72 commits

Author	SHA1	Message	Date
Geir Okkenhaug Jerstad	e69fd5856f	some small notes	2025-06-06 12:22:53 +02:00
Geir Okkenhaug Jerstad	7c650856f2	feat: Complete sleeper-service deployment with ZFS and network fixes ... ✅ Major deployment milestone achieved: **sleeper-service Configuration:** - Successfully deployed flake-based NixOS on Intel Xeon file server - Resolved ZFS mounting conflicts causing boot failures - Implemented ZFS native mounting (/mnt/storage, /mnt/storage/media) - Added Pi-hole DNS integration (10.0.0.14) for package resolution - Configured systemd-networkd with static IP (10.0.0.8) - System boots cleanly in ~1 minute with ZFS auto-mounting **Infrastructure Updates:** - SSH key management deployed and operational - Network configuration with multi-tier DNS (Pi-hole, router, Google) - NFS server configuration for network storage - Data preservation verified: 903GB ZFS pool intact **Technical Solutions:** - Added nomodeset kernel parameter for graphics compatibility - Disabled NVIDIA drivers for headless server operation - Removed conflicting ZFS entries from hardware-configuration.nix - Established remote deployment workflow via rsync + SSH **Documentation:** - Updated plan.md with deployment status and lessons learned - Added deployment commands and troubleshooting notes - Documented ZFS native mounting migration process **Data Verified:** - Films: 184GB, Series: 612GB, Audiobooks: 94GB, Music: 9.1GB, Books: 3.5GB - Storage pool: 903GB used, 896GB available - All media accessible via proper ZFS auto-mounting This represents the first successful multi-machine flake deployment in the home lab infrastructure migration.	2025-06-06 11:21:12 +02:00
Geir Okkenhaug Jerstad	c392df4a93	Add ZFS support to sleeper-service ... - Replace ext4 with ZFS pool 'filepool' for enhanced data integrity - Add ZFS auto-scrub and TRIM services for file server - Configure proper ZFS datasets: root, nix, var, storage - Add networking hostId (a1b2c3d4) required for ZFS - Update NFS and Transmission to use ZFS mount points - Change file ownership to 'sma' user for server configuration - Add comprehensive ZFS setup documentation Ready for deployment with proper file server storage backend.	2025-06-05 17:16:32 +02:00
Geir Okkenhaug Jerstad	88638827c3	fix: temporarily disable Transmission due to build issues ... - Disable Transmission service due to compilation errors in unstable - Keep download directory creation for future re-enablement - Remove Transmission firewall port (9091) from sleeper-service - Focus on deploying NFS server functionality first This allows sleeper-service deployment to proceed with NFS services while Transmission package issues are resolved upstream.	2025-06-05 17:04:29 +02:00
Geir Okkenhaug Jerstad	2530b918ca	fix: resolve configuration conflicts ... - Fixed networking defaultGateway interface specification for sleeper-service - Resolved shell alias conflict between geir and sma users - Changed sma aliases from 'lab' to 'homelab' to avoid conflict	2025-06-05 16:33:29 +02:00
Geir Okkenhaug Jerstad	6fe8cdb790	feat: add NFS server and Transmission service to sleeper-service ... - Created modules/services/nfs.nix for network file sharing - Updated sleeper-service configuration with NFS and Transmission - Fixed SSH key management to use direct key configuration - Updated hardware-configuration to use sleeper-service hostname - Added firewall ports for Transmission RPC (9091)	2025-06-05 16:31:09 +02:00
Geir Okkenhaug Jerstad	77e6b9a501	feat: Implement two-key SSH management strategy ... - Add modules/security/ssh-keys.nix for centralized SSH key management - Generate role-specific SSH keys with geir@geokkjer.eu email: - Admin key (geir@geokkjer.eu-admin) for sma user server access - Development key (geir@geokkjer.eu-dev) for geir user and git services - Update SSH client config with role-based host patterns - Configure users/geir.nix and users/sma.nix with appropriate key access - Add SSH key setup to both machine configurations - Create scripts/setup-ssh-keys.sh for key generation automation - Update plan.md with completed SSH security implementation Security benefits: - Principle of least privilege (separate admin vs dev access) - Limited blast radius if keys are compromised - Clear usage patterns: ssh admin-sleeper vs ssh geir@sleeper-service.home - Maintains compatibility with existing services during transition	2025-06-05 16:25:33 +02:00
Geir Okkenhaug Jerstad	6a3a3abc48	feat: Complete sleeper-service systemd-networkd configuration ... - Update sleeper-service to use systemd-networkd with static IP (10.0.0.8/24) - Configure proper gateway (10.0.0.138) and DNS (Pi-hole, router, Google) - Add NFS and SMB firewall ports for file server services - Document network topology discovery results in plan.md - Update network module README with current configuration status Based on nmap network discovery and Context7 NixOS systemd-networkd documentation. Configuration ready for deployment to existing files.home machine.	2025-06-05 15:44:07 +02:00
