geir/home-lab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactor: Simplify module structure and reorganize services

Browse source 
- Removed system/ directory, merged applications into users/geir.nix
- Simplified fonts.nix to bare minimum (users can add more)
- Moved transmission.nix to sleeper-service/services/ (machine-specific)
- Organized grey-area services into services/ directory
- Updated import paths and tested all configurations
- Added research documentation for deploy-rs and GNU Stow
This commit is contained in:
Geir Okkenhaug Jerstad 2025-06-07 12:11:20 +02:00
parent e976b14d19
commit 9837d82199
24 changed files with 832 additions and 959 deletions
Download patch file Download diff file Expand all files Collapse all files

0
user_configs/README.md → dotfiles/README.md
View file

0
user_configs/geir/configurations.org → dotfiles/geir/configurations.org
View file

0
user_configs/geir/emacs.org → dotfiles/geir/emacs.org
View file

859
instruction.md
View file

@ -3,33 +3,42 @@
## Overview ## Overview
This part of the document provides general instructions for tha AI agent. This part of the document provides general instructions for tha AI agent.
## General instructions ## General Instructions
This document is to be treated as an iterative work and a collaberation between the user and AI agent. - Treat this as iterative collaboration between user and AI agent
- **Context7 MCP is mandatory** for all technical documentation queries
- Use casual but knowledgeable tone - hobby/passion project, not corporate
- Update documentation frequently as project evolves
## Goal for this file ## Language & Tool Preferences
Top part reusable instructions that can be transferred to other project and as away to iterativey make ai agent behave more like I prefer. - **Functional style preferred**
Bottom part should have information specific to the project. - **Guile Scheme**: System administration scripting (replace bash when possible)
The Plan.md file should have the project information and steps. - **Python**: AI tasks, when Python ecosystem is superior
- **TypeScript/JavaScript**: Web development (prefer Vite for new projects)
- **Rust**: Binary tools, performance-critical applications
- **Bash**: Only for very short scripts (< 10 lines)
## Context7 MCP Usage Protocol
## Programming Languages and styles 1. **Always resolve library IDs first**: Use `bb7_resolve-library-id` with library name
- Prefer functional style 2. **Get documentation**: Use `bb7_get-library-docs` with resolved Context7-compatible ID
- Guille scheme for scripting tasks 3. **For NixOS**: Search for "nixos", "nixpkgs", or specific module names
- Python for ai and when python ecosystem is better 4. **Required for**: Any NixOS option, service configuration, package lookup, troubleshooting
- Bash only for short scripts 5. **Example workflow**:
- Typescript and javascript for web development ```
- prefer to use vite to start new web dev projects User asks about configuring SSH ->
- Rust for binary tools etc Resolve "nixos" library ID ->
Get docs with topic "ssh" ->
## Written language and style Apply Context7 information to configuration
use notes.md to take notes . ```
Use a casual but knowledgeable tone. This is not a corporate project there are no audits or compliance to adhere to.
More like an open source project, more like a hobby/passion project
## Documentation and Research Tools ## Documentation and Research Tools
- **Always use context7 for NixOS information**: When working with NixOS configurations, modules, or need NixOS documentation, always use the context7 MCP server to get up-to-date and accurate information - **ALWAYS use Context7 MCP for NixOS**: Context7 is the primary source for all NixOS information
- Use context7 to resolve NixOS option names, module configurations, and best practices - Use `bb7_resolve-library-id` first to find the correct NixOS library ID
- Context7 provides authoritative NixOS documentation that's more reliable than general knowledge - Then use `bb7_get-library-docs` with the resolved ID for documentation
- Context7 provides up-to-date, authoritative NixOS documentation
- Use it for: option names, module configurations, service setup, package names, best practices
- Never rely on general knowledge for NixOS - always verify with Context7
- **When to use Context7**: Before any NixOS configuration change, package installation, service setup, or troubleshooting
- **Context7 for other tools**: Also use for Docker, Kubernetes, systemd, networking, and any technical documentation needs
## User Configuration Strategy ## User Configuration Strategy
- **Desktop machines**: Use `geir` user (includes desktop packages, development tools) - **Desktop machines**: Use `geir` user (includes desktop packages, development tools)
@ -38,766 +47,54 @@ More like an open source project, more like a hobby/passion project
- **Server examples**: sleeper-service, reverse-proxy, grey-area should only import `sma` user module - **Server examples**: sleeper-service, reverse-proxy, grey-area should only import `sma` user module
- **Desktop examples**: congenital-optimist can use both `geir` and `sma` users - **Desktop examples**: congenital-optimist can use both `geir` and `sma` users
# AI Agent Instructions: NixOS Flakes Migration for CongenitalOptimist # AI Agent Instructions: NixOS Home Lab Management
## Overview
This part of the document provides step-by-step instructions for AI agents to help migrate the CongenitalOptimist machine from traditional NixOS configuration to flakes-based configuration and upgrade to NixOS 25.05. The system already has excellent modular structure that we'll preserve and enhance.
Itreative about the project, update often
## Current System Information
- **Hostname**: work → congenital-optimist (migration in progress)
- **Current Version**: NixOS 25.05 (migrated from 23.11)
- **Target Version**: NixOS 25.05 ✅
- **Architecture**: x86_64-linux
- **Storage**: ZFS (zpool for system, stuffpool for data)
- **Hardware**: AMD CPU/GPU
- **Users**: geir (primary), sma (admin)
- **Dotfiles Approach**: Literate programming with Emacs org-mode (no Home Manager)
## Current Module Structure ## System Information
- **Current**: NixOS 25.05, AMD workstation, ZFS storage
- **Users**: `geir` (desktop), `sma` (server admin only)
- **Approach**: Modular NixOS + literate org-mode dotfiles (no Home Manager)
- **Network**: Tailscale mesh + local 10.0.0.0/24
## Module Structure (Current)
``` ```
Home-lab/ Home-lab/
├── machines/ ├── machines/{congenital-optimist,sleeper-service,grey-area,reverse-proxy}/
│ ├── congenital-optimist/ ├── modules/{common,desktop,development,hardware,system,users,virtualization}/
│ │ ├── configuration.nix (main system config) ├── packages/ (custom tools like 'lab' command)
│ │ ├── hardware-configuration.nix └── users/geir/dotfiles/ (org-mode literate configs)
│ │ └── About.org
│ ├── sleeper-service/
│ ├── reverse-proxy/
│ └── grey-area/
├── modules/
│ ├── common/
│ │ ├── base.nix (modern CLI tools & aliases)
│ │ ├── tty.nix (console styling with Joker theme)
│ │ └── nix.nix (flakes configuration)
│ ├── desktop/
│ │ ├── common.nix, gnome.nix, cosmic.nix, sway.nix
│ ├── development/
│ │ └── tools.nix (editors, LSPs, languages)
│ ├── hardware/
│ │ └── amd-workstation.nix
│ ├── system/
│ │ ├── applications.nix, fonts.nix, network.nix
│ ├── users/
│ │ ├── common.nix, geir.nix, sma.nix
│ └── virtualization/
│ ├── podman.nix, libvirt.nix, incus.nix
└── users/
└── geir/
└── dotfiles/ (literate org-mode configs)
``` ```
## Prerequisites Check ## Essential Workflows
Before starting, verify:
1. Current system is bootable and stable ### Before Any NixOS Changes
2. ZFS pools are healthy (`zpool status`) 1. **Use Context7**: `bb7_resolve-library-id nixos``bb7_get-library-docs` with resolved ID
3. All referenced modules exist and are working 2. **Check current state**: `nix flake check` and verify system health
4. User has sudo/root access 3. **Test build**: `nix build .#nixosConfigurations.<machine>.config.system.build.toplevel`
5. Git repository is initialized and up to date
### Configuration Best Practices
## Step 1: Fix Existing Configuration Issues - **Machine-specific configs**: Keep in `machines/<name>/` directory
- **Shared modules**: Only truly common settings in `modules/`
### Fix typo in user.nix - **User separation**: `geir` (desktop), `sma` (servers only)
Edit `Home-lab/Users/geir/user.nix` and change: - **Version pinning**: Keep `system.stateVersion = "23.11"` (DO NOT CHANGE)
