Main source for configuration and dotfiles, describing every host and every service in my nixos homelab.
Go to file
Felix Albrigtsen f74bc0ec5e Multiple changes (cleanup, remove edison, add felixalbpc)
- Removes hold host edison
- Adds new host, felixalbpc, a work machine. This requires some cleanup
  to fit into the office network, use other SSH keys, etc.
- Clean up some package installs, putting more things into the common
  home-manager packages, rather than systemwide or host-specific homes.
- Various small changes like disabling Github Copilot on nvim startup.
2024-09-13 14:07:18 +02:00
common burnham: Add domeneshop-dyndns, make it a module 2024-09-08 14:47:28 +02:00
home Multiple changes (cleanup, remove edison, add felixalbpc) 2024-09-13 14:07:18 +02:00
hosts Multiple changes (cleanup, remove edison, add felixalbpc) 2024-09-13 14:07:18 +02:00
secrets burnham: Add domeneshop-dyndns, make it a module 2024-09-08 14:47:28 +02:00
shells edison: various desktop changes 2024-05-29 14:47:01 +02:00
.gitignore Update worf, ctf-shell and flake.lock 2023-09-13 23:20:31 +02:00
.sops.yaml burnham: Add domeneshop-dyndns, make it a module 2024-09-08 14:47:28 +02:00
README.md challenger: more minor migrations 2024-07-04 00:04:59 +02:00
base.nix Multiple changes (cleanup, remove edison, add felixalbpc) 2024-09-13 14:07:18 +02:00
flake.lock flake: update nix-darwin 2024-09-10 17:05:48 +02:00
flake.nix Multiple changes (cleanup, remove edison, add felixalbpc) 2024-09-13 14:07:18 +02:00
shell.nix Start adding sops secrets 2023-04-23 14:27:27 +02:00

README.md

Felixalbs nixos config

Contains configurations for some nixos servers, some nixos desktops and a nix-darwin host. Secrets are managed with sops-nix.

Build:

  • Build locally on another machine:
nix --extra-experimental-features "nix-command flakes" build ".#nixosConfigurations.sarek.config.system.build.toplevel"

(replace "sarek" with the hostname)

  • Build, install and switch on the actual target
nixos-rebuild switch --update-input nixpkgs --update-input unstable --no-write-lock-file --refresh --flake github+felixalbrigtsen/nixos-server-conf.git --upgrade

Services and tools

Below is a list of most of the services configured in this repo, at least the ones that are accessible to the public. It might be incomplete or out of date, but should generally describe the state of my homelab. Other installed packages and tools are described in the config files (like ./hosts/HOSTNAME/configuration.nix), but not listed here.

Public / important services

  • Matrix (source) - Decentralized, encrypted chat - Contact me at @felixalb:feal.no
  • Nextcloud (source) - Personal cloud services and "google replacements", including file hosting, notes, calendar and webmail
  • Gitea (source) - Software forge / git server
  • Hedgedoc (source) - Collaborative markdown notes editor
  • HomeAssistant (source)- Home automation / IOT controller
  • VaultWarden (source) - BitWarden Password Manager backend
  • KeyCloak (source) - Authentication provider, giving SSO with OIDC or SAML
  • Jellyfin (source) - Local media streaming

Networking

  • I use nginx as a web server and reverse proxy. The configuration is mostly distributed throughout the services that use it (example).
  • I recently switched from Tailscale(actually headscale) to WireGuard, configured here and here.
  • PiHole (source) run my internal DNS (*.home.feal.no) and ad blocking.

Monitoring

  • Prometheus (source) - Pull-based metrics system that fetches metrics over HTTP from a range of exporters and stores them in a time-series database
  • Loki (source) - Central logging for all my hosts
  • Grafana (source) - Visualization and alerting for all my metrics and logs
  • Uptime-Kuma (source) - Uptime / health check with alerting

Dotfiles and user tools

  • (Neo)vim (source) - Text editor with my configuration for IDE-like support for autocompletion, syntax highlighting and efficient editing.
  • Zsh (source) - My shell of choice