mirror of
https://github.com/alyraffauf/nixcfg.git
synced 2024-11-21 22:53:56 -05:00
reorganized top levels
parent
65c254d4df
commit
de54fef058
12
Home Lab.md
12
Home Lab.md
|
@ -1,12 +0,0 @@
|
|||
## Services
|
||||
| Service | Description | Source/Runtime | Domain |
|
||||
|------------------|-----------------------------------|--------------------------------------|----------------------------------|
|
||||
| Nix Binary Cache | LAN cache for nix derivations. | nix-serve (nixpkgs) | https://nixcache.raffauflabs.com |
|
||||
| Navidrome | SubSonic-compatible music server. | nix-container (nixpkgs) | https://music.raffauflabs.com |
|
||||
| Plex | Music, TV, and Movie streaming. | OCI: plexinc/pms-docker:public | https://plex.raffauflabs.com |
|
||||
| Audiobookshelf | Podcasts & audiobooks. | OCI: advplyr/audiobookshelf:latest | https://podcasts.raffauflabs.com |
|
||||
| FreshRSS | RSS & News reader. | OCI: freshrss/freshrss:latest | https://news.raffauflabs.com |
|
||||
| Transmission | BitTorrent. | OCI: linuxserver/transmission:latest | Tailnet |
|
||||
| Samba | LAN file shares. | nixpkgs | Tailnet |
|
||||
| Nginx | Reverse proxy. | nixpkgs | Tailnet |
|
||||
| Ollama | Runs opensource LLMs. | nixpkgs | Tailnet |
|
6
Home.md
6
Home.md
|
@ -1,7 +1,9 @@
|
|||
1. [[Home Lab]]
|
||||
1. [[Hosts]]
|
||||
1. [[Networking]]
|
||||
1. [[Secrets]]
|
||||
1. [[nixosModules]]
|
||||
1. [[homeManagerModules]]
|
||||
1. [[Tips & Tricks]]
|
||||
|
||||
|
||||
## Deploying to NixOS
|
||||
> :red_circle: **Do not deploy this flake unmodified to your machine. It won't work.**
|
||||
|
|
23
Hosts.md
23
Hosts.md
|
@ -18,12 +18,17 @@
|
|||
| Storage | 512GB M.2 PCIe 3.0 | 1TB M.2 PCIe 3.0 |
|
||||
| Desktop | Hyprland | Sway |
|
||||
|
||||
## Provisioning New Devices
|
||||
1. Create `hosts/$HOSTNAME/default.nix` and other host-specific nix modules (e.g. `disko.nix`,`hardware.nix`, and `home.nix`).
|
||||
2. Add host to `nixosConfigurations` in `flake.nix`.
|
||||
3. (OPTIONAL) Generate a `cert.pem`, `key.pem`, and device ID for Syncthing with `syncthing -generate=$HOSTNAME`. Find the device ID in the generated `config.xml` and add it to `nixosModules/services/syncthing/default.nix`, encrypt the cert and key with agenix, and set them as appropriate in the host configuration.
|
||||
4. Install NixOS from this flake. Secrets will _not_ be available on first boot.
|
||||
5. Copy the new system's public SSH key (`/etc/ssh/ssh_host_ed25519_key.pub`) to the host configuration (`host/$HOSTNAME/ssh.pub`).
|
||||
6. Add the new public key to `secrets/secrets.nix` and rekey all secrets with `agenix --rekey`.
|
||||
7. Rebuild the new system from git. Secrets will be automatically decrypted and immediately available in `/run/agenix/`.
|
||||
8. (OPTIONAL) Generate a new user SSH key and add it to `nixosModules/users/default.nix` in order to enable passwordless logins to other hosts.