```nix
progtams.zsh.enableCompletion = true; ### Deployment Workflow
``` - **Use `lab` tool for all deployments and status checks**:
to: - `lab deploy <machine>` - Deploy configuration to remote machine
```nix - `lab status` - Check status of all machines in the lab
programs.zsh.enableCompletion = true; - `lab check <machine>` - Verify specific machine health
``` - `lab test <machine>` - Test configuration before deployment
- **Always test locally first**: `nixos-rebuild test --flake .#<machine>`
## Step 2: Create Root Flake Structure - **Remote deployment**: `lab deploy <machine>` handles SSH, building, and switching
- **Status monitoring**: Use `lab status` to get overview of all lab machines
Create `Home-lab/flake.nix`: - **Document Context7 findings** in commit messages
```nix ## Key Constraints
{ - **No Home Manager**: Use org-mode literate dotfiles instead
description = "CongenitalOptimist Home Lab NixOS Configuration"; - **ZFS preservation**: Never change hostId or break ZFS mounts
- **Server separation**: Only `sma` user on servers (no desktop packages)
inputs = { - **Context7 mandatory**: All NixOS questions must use Context7 MCP
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; ## Emergency Recovery
}; - Previous generations available in GRUB
- ZFS snapshots: `zfs rollback zpool/root@snapshot`
outputs = { self, nixpkgs, nixpkgs-unstable, ... }@inputs: { - Keep live USB available
nixosConfigurations = {
congenital-optimist = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs;
unstable = import nixpkgs-unstable {
system = "x86_64-linux";
config.allowUnfree = true;
};
};
modules = [
./machines/congenital-optimist
];
};
};
};
}
```
## Step 3: Create Target Directory Structure
Execute these commands in the Home-lab directory:
```bash
mkdir -p machines/congenital-optimist
mkdir -p modules/{common,desktop,development,virtualization,users}
mkdir -p users/geir/dotfiles/{emacs,shell,editors}
mkdir -p overlays
mkdir -p packages
```
## Step 4: Convert Main Configuration
Create `machines/CongenitalOptimist/default.nix` by adapting the current `configuration.nix`:
Key changes needed:
1. Change function signature from `{pkgs, ...}:` to `{ config, pkgs, inputs, unstable, ... }:`
2. **Keep `system.stateVersion` as "23.11"** (maintains compatibility with existing data)
3. Fix nerd-fonts syntax (changed in 25.05)
4. Remove the experimental-features setting (handled by flake)
5. Update module import paths for new structure
6. Consolidate user package management
### Nerd Fonts Fix for 25.05
Replace this section in fonts.packages:
```nix
# Old format (will break in 25.05)
nerd-fonts.meslo-lg
nerd-fonts.jetbrains-mono
nerd-fonts.fira-code
nerd-fonts.droid-sans-mono
nerd-fonts.zed-mono
nerd-fonts.iosevka
nerd-fonts.iosevka-term
nerd-fonts.hack
```
With:
```nix
# New format for 25.05
(nerdfonts.override {
fonts = [
"Meslo"
"JetBrainsMono"
"FiraCode"
"DroidSansMono"
"Hack"
"Iosevka"
"IosevkaTerm"
];
})
```
## Step 5: Migrate Existing Modules
### Copy existing modules to new structure:
```bash
# Copy common modules
cp Home-lab/Machines/Modules/common/base.nix modules/common/
cp Home-lab/Machines/Modules/common/tty.nix modules/common/
# Copy virtualization modules
cp Home-lab/Machines/Modules/virtualization/*.nix modules/virtualization/
```
### Create additional common modules:
#### `modules/common/nix.nix`:
```nix
{ config, pkgs, ... }: {
# Enable flakes system-wide
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Optimize nix settings
nix.settings = {
auto-optimise-store = true;
substituters = [
"https://cache.nixos.org/"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
];
};
}
```
## Step 6: Consolidate User Configuration
Create `modules/users/geir.nix` by merging the existing user config:
```nix
{ config, pkgs, ... }: {
users.users.geir = {
isNormalUser = true;
extraGroups = [ "networkmanager" "wheel" "libvirtd" "podman" "incus-admin" ];
shell = pkgs.zsh;
packages = with pkgs; [
# Browsers
chromium
vivaldi
vivaldi-ffmpeg-codecs
nyxt
firefox
# Shell & development tools
starship
fastfetch
hyfetch
nerdfetch
nix-direnv
gh
github-copilot-cli
# Media & graphics
gimp
obs-studio
vesktop
koodo-reader
# System tools
ncpamixer
virt-manager
pavucontrol
gnome-tweaks
beauty-line-icon-theme
# Terminal multiplexer and fun
zellij
neo-cowsay
fortune
clolcat
# Emacs integration
emacsPackages.vterm
];
};
# System-wide ZSH configuration
programs.zsh = {
enable = true;
syntaxHighlighting.enable = true;
enableCompletion = true;
autosuggestions = {
enable = true;
historySearch = true;
};
history = {
enable = true;
shareHistory = true;
saveOnExit = true;
};
};
environment.systemPackages = with pkgs; [
zsh
zsh-completions
nix-zsh-completions
zsh-autocomplete
zsh-autosuggestions
zsh-syntax-highlighting
];
}
```
## Step 7: Create Desktop Environment Modules
### `modules/desktop/gnome.nix`:
```nix
{ config, pkgs, ... }: {
services.xserver = {
enable = true;
desktopManager.gnome.enable = true;
xkb.layout = "no";
};
# XDG portal configuration
xdg.portal = {
enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
};
}
```
### `modules/desktop/cosmic.nix`:
```nix
{ config, pkgs, ... }: {
services.desktopManager.cosmic.enable = true;
services.displayManager.cosmic-greeter.enable = true;
services.desktopManager.cosmic.xwayland.enable = true;
}
```
### `modules/desktop/sway.nix`:
```nix
{ config, pkgs, ... }: {
programs.sway = {
enable = true;
wrapperFeatures.gtk = true;
};
services.dbus.enable = true;
xdg.portal = {
enable = true;
wlr.enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
};
environment.systemPackages = with pkgs; [
swaylock
swayidle
swaybg
waybar
fuzzel
gammastep
mako
flameshot
];
}
```
## Step 8: Set Up Per-User Literate Dotfiles
Create `users/geir/dotfiles/README.org`:
```org
#+TITLE: CongenitalOptimist Dotfiles Configuration
#+DESCRIPTION: Literate programming approach to dotfiles using Emacs org-mode
#+PROPERTY: header-args :tangle yes
#+STARTUP: overview
* Introduction
This file contains all dotfiles configuration using literate programming.
Each configuration block can be tangled to its respective file using C-c C-v t.
The approach allows for:
- Self-documenting configuration with rationale
- Easy sharing and explanation of setup decisions
- Version control of configuration with full context
- Modular organization of different tool configurations
* Shell Configuration
** Zsh Configuration
#+BEGIN_SRC sh :tangle ~/.zshrc
# Generated from dotfiles/README.org - CongenitalOptimist configuration
export EDITOR="emacs"
export BROWSER="firefox"
export SHELL="/run/current-system/sw/bin/zsh"
# Enable starship prompt (configured in NixOS)
eval "$(starship init zsh)"
# Enable zoxide for smart cd
eval "$(zoxide init zsh)"
# Custom aliases (complementing those in base.nix)
alias gc='git commit'
alias gp='git push'
alias gs='git status'
alias nrs='sudo nixos-rebuild switch --flake .'
alias nrt='sudo nixos-rebuild test --flake .'
alias reload='source ~/.zshrc'
# CongenitalOptimist specific shortcuts
alias lab='cd ~/Home-lab'
alias tangle='cd ~/Home-lab/users/geir/dotfiles && emacs --batch -l org --eval "(org-babel-tangle-file \"README.org\")"'
alias dotfiles='cd ~/Home-lab/users/geir/dotfiles'
#+END_SRC
** Starship Configuration
#+BEGIN_SRC toml :tangle ~/.config/starship.toml
# Starship prompt configuration for CongenitalOptimist
format = """
$username\
$hostname\
$directory\
$git_branch\
$git_state\
$git_status\
$cmd_duration\
$line_break\
$character"""
[character]
success_symbol = "[](bold green)"
error_symbol = "[](bold red)"
[directory]
truncation_length = 3
fish_style_pwd_dir_length = 1
[git_branch]
symbol = "🌱 "
[hostname]
ssh_only = false
format = "[@$hostname](bold blue) "
[username]
show_always = true
format = "[$user](bold yellow)"
#+END_SRC
* Editor Configuration
** Emacs Configuration
#+BEGIN_SRC emacs-lisp :tangle ~/.emacs.d/init.el
;; Generated from dotfiles/README.org - CongenitalOptimist
(setq inhibit-startup-message t)
(setq ring-bell-function 'ignore)
;; Enable line numbers
(global-display-line-numbers-mode 1)
;; Enable org-babel for literate programming
(org-babel-do-load-languages
'org-babel-load-languages
'((emacs-lisp . t)
(shell . t)
(python . t)
(nix . t)))
;; Auto-tangle on save for literate config files
(defun auto-tangle-config-files ()
"Auto tangle config files when saving."