Geir Okkenhaug Jerstad	05b81f93b7	Clean up networking configuration structure ... - Remove leftover networking.nix files from machine directories - ZFS configuration moved to machine-specific configuration where it belongs - Network module now contains only networking-related configuration - Improved separation of concerns between network and machine configs	2025-06-05 15:08:22 +02:00
Geir Okkenhaug Jerstad	73998431e8	updated readme	2025-06-05 15:04:47 +02:00
Geir Okkenhaug Jerstad	7224ea4bd4	updated readme	2025-06-05 14:59:45 +02:00
Geir Okkenhaug Jerstad	2940b85b60	Restructure networking configuration to per-machine modules ... - Move networking configs to modules/network/ directory - Create network-<machine-name>.nix files for each machine - Add common.nix for shared networking configuration - Update import paths in machine configurations - Reduce duplication by using common networking settings Network modules: - modules/network/common.nix: Shared settings (nftables, SSH, tailscale) - modules/network/network-congenital-optimist.nix: Workstation specific - modules/network/network-sleeper-service.nix: File server specific	2025-06-05 14:54:27 +02:00
Geir Okkenhaug Jerstad	a022b96189	Add GitHub mirror setup and improved git aliases ... - Fix typo in nix-store alias - Add git-push-all alias to push to both origin and github remotes - Add git-status-all alias to check status on both remotes - Set up GitHub mirror at https://github.com/geokkjer/Home-lab	2025-06-05 11:26:36 +02:00
Geir Okkenhaug Jerstad	d5bf6cfbf3	added node npm npx from nix	2025-06-05 11:06:38 +02:00
Geir Okkenhaug Jerstad	27ca6579d1	switched to zoxide to test it	2025-06-05 10:55:36 +02:00
Geir Okkenhaug Jerstad	0efcfba0b3	zshrc moved to nix conf	2025-06-05 10:38:16 +02:00
Geir Okkenhaug Jerstad	5b3a058e7e	Update user packages: Replace lolcat with clolcat for better performance ... - Added clolcat package to geir's user packages - clolcat provides faster rainbow text output compared to lolcat	2025-06-05 09:37:20 +02:00
Geir Okkenhaug Jerstad	e8e292c8eb	feat: System update and direnv fixes ... - Updated flake.lock to latest NixOS 25.05 packages (2025-06-04) - Fixed direnv functionality across system configuration - Added direnv and nix-direnv packages to base.nix - Integrated direnv shell hook in zsh configuration - Enhanced user management with geir.nix updates - Added comprehensive package lists and development tools - Successfully tested NixOS configuration rebuild - System ready for reboot with latest updates	2025-06-05 09:32:58 +02:00
Geir Okkenhaug Jerstad	acaa8234c2	small update to user configurations	2025-06-05 08:33:40 +02:00
Geir Okkenhaug Jerstad	ec9efc5ca1	feat: create modular user configurations ... ∙ ∙ User Accounts: ∙ ✅ geir - Primary user (development, desktop, multimedia) ∙ ✅ sma - Admin user (Diziet Sma, system administration) ∙ ✅ common.nix - Shared user settings and security ∙ ∙ Key Features: ∙ 🔧 Culture character naming (sma = Diziet Sma, SC agent) ∙ 🔒 Security-focused admin account (SSH keys only, passwordless sudo) ∙ 🛠<fe0f> Development-focused primary user (containers, virtualization, creative tools) ∙ 📦 Modern CLI tools and shell enhancements ∙ 🎯 Role-based package selection and group memberships ∙ ∙ Security Model: ∙ - SSH key authentication for admin users ∙ - Separate admin and daily-use accounts ∙ - Principle of least privilege ∙ - No root login allowed ∙ ∙ Integration: ∙ - Container runtime access (podman, incus) ∙ - Virtualization management (libvirt, virt-manager) ∙ - Development workflow (git, editors, languages) ∙ - Desktop environments (GNOME, Cosmic, Sway) ∙ ∙ Ready for machine-specific deployment across home lab infrastructure.	2025-06-04 16:56:22 +02:00
Geir Okkenhaug Jerstad	02fbaa761a	feat: create modular user configurations ... User Accounts: ✅ geir - Primary user (development, desktop, multimedia) ✅ sma - Admin user (Diziet Sma, system administration) ✅ common.nix - Shared user settings and security Key Features: 🔧 Culture character naming (sma = Diziet Sma, SC agent) 🔒 Security-focused admin account (SSH keys only, passwordless sudo) 🛠️ Development-focused primary user (containers, virtualization, creative tools) 📦 Modern CLI tools and shell enhancements 🎯 Role-based package selection and group memberships Security Model: - SSH key authentication for admin users - Separate admin and daily-use accounts - Principle of least privilege - No root login allowed Integration: - Container runtime access (podman, incus) - Virtualization management (libvirt, virt-manager) - Development workflow (git, editors, languages) - Desktop environments (GNOME, Cosmic, Sway) Ready for machine-specific deployment across home lab infrastructure.	2025-06-04 16:54:47 +02:00
Geir Okkenhaug Jerstad	f30013723e	feat: initial NixOS home lab infrastructure setup ... - Add modular flake-based NixOS configuration - Implement GitOps foundation with CI/CD pipeline - Create comprehensive documentation and branching strategy - Add modular desktop environments (GNOME, Cosmic, Sway) - Configure virtualization stack (Incus, Libvirt, Podman) - Set up development tools and hardware-specific modules - Establish user configuration with literate programming support This commit represents the completion of Phase 1: Flakes Migration with modular configuration, virtualization, and GitOps foundation.	2025-06-04 16:10:13 +02:00