|
||||
## mauville
|
||||
|
||||
### Services
|
||||
| Service | Description | Source/Runtime | Domain |
|
||||
|------------------|-----------------------------------|--------------------------------------|----------------------------------|
|
||||
| Nix Binary Cache | LAN cache for nix derivations. | nix-serve (nixpkgs) | https://nixcache.raffauflabs.com |
|
||||
| Navidrome | SubSonic-compatible music server. | nix-container (nixpkgs) | https://music.raffauflabs.com |
|
||||
| Plex | Music, TV, and Movie streaming. | OCI: plexinc/pms-docker:public | https://plex.raffauflabs.com |
|
||||
| Audiobookshelf | Podcasts & audiobooks. | OCI: advplyr/audiobookshelf:latest | https://podcasts.raffauflabs.com |
|
||||
| FreshRSS | RSS & News reader. | OCI: freshrss/freshrss:latest | https://news.raffauflabs.com |
|
||||
| Transmission | BitTorrent. | OCI: linuxserver/transmission:latest | Tailnet |
|
||||
| Samba | LAN file shares. | nixpkgs | Tailnet |
|
||||
| Nginx | Reverse proxy. | nixpkgs | Tailnet |
|
||||
| Ollama | Runs opensource LLMs. | nixpkgs | Tailnet |
|
|
@ -1,11 +0,0 @@
|
|||
## WiFi
|
||||
|
||||
WiFi networks can be configured declratively in `nixosModules/system/wifi.nix` using `networking.networkmanager.ensureProfiles.profiles`, provided by nixpkgs.
|
||||
|
||||
### Generating WiFi Profiles
|
||||
|
||||
[nm2nix](https://github.com/janik-haag/nm2nix) can generate nix-compatible code for all the WiFi networks in `/etc/NetworkManager/system-connections/` and `/run/NetworkManager/system-connections`.
|
||||
|
||||
```bash
|
||||
sudo su -c "cd /etc/NetworkManager/system-connections && nix --extra-experimental-features 'nix-command flakes' run github:Janik-Haag/nm2nix | nix --extra-experimental-features 'nix-command flakes' run nixpkgs#nixfmt-rfc-style"
|
||||
```
|
21
Tips & Tricks.md
Normal file
21
Tips & Tricks.md
Normal file
|
@ -0,0 +1,21 @@
|
|||
## Provisioning New Devices
|
||||
1. Create `hosts/$HOSTNAME/default.nix` and other host-specific nix modules (e.g. `disko.nix`,`hardware.nix`, and `home.nix`).
|
||||
2. Add host to `nixosConfigurations` in `flake.nix`.
|
||||
3. (OPTIONAL) Generate a `cert.pem`, `key.pem`, and device ID for Syncthing with `syncthing -generate=$HOSTNAME`. Find the device ID in the generated `config.xml` and add it to `nixosModules/services/syncthing/default.nix`, encrypt the cert and key with agenix, and set them as appropriate in the host configuration.
|
||||
4. Install NixOS from this flake. Secrets will _not_ be available on first boot.
|
||||
5. Copy the new system's public SSH key (`/etc/ssh/ssh_host_ed25519_key.pub`) to the host configuration (`host/$HOSTNAME/ssh.pub`).
|
||||
6. Add the new public key to `secrets/secrets.nix` and rekey all secrets with `agenix --rekey`.
|
||||
7. Rebuild the new system from git. Secrets will be automatically decrypted and immediately available in `/run/agenix/`.
|
||||
8. (OPTIONAL) Generate a new user SSH key and add it to `nixosModules/users/default.nix` in order to enable passwordless logins to other hosts.
|
||||
|
||||
## WiFi
|
||||
|
||||
WiFi networks can be configured declratively in `nixosModules/system/wifi.nix` using `networking.networkmanager.ensureProfiles.profiles`, provided by nixpkgs.
|
||||
|
||||
### Generating WiFi Profiles
|
||||
|
||||
[nm2nix](https://github.com/janik-haag/nm2nix) can generate nix-compatible code for all the WiFi networks in `/etc/NetworkManager/system-connections/` and `/run/NetworkManager/system-connections`.
|
||||
|
||||
```bash
|
||||
sudo su -c "cd /etc/NetworkManager/system-connections && nix --extra-experimental-features 'nix-command flakes' run github:Janik-Haag/nm2nix | nix --extra-experimental-features 'nix-command flakes' run nixpkgs#nixfmt-rfc-style"
|
||||
```
|
Loading…
Reference in a new issue