(when (string-match-p "users/.*/dotfiles.*\\.org$" (buffer-file-name))
(org-babel-tangle)))
(add-hook 'after-save-hook 'auto-tangle-config-files)
;; Better defaults
(setq-default indent-tabs-mode nil)
(setq-default tab-width 2)
(show-paren-mode 1)
(electric-pair-mode 1)
;; CongenitalOptimist theme setup
(when (display-graphic-p)
(load-theme 'deeper-blue t))
#+END_SRC
* Development Tools
** Git Configuration
#+BEGIN_SRC conf :tangle ~/.gitconfig
[user]
name = geir
email = geir@congenital-optimist.local
[init]
defaultBranch = main
[core]
editor = emacs
pager = bat
[pull]
rebase = false
[alias]
st = status
co = checkout
br = branch
unstage = reset HEAD --
last = log -1 HEAD
visual = !gitk
#+END_SRC
* Home Lab Specific Configuration
** NixOS Rebuild Aliases
These aliases make working with the flake-based configuration easier:
#+BEGIN_SRC sh :tangle ~/.config/shell/nixos-aliases
# NixOS CongenitalOptimist specific aliases
alias nix-build='cd ~/Home-lab && nix build .#nixosConfigurations.congenital-optimist.config.system.build.toplevel'
alias nix-check='cd ~/Home-lab && nix flake check'
alias nix-update='cd ~/Home-lab && nix flake update'
alias nix-clean='sudo nix-collect-garbage -d'
alias edit-dotfiles='cd ~/Home-lab/users/geir/dotfiles && emacs README.org'
#+END_SRC
```
## Step 9: Update Main Configuration Import Structure
Create the main machine configuration in `machines/CongenitalOptimist/default.nix`:
```nix
{ config, pkgs, inputs, unstable, ... }: {
imports = [
./hardware-configuration.nix
../../modules/common/base.nix
../../modules/common/tty.nix
../../modules/common/nix.nix
../../modules/virtualization/podman.nix
../../modules/virtualization/libvirt.nix
../../modules/virtualization/incus.nix
../../modules/desktop/gnome.nix
../../modules/desktop/cosmic.nix
../../modules/desktop/sway.nix
../../modules/users/geir.nix
];
# Boot configuration
boot.loader.grub = {
enable = true;
zfsSupport = true;
efiSupport = true;
efiInstallAsRemovable = true;
mirroredBoots = [
{
devices = ["nodev"];
path = "/boot";
}
];
};
zramSwap = {
enable = true;
algorithm = "zstd";
};
# Hardware
services.fwupd.enable = true;
hardware.enableRedistributableFirmware = true;
hardware.amdgpu.initrd.enable = true;
hardware.bluetooth.enable = true;
hardware.bluetooth.powerOnBoot = true;
# System settings
nixpkgs.config.allowUnfree = true;
networking.nftables.enable = true;
networking.hostName = "work"; # TODO: consider changing to "congenital-optimist"
services.tailscale.enable = true;
networking.networkmanager.enable = true;
networking.hostId = "8425e349";
time.timeZone = "Europe/Oslo";
i18n.defaultLocale = "en_US.UTF-8";
# Services
services.flatpak.enable = true;
services.emacs.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
pulse.enable = true;
};
programs.steam.enable = true;
# Fonts (updated for 25.05)
fonts.packages = with pkgs; [
noto-fonts
noto-fonts-cjk-sans
noto-fonts-emoji
liberation_ttf
dina-font
proggyfonts
mona-sans
hubot-sans
inter-nerdfont
(nerdfonts.override {
fonts = [
"Meslo"
"JetBrainsMono"
"FiraCode"
"DroidSansMono"
"Hack"
"Iosevka"
"IosevkaTerm"
];
})
];
# System packages
environment.systemPackages = with pkgs; [
# Terminal applications
kitty
terminator
rio
dbus
greetd.tuigreet
wayland
xdg-utils
# System monitoring
glances
inxi
htop
bottom
wget
curl
git
mc
systemctl-tui
# Development tools
guile
rustup
nixd
zls
alejandra
python3Packages.python-lsp-server
gopls
luajitPackages.lua-lsp
nodePackages.bash-language-server
vimPlugins.cmp-nvim-lsp
ccls
gdb
marksman
# Editors
zed-editor
neovim
emacs
vscode
vscodium-fhs
];
# Network and security
services.openssh.enable = true;
services.zfs.autoScrub.enable = true;
services.zfs.trim.enable = true;
networking.firewall.allowedTCPPorts = [ 22 ];
networking.firewall.allowedUDPPorts = [ 22 ];
networking.firewall.enable = true;
system.copySystemConfiguration = true;
system.stateVersion = "23.11"; # DO NOT CHANGE - maintains data compatibility
}
```
## Step 10: Copy Hardware Configuration
Copy the existing hardware configuration:
```bash
cp Home-lab/Machines/CongenitalOptimist/hardware-configuration.nix machines/CongenitalOptimist/
```
## Step 11: Test Configuration
Before applying changes:
1. Test flake evaluation:
```bash
cd Home-lab
nix flake check
```
2. Build configuration without switching:
```bash
sudo nixos-rebuild build --flake .#congenital-optimist
```
3. If successful, test the configuration:
```bash
sudo nixos-rebuild test --flake .#congenital-optimist
```
4. If everything works, switch permanently:
```bash
sudo nixos-rebuild switch --flake .#congenital-optimist
```
## Step 12: Set Up Per-User Literate Dotfiles Workflow
1. Create your main org-mode configuration file:
```bash
cd users/geir/dotfiles
emacs README.org
```
2. Use org-babel to tangle your configurations:
```bash
# In Emacs, use C-c C-v t to tangle all code blocks
# Or from command line:
cd users/geir/dotfiles
emacs --batch -l org --eval "(org-babel-tangle-file \"README.org\")"
```
3. The provided Emacs config includes auto-tangle on save for any user's dotfiles
4. Test that dotfiles are generated correctly in the user's home directory
5. For additional users, create similar structure under `users/<username>/dotfiles/`
## Step 13: Lock and Commit
1. Generate flake.lock:
```bash
nix flake lock
```
2. Commit changes:
```bash
git add .
git commit -m "Migrate CongenitalOptimist to flakes with literate dotfiles"
```
## Verification Steps
After switching:
1. Verify system boots correctly
2. Check all services are running: `systemctl --failed`
3. Test all desktop environments launch (GNOME, Cosmic, Sway)
4. Verify virtualization: `sudo systemctl status libvirtd podman`
5. Check ZFS status: `zpool status`
6. Test network connectivity and Tailscale
7. Verify user environment and all packages available
8. Test modern CLI tools and aliases from base.nix
9. Check console theming and TTY configuration
10. Verify Emacs and literate programming workflow
## Error Resolution
### Common Issues:
1. **Boot failure**: Boot from previous generation in GRUB
2. **Package not found**: Check if package name changed in 25.05
3. **Service fails**: Check journalctl: `journalctl -u <service-name>`
4. **Desktop environment issues**: Switch to TTY (Ctrl+Alt+F2) and debug
5. **Nerd fonts issues**: Verify the new syntax is applied correctly
### Emergency Recovery:
- Boot from previous NixOS generation in GRUB
- Use ZFS snapshots if available: `zfs rollback zpool/root@snapshot-name`
- Keep live USB available for emergency repairs
## Final Validation Checklist
- [ ] System boots to desktop
- [ ] All user applications launch (browsers, editors, terminals)
- [ ] Network and Tailscale functional
- [ ] Virtualization stack operational (podman, libvirt, incus)
- [ ] ZFS and NFS mounts working
- [ ] Development tools functional (editors, LSPs, languages)
- [ ] Audio system working (pipewire)
- [ ] Modern CLI tools and aliases from base.nix working
- [ ] Console theming with Joker palette preserved
- [ ] Bluetooth functional if needed
- [ ] Literate dotfiles workflow established
- [ ] Auto-tangling in Emacs working
## Post-Migration Tasks
1. Consider updating hostname from "work" to "congenital-optimist"
2. Expand literate dotfiles in org-mode with more tools and configurations
3. Create additional machine configurations in the flake
4. Implement secrets management (agenix/sops-nix)
5. Set up automatic updates
6. Add system monitoring
8. Document your literate programming workflow per user
9. Consider using org-mode for documenting the entire home lab setup
10. Set up org-export to generate beautiful documentation from your configs
11. Create templates for common user configuration patterns
12. Plan for additional users with their own dotfiles directories
13. Consider shared vs user-specific configuration strategies
## Notes for AI Agents
1. Always preserve existing functionality - don't remove working features
2. The system already has excellent modular structure - build on it
3. Modern CLI tools are already configured in base.nix - don't duplicate
4. Console theming is already set up - preserve the Joker palette
5. Fix the typo in user.nix before proceeding
6. Keep system.stateVersion as "23.11" - never change this
7. Test thoroughly before committing to permanent changes
8. Prioritize system stability over new features
9. The literate programming approach should complement, not replace, the modular NixOS structure

