No description
|
||
---|---|---|
.forgejo/workflows | ||
.taskfiles | ||
.vscode | ||
nixos | ||
.envrc | ||
.gitignore | ||
.gitleaksignore | ||
.pre-commit-config.yaml | ||
.sops.yaml | ||
flake.lock | ||
flake.nix | ||
README.md | ||
renovate.json | ||
shell.nix | ||
Taskfile.yaml |
jahanson's homelab
Thank you Truxnell
Thank you for a lot of the groundwork you laid for the base nixos configuration and a lot of modules!
Getting started
To Install
nixos-rebuild switch --flake github:jahanson/nix-config-tn#HOST
Goals
- Learn nix
- Services I want to separate from my kubernetes cluster I will use Nix.
- Approval-based update automation for flakes.
- Expand usage to other shell environments such as WSL, etc
- keep it simple, use trusted boring tools
TODO
- Forgejo Actions
- Bring over hosts
- git.hsn.dev
- Telperion (network services)
- Gandalf (NixNAS)
- Thinkpad T470
Checklist
Adding a new node
- Ensure secrets are grabbed from note and all sops re-encrypte with task sops:re-encrypt
- Add to relevant github action workflows
- Add to .github/settings.yaml for PR checks
Applying configuration changes on a local machine can be done as follows:
cd ~/dotfiles
sudo nixos-rebuild switch --flake .
# This will automatically pick the configuration name based on the hostname
Applying configuration changes to a remote machine can be done as follows:
cd ~/dotfiles
nixos-rebuild switch --flake .#nameOfMachine --target-host machineToSshInto --use-remote-sudo
Hacking at nix files
Eval config to see what keys are being set.
nix eval .#nixosConfigurations.rickenbacker.config.security.sudo.WheelNeedsPassword
nix eval .#nixosConfigurations.rickenbacker.config.mySystem.security.wheelNeedsPassword
And browsing whats at a certain level in options - or just use nix-inspect TUI
nix eval .#nixosConfigurations.rickenbacker.config.home-manager.users.jahanson --apply builtins.attrNames --json
Quickly run a flake to see what the next error message is as you hack.
nixos-rebuild dry-run --flake . --fast --impure