waveringana/nixcfg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
87 commits 1 branch 0 tags 330 KiB
Find a file
Exact
waveringana d90ad7fbc5 oops
2025-06-21 14:27:19 -04:00
common oops 2025-06-21 14:27:19 -04:00
home/regent idk 2025-06-16 06:44:50 -04:00
hosts rekey 2025-06-21 14:15:01 -04:00
modules turn off monero node for now 2025-06-20 05:04:44 -04:00
secrets rekey 2025-06-21 14:15:01 -04:00
flake.lock add declarative vm to valefar 2025-06-18 06:30:26 -04:00
flake.nix oops 2025-06-21 14:27:19 -04:00
host-secrets.nix weh 2025-06-21 06:28:46 -04:00
README.md remove morax add tailscale auth key 2025-06-21 06:48:45 -04:00

README.md

NixOS Infrastructure Configuration

Note

: If you're reading this, you're either drunk me, or someone I trust with my hardware. If the latter, I love you. If the former, you need to lose weight stop drinking.

Overview

Since late May 2025, I've decided to start managing my infrastructure through NixOS. This is still a long migration process from dockerizing almost everything.

Infrastructure

All machines are named after Goetic demons:

🎮 Focalor (Gaming PC)

Hardware: AMD Ryzen 7 5800X + RTX 3070

Goal: Convert to headless NixOS host running Windows VM for gaming + local services

Planned Services:

  • Local LLM hosting
  • Gaming VM passthrough

🏠 Valefar (Home Server)

Hardware: AMD Ryzen 5 5600 + GTX 1650

NixOS Services:

  • S3 storage via Garage, see services/garage.nix
  • Forgejo, see services/forgejo.nix
  • Tailscale connectivity

Docker Services (docker-compose):

  • PocketID authentication
  • Affine notes
  • Komodo
  • Valheim server
  • Vaultwarden password manager
  • Beszel

🍎 Gabriel

Hardware: M4 16gb Mac Mini

Services:

  • Runs three github actions runners for embedder, simplelink, and simplegit

🏴‍☠️ Buer (LiteServer VPS)

Hardware: 1 core, 1GB RAM, 20TB data cap

Services:

  • Headscale server
  • Exit node for privacy/torrenting

Notes: DMCA-friendly provider

☁️ Elise (Oracle Cloud VPS)

Hardware: 4 Ampere ARM cores, 24GB RAM, 4TB data cap

Status: Currently on Oracle Linux, planning to rename to "Vine"

Services:

Migration: Planned conversion to NixOS, everything is under one big docker-compose file

Fly.io machines

atl

  • exit node for headscale based in atlanta

Future Plans

Authentication & Identity Management

  • LDAP Server - Centralized user directory (considering OpenLDAP or FreeIPA)
  • Authentik Integration - Sync PocketID with Authentik for unified SSO across all services

Monitoring & Observability

  • Advanced Uptime Monitoring - Replace basic monitoring with more comprehensive solution
    • Considering: StatusPage, Cachet, or custom Prometheus/Grafana setup
  • Network Monitoring - Deep visibility into network performance and usage
    • Considering: LibreNMS, Zabbix, or PRTG alternative
  • Centralized Logging - Aggregate logs from all services (Loki + Promtail)
  • Metrics Collection - Unified dashboards showing health across all machines

Infrastructure Improvements

  • Automated Backups - Implement 3-2-1 backup strategy across all services
  • Configuration Management - Complete migration from Docker to declarative NixOS configs
  • High Availability - Service redundancy and failover capabilities (especially s3, can have Garage on vine + buer)

Service Expansion

  • Media Server - Jellyfin or Plex for media streaming
  • CI/CD Pipeline - Automated testing and deployment for personal projects