4
machines/congenital-optimist/configuration.nix
View file

@ -12,10 +12,6 @@
# Security modules # Security modules
../../modules/security/ssh-keys.nix ../../modules/security/ssh-keys.nix
# System modules
../../modules/system/fonts.nix
../../modules/system/applications.nix
# Hardware modules # Hardware modules
../../modules/hardware/amd-workstation.nix ../../modules/hardware/amd-workstation.nix

0
machines/grey-area/nixos/configuration.nix → machines/grey-area/configuration.nix
View file

0
machines/grey-area/nixos/hardware-configuration.nix → machines/grey-area/hardware-configuration.nix
View file

0
machines/grey-area/nixos/audiobook.nix → machines/grey-area/services/audiobook.nix
View file

0
machines/grey-area/nixos/calibre-web.nix → machines/grey-area/services/calibre-web.nix
View file

0
machines/grey-area/nixos/forgejo.nix → machines/grey-area/services/forgejo.nix
View file

0
machines/grey-area/nixos/jellyfin.nix → machines/grey-area/services/jellyfin.nix
View file

8
machines/reverse-proxy/About.org
View file

@ -3,6 +3,14 @@
#+DATE: [2025-06-04 Wed] #+DATE: [2025-06-04 Wed]
* Machine Overview * Machine Overview
also known as vps1
Ip information:
enX0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether fa:16:3e:d5:da:20 brd ff:ff:ff:ff:ff:ff
altname enxfa163ed5da20
tailscale0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc fq_codel state UNKNOWN group default qlen 500
link/none
inet 100.96.189.104/32 scope global tailscale0
** Role ** Role
- **Primary Function**: Reverse proxy and SSL/TLS termination - **Primary Function**: Reverse proxy and SSL/TLS termination

2
machines/sleeper-service/configuration.nix
View file

@ -7,7 +7,7 @@
./network-sleeper-service.nix ./network-sleeper-service.nix
# Services # Services
./nfs.nix ./nfs.nix
../../modules/system/transmission.nix ./services/transmission.nix
# User modules - server only needs sma user # User modules - server only needs sma user
../../modules/users/sma.nix ../../modules/users/sma.nix

0
modules/system/transmission.nix → machines/sleeper-service/services/transmission.nix
View file

13
modules/desktop/common.nix
View file

@ -13,17 +13,8 @@
# Common desktop packages # Common desktop packages
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
# Basic desktop tools
firefox firefox
alacritty
nautilus
# Media and graphics
vlc
gimp
# Utilities
gnome-tweaks
dconf-editor
]; ];
# Flatpak support
services.flatpak.enable = true;
} }

