Transmission     | BitTorrent.                       | OCI: linuxserver/transmission:latest | Tailnet                          |
+| Samba            | LAN file shares.                  | nixpkgs                              | Tailnet                          |
+| Nginx            | Reverse proxy.                    | nixpkgs                              | Tailnet                          |
+| Ollama           | Runs opensource LLMs.             | nixpkgs                              | Tailnet                          |

Home.md

@@ -1 +1,33 @@
+1. [[Home Lab]]
+1. [[Hosts]]
 1. [[Networking]]
+1. [[Secrets]]
+
+## Deploying to NixOS
+> :red_circle: **Do not deploy this flake unmodified to your machine. It won't work.**
+> This is my own [NixOS](https://nixos.org/) and [home-manager](https://github.com/nix-community/home-manager) flake for my personal devices.
+> Each hardware configuration is host-specific. If you fork this repository, replace them with the hardware-configuration that NixOS generates for you.
+
+### Enabling Flakes
+While widely used and considered stable, [flakes](https://nixos.wiki/wiki/Flakes) are still considered experimental. To enable Flakes, add the following lines to your `configuration.nix` and rebuild.
+```nix
+nix.settings.experimental-features = [ "nix-command" "flakes" ];
+```
+
+Alternatively, pass `--experimental-features "nix-command flakes"` to `nix` to temporarily use flakes.
+
+### Building Flake
+In order to deploy this Flake on your host, run the following command:
+```console
+sudo nixos-rebuild boot --flake github:alyraffauf/nixcfg#$HOSTNAME
+```
+Substitute `$HOSTNAME` for whichever hostname you have chosen. Reboot to apply the flake's configuration for the chosen host.
+
+### Installing from Live USB
+> :red_circle: **This will erase your computer's disk** as specified by the host configuration, installing a fresh copy of NixOS. Backup first!
+
+If you want to install NixOS from this flake, run the following commands, ideally from a NixOS live environment, substituting `$HOSTNAME` with a NixOS configuration specified in `flake.nix`.
+```console
+sudo nix --experimental-features "nix-command flakes" run github:alyraffauf/nixcfg -- $HOSTNAME
+```
+

Hosts.md

@@ -0,0 +1,31 @@
+## Hosts
+
+| Host    | lavaridge            | petalburg               | rustboro               |
+|---------|----------------------|-------------------------|------------------------|
+| Model   | Framework Laptop 13  | Lenovo Yoga 9i Gen 8    | ThinkPad T440p         |
+| Display | 13.5" 2256x1504 60Hz | 14" 2880x1800 90hz OLED | 14" 1920x1080 60hz     |
+| CPU     | AMD Ryzen 7640U      | Intel Core i7-1360P     | Intel Core i5-4210M    |
+| RAM     | 32GB DDR5-5600Mhz    | 16GB LPDDR5-5200Mhz     | 16GB DDR3L-1600Mhz     |
+| GPU     | AMD Radeon 760M      | Intel Iris Xe Graphics  | Intel HD Graphics 4600 |
+| Storage | 1TB Sk hynix P41     | 512GB M.2 PCIe 4.0      | 512GB SATA SSD         |
+| Desktop | Hyprland             | Sway (tablet mode)      | Sway                   |
+
+| Host    | fallarbor              | mauville                |
+|---------|------------------------|-------------------------|
+| Model   | Framework Laptop 13    | Custom Mini-ITX Desktop |
+| Display | 13.5" 2256x1504 60Hz   | 34" 3440x1440 160Hz VA  |
+| CPU     | Intel Core i5-1135G7   | AMD Ryzen 5 2600        |
+| RAM     | 16GB DDR4-3200Mhz      | 16GB DDR4-3200Mhz       |
+| GPU     | Intel Iris Xe Graphics | AMD Radeon Rx 6700      |
+| Storage | 512GB M.2 PCIe 3.0     | 1TB M.2 PCIe 3.0        |
+| Desktop | Hyprland               | Sway                    |
+
+## Provisioning New Hosts
+1. Create `hosts/$HOSTNAME/default.nix` and other host-specific nix modules (e.g. `disko.nix`,`hardware.nix`, and `home.nix`).
+2. Add host to `nixosConfigurations` in `flake.nix`.
+3. (OPTIONAL) Generate a `cert.pem`, `key.pem`, and device ID for Syncthing with `syncthing -generate=$HOSTNAME`. Find the device ID in the generated `config.xml` and add it to `nixosModules/services/syncthing/default.nix`, encrypt the cert and key with agenix, and set them as appropriate in the host configuration.
+4. Install NixOS from this flake. Secrets will _not_ be available on first boot.
+5. Copy the new system's public SSH key (`/etc/ssh/ssh_host_ed25519_key.pub`) to the host configuration (`host/$HOSTNAME/ssh.pub`).
+6. Add the new public key to `secrets/secrets.nix` and rekey all secrets with `agenix --rekey`.
+7. Rebuild the new system from git. Secrets will be automatically decrypted and immediately available in `/run/agenix/`.
+8. (OPTIONAL) Generate a new user SSH key and add it to `nixosModules/users/default.nix` in order to enable passwordless logins to other hosts.