homelab
/
config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
63 Commits
1 Branch
0 Tags
220 KiB
Nix 100%
 
Go to file
kalle ae04786633 Update readme with deployment and update instructions 2025-02-04 06:31:29 +01:00
hosts No need for base with this setup 2025-02-04 05:24:20 +01:00
roles TOML is great, just great 2025-02-03 18:04:28 +01:00
secrets Add sops-nix 2024-12-26 19:41:49 +01:00
services Initial commit 2024-11-17 20:28:14 +01:00
systems Make template a full-ish system again, since otherwise there are issues 2025-02-04 05:59:05 +01:00
.gitignore This should fix it I hope 2024-12-26 20:48:00 +01:00
.sops.yaml Add sops-nix 2024-12-26 19:41:49 +01:00
README.md Update readme with deployment and update instructions 2025-02-04 06:31:29 +01:00
authorized_keys Add PC to authorized keys 2025-02-03 16:58:21 +01:00
config.nix Move to different structure 2024-12-26 17:22:00 +01:00
flake.lock Add sops-nix 2024-12-26 19:41:49 +01:00
flake.nix Update readme with deployment and update instructions 2025-02-04 06:31:29 +01:00
hosts.nix Different hosts config layout + use IPs 2025-02-03 16:58:33 +01:00
utils.nix Set up deployment config for nodes 2025-02-04 05:50:56 +01:00

README.md

Home lab configuration

The nix based configuration for my home lab.

Deploying a new VM

  1. Create a clone of the template VM in proxmox.
  2. Change cloud-init config of the clone to contain the new IP address.
  3. Create the configuration file in the hosts/ folder.
  4. Make sure the IPs match between the configuration file and the cloud-init config.
  5. Create a secrets file with sops edit secrets/HOSTNAME.yml and put all required secrets in there.
  6. Commit changes to git.
  7. Start the VM.
  8. Deploy the configuration with colmena apply HOSTNAME.
  9. (Optional) If the VM requires an update to traefik run colmena apply to update all hosts.

Updating packages

  1. Run nix flake update.
  2. Commit the changes to git.
  3. Run colmena apply.

File Organization

- hosts/        # Host definitions files
- roles/        # Role definition files
- secrets/      # Encrypted secrets for each host
- systems/base/ # Base system configuration shared by all hosts

- confgi.nix    # Global configuration options

Roles

Traefik

HTTP reverse proxy.

TODO:

Services

For sure:

  • Authentik: Authentication
  • Forgejo: Git server
  • FreshRSS: RSS server/reader
  • Gramps: Family tree
  • hoarder: Bookmark manager
  • immich: Fotos
  • Jellyfin: Watching media files
  • Nextcloud: Files, contacts, calendar, etc
  • Pterodactyl panel: Game servers
  • Pterodactyl wings: Backend daemon for game servers
  • Vaultwarden: Password manager

Needs to run over VPN:

  • Prowlarr:
  • Radarr:
  • Lidarr:
  • Sonarr:
  • Transmission: Torrent clients (Different client maybe?)

Websites: Might want to look at using something to host these + other self hosted projects like coolify on its own machine

  • kallestruik.nl
  • dchat.kallestruik.nl
  • dconfig.kallestruik.nl
  • shs.khs.li
  • shs-gc.khs.li

Maybe:

  • Hedgedoc: Shared markdown note editing
  • Linkwarden: Shared link collections
  • Mastodon: Federated social media
  • Matrix: Federated chat
  • Paperless: Document storage
  • Stirling PDF: PDF tools

Monitoring: Currently grafana for dashboard with other things supplying data into it. Might want to look at some options before using it again.

Bastion:

  • VPN
  • SSH jumphost to the rest of the network

Unmanaged hosts

These need to have traefik configs created for them without being managed by the config.

  • Bluesky PDS
  • Home Assistant