22
modules/desktop/fonts.nix Normal file
View file

@ -0,0 +1,22 @@
{ config, pkgs, ... }: {
# Minimal font configuration - users can add more fonts as needed
fonts.packages = with pkgs; [
# Essential system fonts
noto-fonts
noto-fonts-emoji
liberation_ttf
# One good monospace font for terminals/coding
nerd-fonts.jetbrains-mono
];
# Console configuration
console = {
font = "Lat2-Terminus16";
keyMap = "no";
};
# Internationalization
i18n.defaultLocale = "en_US.UTF-8";
time.timeZone = "Europe/Oslo";
}

51
modules/network/README.md
View file

@ -1,51 +0,0 @@
# Network Configuration Modules
This directory contains networking configurations for all machines in the Home Lab.
## Structure
- **`common.nix`** - Shared networking settings used by all machines
- nftables firewall enabled
- SSH access with secure defaults
- Tailscale VPN for remote access
- Basic firewall rules (SSH port 22)
- **`network-<machine-name>.nix`** - Machine-specific networking configurations
- Import `common.nix` for shared settings
- Override or extend with machine-specific requirements
- Define hostname, hostId, and additional firewall ports
## Current Machines
### network-congenital-optimist.nix
- AMD Threadripper workstation
- ZFS hostId configuration (8425e349)
- Ready for additional service ports as needed
### network-sleeper-service.nix
- Xeon file server
- Headless server configuration
- Ready for additional file sharing service ports
## Usage
Each machine configuration imports its specific network module:
```nix
# In machines/<machine-name>/configuration.nix
imports = [
../../modules/network/network-<machine-name>.nix
# ... other imports
];
```
## Adding New Machines
1. Create `network-<new-machine>.nix` in this directory
2. Import `./common.nix` for shared settings
3. Add machine-specific configuration (hostname, hostId, ports)
4. Import the new file in the machine's `configuration.nix`
## Future Refactoring
The `common.nix` file can be extended to include more shared networking patterns as they emerge across machines. Consider moving repeated patterns here to reduce duplication.

37
modules/system/applications.nix
View file

@ -1,37 +0,0 @@
{ config, pkgs, ... }:
let
# Import custom packages from the flake
homeLabPackages = import ../../packages { inherit pkgs; };
in {
# System applications and utilities
environment.systemPackages = with pkgs; [
# Home lab management tools
homeLabPackages.lab
# Terminal applications
kitty
terminator
rio
greetd.tuigreet
# System monitoring
glances
inxi
htop
bottom
systemctl-tui
# File and data tools
wget
curl
mc
# Desktop integration
dbus
wayland
xdg-utils
];
# Flatpak support
services.flatpak.enable = true;
}

36
modules/system/fonts.nix
View file

@ -1,36 +0,0 @@
{ config, pkgs, ... }: {
# Font configuration
fonts.packages = with pkgs; [
# Base fonts
noto-fonts
noto-fonts-cjk-sans
noto-fonts-emoji
liberation_ttf
dina-font
proggyfonts
# GitHub fonts
mona-sans
hubot-sans
inter-nerdfont
# Nerd Fonts (updated syntax for NixOS 25.05)
nerd-fonts.meslo-lg
nerd-fonts.jetbrains-mono
nerd-fonts.fira-code
nerd-fonts.droid-sans-mono
nerd-fonts.hack
nerd-fonts.iosevka
nerd-fonts.iosevka-term
];
# Console configuration
console = {
font = "Lat2-Terminus16";
keyMap = "no";
};
# Internationalization
i18n.defaultLocale = "en_US.UTF-8";
time.timeZone = "Europe/Oslo";
}

85
modules/users/geir.nix
View file

@ -1,7 +1,10 @@
# Primary User Configuration - geir # Primary User Configuration - geir
# Main user account for development and desktop use # Main user account for development and desktop use
{ config, pkgs, ... }: { config, pkgs, ... }:
let
# Import custom packages from the flake
homeLabPackages = import ../../packages { inherit pkgs; };
in
{ {
users.users.geir = { users.users.geir = {
description = "Geir Okkenhaug Jerstad - Primary User"; description = "Geir Okkenhaug Jerstad - Primary User";
@ -31,20 +34,33 @@
# User-specific packages # User-specific packages
packages = with pkgs; [ packages = with pkgs; [
# Browsers & Communication # Home lab management tools
chromium homeLabPackages.lab
vivaldi
vivaldi-ffmpeg-codecs # Terminal applications & system monitoring
nyxt kitty
firefox terminator
vesktop
# Terminal & Shell Enhancement
starship starship
fastfetch fastfetch
hyfetch hyfetch
nerdfetch
zellij zellij
glances
htop
bottom
systemctl-tui
# Essential system tools
wget
curl
mc
# Browsers & Communication
firefox
chromium
vesktop
# Shell Enhancement & Fun
nerdfetch
neo-cowsay neo-cowsay
fortune fortune
clolcat clolcat
@ -53,42 +69,41 @@
ncpamixer ncpamixer
pavucontrol pavucontrol
# Creative & Productivity # Productivity
gimp
obs-studio
koodo-reader
libreoffice libreoffice
koodo-reader
# Development & System Management # Development & System Management
neovim
vscode
git-credential-manager
github-cli
nodejs
nodePackages.npm
virt-manager virt-manager
gnome-tweaks
# Themes & Appearance # Creative Tools (optional - remove if not needed)
beauty-line-icon-theme gimp
obs-studio
# Emacs Integration
emacsPackages.vterm
# Media & Entertainment
celluloid
# File Management # File Management
nautilus nautilus
file-roller file-roller
# Text Editors (alternatives to Emacs) # Containers
neovim
vscode
# Development Tools
git-credential-manager
github-cli
nodejs
nodePackages.npm
# Containers & Cloud
podman-compose podman-compose
podman-desktop podman-desktop
# Media
celluloid
# Emacs Integration
emacsPackages.vterm
# Desktop integration (moved from system)
dbus
wayland
xdg-utils
]; ];
}; };

138
packages/README.md
View file

@ -104,16 +104,148 @@ final: prev: {
## Home-lab Specific Packages ## Home-lab Specific Packages
### Lab Tool (`lab`) - Evolution Roadmap
The `lab` tool is the central infrastructure management utility with planned major enhancements:
**Current Implementation (Shell-based):**
- Multi-machine deployment via SSH/rsync
- Infrastructure status monitoring
- Color-coded logging and error handling
- Machine health checks and connectivity testing
**Phase 1: deploy-rs Integration**
Research completed - deploy-rs provides production-grade deployment capabilities:
- **Automatic rollback**: Failed deployments revert automatically
- **Parallel deployment**: Deploy to multiple machines simultaneously
- **Health checks**: Validates deployments before committing
- **Atomic operations**: Either succeeds completely or fails cleanly
- **Flake-native**: Built specifically for NixOS flakes
Implementation approach:
```bash
# Hybrid command structure
lab deploy sleeper-service # Current SSH/rsync method
lab deploy-rs sleeper-service # New deploy-rs backend
lab deploy-all --parallel # Parallel deployment via deploy-rs
```
Configuration integration:
```nix
# flake.nix additions
inputs.deploy-rs.url = "github:serokell/deploy-rs";
deploy.nodes = {
sleeper-service = {
hostname = "sleeper-service.tail807ea.ts.net";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.sleeper-service;
sshUser = "sma";
autoRollback = true;
magicRollback = true;
activationTimeout = 180;
};
};
};
```
**Phase 2: Enhanced Statistics Engine**
Current `lab status` provides basic connectivity - planned expansion to comprehensive monitoring:
**Rust/Go Implementation for Performance:**
- **System metrics**: CPU, memory, disk usage, network stats
- **Service monitoring**: systemd service status, failed units
- **ZFS statistics**: Pool health, scrub status, capacity usage
- **Network topology**: Tailscale mesh status, latency metrics
- **Historical data**: Trend analysis and performance tracking
**Example enhanced output:**
```bash
$ lab status --detailed
Infrastructure Status (Updated: 2024-01-20 15:30:42)
━━━ congenital-optimist (local) ━━━
✅ Online │ Load: 1.2 │ RAM: 8.4GB/32GB │ Disk: 45% │ Uptime: 7d 2h
🔗 Tailscale: Active (100.81.15.84) │ Latency: local
━━━ sleeper-service (file server) ━━━
✅ Online │ Load: 0.3 │ RAM: 2.1GB/8GB │ Disk: 67% │ Uptime: 12d 8h
🗄️ ZFS: ONLINE │ Pool: storage (1.8TB, 50% used) │ Last scrub: 3d ago
🔗 Tailscale: Active (100.81.15.85) │ Latency: 2ms
📡 Services: sshd ✅ │ nfs-server ✅ │ zfs-mount ✅
━━━ grey-area (unreachable) ━━━
⚠️ Offline │ Last seen: 2h ago │ SSH: Connection refused
```
**Phase 3: GNU Stow Dotfile Integration**
Research completed - GNU Stow provides excellent dotfile management for server configurations:
**Use cases:**
- **Server user configs**: Simple dotfiles for `sma` user on servers
- **Machine-specific configs**: Different configurations per server role
- **Selective deployment**: Deploy only needed configs per machine
**Integration approach:**
```bash
# Enhanced lab tool commands
lab dotfiles deploy sma@sleeper-service # Deploy server user configs
lab dotfiles status # Show dotfile deployment status
lab dotfiles sync --machine sleeper-service # Sync specific machine configs
```
**Directory structure:**
```
packages/dotfiles/
├── server-common/ # Shared server configurations
│ ├── .zshrc # Basic shell config
│ ├── .vimrc # Editor config
│ └── .gitconfig # Git configuration
├── sleeper-service/ # NFS server specific
│ └── .config/
│ └── nfs/
├── grey-area/ # Git server specific
│ └── .gitconfig # Enhanced git config
└── stow-deploy.nix # NixOS integration
```
**Hybrid Configuration Strategy:**
- **Keep org-mode** for complex desktop configurations (geir user)
- **Use GNU Stow** for simple server configurations (sma user)
- **Machine-specific packages** for role-based configurations
**Phase 4: Advanced Features**
- **Configuration drift detection**: Compare deployed vs expected state
- **Automated health checks**: Scheduled infrastructure validation
- **Integration APIs**: Metrics export for monitoring systems
- **Web dashboard**: Optional web interface for infrastructure overview
- **Alert system**: Notifications for infrastructure issues
**Implementation Timeline:**
1. **Q1 2024**: deploy-rs integration and testing
2. **Q2 2024**: Enhanced statistics engine in Rust/Go
3. **Q3 2024**: GNU Stow dotfile integration
4. **Q4 2024**: Advanced monitoring and alerting features
### CongenitalOptimist Packages ### CongenitalOptimist Packages
- Development environment customizations - Development environment customizations
- Workstation-specific tools - Workstation-specific tools
- Desktop application modifications - Desktop application modifications
- `lab` tool and deployment utilities
### sleeper-service Packages ### sleeper-service Packages
- File server utilities - File server utilities
- Monitoring tools - ZFS monitoring tools
- Backup scripts - NFS service management
- Network service tools - Storage health monitoring
- Backup automation scripts
### Server Infrastructure Packages
- **deploy-rs configurations**: Declarative deployment definitions
- **Dotfile managers**: GNU Stow packages for server user configurations
- **Monitoring utilities**: System health and performance tools
- **Network tools**: Tailscale integration and network diagnostics
## Best Practices ## Best Practices

236
research/deploy-rs.md Normal file
View file

@ -0,0 +1,236 @@
# deploy-rs Research Summary
## Overview
**deploy-rs** is a Rust-based deployment tool specifically designed for NixOS flakes. It provides declarative, reliable, and efficient deployment of NixOS configurations to remote machines with advanced features like rollback capabilities, health checks, and parallel deployments.
**Repository**: https://github.com/serokell/deploy-rs
**Status**: Actively maintained by Serokell
**Language**: Rust (fast, reliable, memory-safe)
## Key Features
### 🚀 **Core Capabilities**
- **Flake-native**: Built specifically for Nix flakes (no legacy nix-env/channels)
- **Multi-target deployment**: Deploy to multiple machines simultaneously
- **Automatic rollback**: Failed deployments automatically revert to previous generation
- **Health checks**: Configurable post-deployment validation
- **SSH-based**: Uses SSH for secure remote deployment (like our current lab tool)
- **Profile management**: Supports system, user, and custom profiles
### 🔧 **Advanced Features**
- **Parallel deployment**: Deploy to multiple machines concurrently
- **Interactive confirmation**: Can prompt before applying changes
- **Dry-run mode**: Preview changes without applying them
- **Magic rollback**: Automatic rollback on deployment failures or health check failures
- **Custom activation**: Define custom activation scripts and checks
- **Sudo handling**: Intelligent sudo privilege escalation
### 📊 **Reliability Features**
- **Atomic deployments**: Either succeeds completely or rolls back
- **Connection resilience**: Handles SSH connection issues gracefully
- **Generation tracking**: Keeps track of deployment history
- **Activation timeout**: Prevents hanging deployments
- **Health check timeout**: Configurable validation windows
## Configuration Structure
Deploy-rs uses a declarative configuration format in your flake:
```nix
# flake.nix
{
# ... existing flake configuration
deploy.nodes = {
sleeper-service = {
hostname = "sleeper-service.tail807ea.ts.net";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.sleeper-service;
sshUser = "sma";
sudo = "sudo -u";
};
};
grey-area = {
hostname = "grey-area.tail807ea.ts.net";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.grey-area;
sshUser = "sma";
sudo = "sudo -u";
};
};
};
# Health checks
deploy.nodes.sleeper-service.profiles.system.activationTimeout = 240;
deploy.nodes.sleeper-service.profiles.system.confirmTimeout = 30;
}
```
## Command Examples
```bash
# Deploy to single machine
deploy '.#sleeper-service'
# Deploy to all machines
deploy '.#'
# Dry run (check what would be deployed)
deploy '.#sleeper-service' -- --dry-activate
# Skip health checks
deploy '.#sleeper-service' -- --skip-checks
# Interactive confirmation
deploy '.#sleeper-service' -- --confirm-timeout 60
# Deploy specific profile
deploy '.#sleeper-service.system'
```
## Comparison with Current `lab` Tool
| Feature | Current `lab` Tool | deploy-rs |
|---------|-------------------|-----------|
| **Language** | Shell script | Rust (compiled) |
| **Performance** | Good | Excellent |
| **Parallel deployment** | ❌ | ✅ |
| **Automatic rollback** | ❌ | ✅ |
| **Health checks** | ❌ | ✅ |
| **Flake-native** | ✅ | ✅ |
| **SSH-based** | ✅ | ✅ |
| **Status monitoring** | ✅ | Limited |
| **Custom workflows** | ✅ | Limited |
| **Learning curve** | Low | Medium |
| **Configuration** | Shell script | Nix flake |
## Advantages of deploy-rs
### ✅ **Production-Ready Features**
- **Reliability**: Automatic rollback prevents broken deployments
- **Speed**: Rust performance + parallel deployment
- **Safety**: Health checks ensure successful activation
- **Consistency**: Declarative configuration in flake
### ✅ **Operational Benefits**
- **Reduced downtime**: Atomic deployments with quick rollback
- **Error handling**: Sophisticated error recovery mechanisms
- **Audit trail**: Built-in deployment history tracking
- **Validation**: Pre and post-deployment checks
### ✅ **Scale Benefits**
- **Multi-machine**: Deploy entire infrastructure simultaneously
- **Efficiency**: Parallel operations reduce total deployment time
- **Resource management**: Better handling of resource conflicts
## Disadvantages & Limitations
### ❌ **Current Limitations**
- **Status monitoring**: No equivalent to `lab status` for infrastructure overview
- **Custom workflows**: Less flexible than shell scripts for custom operations
- **Learning curve**: Requires understanding deploy-rs configuration syntax
- **Debugging**: Rust binary vs readable shell script
- **Community size**: Smaller ecosystem compared to traditional tools
### ❌ **Home Lab Specific Concerns**
- **Overkill factor**: May be complex for 3-4 machine home lab
- **Customization**: Our `lab` tool has home lab specific features
- **Integration**: Would need to replicate status monitoring capabilities
- **Development workflow**: Less hackable than shell scripts
## Implementation Recommendations
### 🎯 **Hybrid Approach (Recommended)**
Keep the best of both tools:
1. **Use deploy-rs for deployments**:
```bash
lab deploy-rs sleeper-service # Use deploy-rs backend
lab deploy grey-area # Current shell script method
```
2. **Keep `lab` tool for status and management**:
```bash
lab status # Infrastructure overview
lab check sleeper-service # Health monitoring
lab logs grey-area # Log access
```
### 🔧 **Migration Strategy**
**Phase 1: Evaluation** (Current)
- Add deploy-rs configuration to flake
- Test deployment on non-critical machine
- Compare reliability and performance
**Phase 2: Gradual Adoption**
- Migrate stable machines to deploy-rs
- Keep custom `lab` commands for monitoring
- Maintain shell script fallback
**Phase 3: Integration**
- Enhance `lab` tool to use deploy-rs as backend
- Add deploy-rs specific features to `lab status`
- Maintain unified interface
### 📝 **Flake Integration Example**
```nix
# Add to flake.nix inputs
inputs.deploy-rs.url = "github:serokell/deploy-rs";
# Add to flake outputs
deploy = {
nodes = {
sleeper-service = {
hostname = "10.0.0.8"; # Or Tailscale hostname
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.sleeper-service;
sshUser = "sma";
sshOpts = ["-p" "22"];
fastConnection = false; # For home network
autoRollback = true;
magicRollback = true;
activationTimeout = 180;
confirmTimeout = 30;
};
};
};
};
# Health checks can reference systemd services
deploy.nodes.sleeper-service.profiles.system.activationTimeout = 240;
```
## Conclusion & Recommendation
### 🎯 **For Our Home Lab**
**deploy-rs is valuable for:**
- Production-quality deployments with rollback safety
- Parallel deployment when infrastructure grows
- Reduced risk of broken remote systems
- Professional deployment practices
**Our current `lab` tool excels at:**
- Home lab specific status monitoring
- Custom workflows and debugging
- Simple, hackable shell script approach
- Tailored for our specific infrastructure
### 📋 **Action Plan**
1. **Immediate**: Add deploy-rs configuration to flake (low effort, high learning)
2. **Short-term**: Test deploy-rs on sleeper-service alongside current method
3. **Medium-term**: Consider hybrid approach - deploy-rs for deployment, `lab` for monitoring
4. **Long-term**: Evaluate full migration based on home lab growth and complexity needs
**Verdict**: deploy-rs is a professional-grade tool that would enhance our deployment reliability. The hybrid approach allows us to benefit from deploy-rs's deployment safety while keeping our custom infrastructure monitoring capabilities.

300
research/gnu-stow.md Normal file
View file

@ -0,0 +1,300 @@
# GNU Stow Research Summary
## Overview
**GNU Stow** is a symlink farm manager that helps organize and deploy dotfiles and software packages. It creates symbolic links from a source directory to a target directory, making it ideal for managing dotfiles across multiple systems without copying files.
**Repository**: https://www.gnu.org/software/stow/
**Language**: Perl
**License**: GPL-3.0+
**Status**: Mature, stable, widely adopted
## Core Concept
Stow works by creating symbolic links from a "stow directory" (source) to a "target directory" (typically `$HOME`). Each subdirectory in the stow directory represents a "package" that can be independently stowed or unstowed.
```
dotfiles/ # Stow directory
├── zsh/ # Package: zsh configuration
│ └── .zshrc # Will link to ~/.zshrc
├── emacs/ # Package: emacs configuration
│ └── .emacs.d/ # Will link to ~/.emacs.d/
│ └── init.el
└── git/ # Package: git configuration
└── .gitconfig # Will link to ~/.gitconfig
```
## Key Features
### 🔗 **Symlink Management**
- **Non-destructive**: Creates symlinks without overwriting existing files
- **Conflict detection**: Warns about file conflicts before creating links
- **Tree folding**: Optimizes symlink structure for efficiency
- **Partial deployment**: Deploy only specific packages (e.g., just zsh config)
### 📦 **Package-Based Organization**
- **Modular structure**: Each application gets its own package directory
- **Selective deployment**: Install only needed configurations per machine
- **Easy maintenance**: Add/remove configurations without affecting others
- **Version control friendly**: Git can track each package independently
### 🛡️ **Safety Features**
- **Dry-run mode**: Preview what would be done without making changes
- **Conflict resolution**: Handles existing files and directories gracefully
- **Rollback capability**: Easy to unstow (remove) configurations
- **Target verification**: Ensures target directory exists and is writable
## Command Examples
```bash
# Basic stow operations
cd ~/dotfiles
stow zsh # Deploy zsh configuration
stow emacs git # Deploy multiple packages
stow --target=/opt/local mypackage # Custom target directory
# Management operations
stow --delete zsh # Remove zsh symlinks (unstow)
stow --restow emacs # Restow (unstow then stow again)
stow --simulate zsh # Dry run - show what would happen
# Advanced usage
stow --verbose zsh # Verbose output
stow --no-folding emacs # Disable tree folding optimization
stow --ignore='\.DS_Store' zsh # Ignore certain files
```
## Directory Structure Example
```
~/dotfiles/ # Stow directory
├── zsh/ # Package: ZSH
│ ├── .zshrc # → ~/.zshrc
│ └── .config/ # → ~/.config/
│ └── zsh/ # → ~/.config/zsh/
│ └── aliases.zsh # → ~/.config/zsh/aliases.zsh
├── emacs/ # Package: Emacs
│ ├── .emacs.d/ # → ~/.emacs.d/
│ │ ├── init.el # → ~/.emacs.d/init.el
│ │ └── config.org # → ~/.emacs.d/config.org
│ └── .config/ # → ~/.config/
│ └── emacs/ # → ~/.config/emacs/
├── git/ # Package: Git
│ ├── .gitconfig # → ~/.gitconfig
│ └── .gitignore_global # → ~/.gitignore_global
└── nixos/ # Package: NixOS-specific
└── .config/ # → ~/.config/
└── nixos/ # → ~/.config/nixos/
└── user.nix # → ~/.config/nixos/user.nix
```
## Comparison with Current Org-Mode Approach
| Feature | Current Org-Mode | GNU Stow |
|---------|------------------|----------|
| **Configuration format** | Literate programming | Traditional dotfiles |
| **Deployment method** | Tangle + copy/symlink | Automatic symlinking |
| **Documentation** | Embedded in code | Separate documentation |
| **Version control** | Single org file | Multiple files in packages |
| **Learning curve** | Steep (Emacs/Org) | Gentle (simple concept) |
| **Flexibility** | Very high | Moderate |
| **Maintenance** | Manual tangling | Automatic linking |
| **Cross-platform** | Excellent | Excellent |
| **NixOS integration** | Native | External tool |
## Advantages of GNU Stow
### ✅ **Simplicity & Reliability**
- **Minimal learning curve**: Understand symlinks = understand Stow
- **No dependencies**: Works on any Unix-like system with Perl
- **Predictable behavior**: Simple, well-defined symlink creation rules
- **Mature and stable**: Decades of development and testing
### ✅ **Flexible Organization**
- **Package-based**: Logical separation of application configurations
- **Selective deployment**: Deploy only needed configs per machine
- **Easy experimentation**: Test new configs without affecting others
- **Conflict handling**: Safe deployment with conflict detection
### ✅ **Version Control Benefits**
- **Git-friendly**: Each package can be tracked separately
- **Branching**: Different branches for different machine types
- **History**: Track changes to individual application configs
- **Collaboration**: Easy to share specific application configurations
### ✅ **Multi-Machine Management**
```bash
# Different configs for different machine types
stow --target=/home/geir desktop # Desktop-specific configs
stow --target=/home/sma server # Server-specific configs
# Machine-specific packages
dotfiles/
├── desktop-geir/ # Only for desktop user geir
├── server-sma/ # Only for server user sma
└── common/ # Shared configurations
```
## Disadvantages & Limitations
### ❌ **Compared to Org-Mode Approach**
- **No literate programming**: Configuration and documentation separate
- **Less integration**: Not as tightly integrated with Emacs workflow
- **File-based**: No ability to generate configs from templates
- **Static configuration**: Less dynamic than org-mode tangling
### ❌ **General Limitations**
- **Symlink visibility**: Some applications don't handle symlinks well
- **Permission issues**: Target directory permissions must be correct
- **Perl dependency**: Requires Perl runtime (usually not an issue)
- **No config generation**: Can't generate configs based on system state
## Integration with Current NixOS Setup
### 🎯 **Hybrid Approach Options**
**Option 1: Stow for Traditional Dotfiles**
```bash
# Keep org-mode for complex Emacs config
# Use Stow for simple dotfiles
dotfiles/
├── emacs.org # Keep current literate approach
├── zsh/ # Simple dotfiles via Stow
│ └── .zshrc
└── git/
└── .gitconfig
```
**Option 2: User-Specific Deployment**
```bash
# Different approaches per user
~/dotfiles-geir/ # Org-mode for desktop user
~/dotfiles-sma/ # Stow for server user (simpler configs)
```
**Option 3: NixOS + Stow Integration**
```nix
# In NixOS configuration
environment.systemPackages = [ pkgs.stow ];
# User activation script
system.userActivationScripts.stow-dotfiles = ''
cd /home/geir/dotfiles
${pkgs.stow}/bin/stow --target=/home/geir common zsh git
'';
```
### 🔧 **Implementation Strategies**
**For Server Configurations (sma user):**
- Simple, minimal dotfiles via Stow
- Basic shell, git, and utility configurations
- No complex literate programming needed
**For Desktop Configurations (geir user):**
- Keep org-mode for Emacs (complex, well-integrated)
- Consider Stow for simpler applications (git, zsh aliases)
- Hybrid approach based on complexity
## Practical Examples
### 📝 **Basic Setup**
```bash
# Initialize dotfiles repository
mkdir ~/dotfiles
cd ~/dotfiles
# Create package structure
mkdir -p zsh git emacs
# Add configurations
echo 'alias ll="ls -la"' > zsh/.zshrc
echo '[user]
name = Geir Okkenhaug Jerstad
email = geir@geokkjer.eu' > git/.gitconfig
# Deploy configurations
stow zsh git
```
### 🏠 **Home Lab Specific Usage**
```bash
# Machine-specific dotfiles
dotfiles/
├── server-common/ # Shared server configs
│ ├── .zshrc
│ └── .vimrc
├── sleeper-service/ # NFS-specific configs
│ └── .config/
│ └── nfs/
└── grey-area/ # Git server specific
└── .gitconfig
# Deploy on sleeper-service
stow server-common sleeper-service
# Deploy on grey-area
stow server-common grey-area
```
### 🔄 **Migration Strategy**
```bash
# Phase 1: Extract simple configs from org-mode
emacs config.org
# Tangle simple configs to separate files
# Create Stow packages for extracted configs
# Phase 2: Test Stow deployment
stow --simulate zsh # Test before applying
stow zsh # Deploy if tests pass
# Phase 3: Maintain hybrid approach
# Keep org-mode for complex configs (Emacs)
# Use Stow for simple configs (shell, git)
```
## Integration with Current Workflow
### 🎯 **Recommended Approach for Home Lab**
**Keep Current Org-Mode For:**
- Emacs configuration (complex, well-integrated)
- Complex, documented configurations
- Configurations that benefit from literate programming
**Use GNU Stow For:**
- Server user (sma) configurations
- Simple shell configurations
- Git configurations
- Application-specific dotfiles that don't need documentation
**Implementation Plan:**
1. **Create stow repository** for server configs
2. **Test on sleeper-service** with sma user
3. **Gradually migrate** simple configs from org-mode
4. **Maintain hybrid approach** based on complexity needs
## Conclusion & Recommendation
### 🎯 **For Our Home Lab Context**
**GNU Stow is excellent for:**
- Server configurations (sma user)
- Simple, stable dotfiles
- Multi-machine deployments
- Configurations that don't need complex documentation
**Current org-mode approach excels for:**
- Complex Emacs configurations
- Documented, literate configurations
- Generated configurations
- Desktop user (geir) complex setups
### 📋 **Action Plan**
1. **Immediate**: Create stow-based dotfiles repository for server users
2. **Short-term**: Deploy simple sma user configs via Stow on sleeper-service
3. **Medium-term**: Evaluate migration of simple configs from org-mode
4. **Long-term**: Maintain hybrid approach - Stow for simple, org-mode for complex
**Verdict**: GNU Stow is an excellent complement to our current org-mode approach. Use Stow for simple, server-side configurations while keeping org-mode for complex desktop configurations. This provides the best of both worlds - simplicity where appropriate, power where needed.

0
users/README.md
View file