7c650856f2
Some checks are pending
🏠 Home Lab CI/CD Pipeline / 🔍 Validate Configuration (push) Waiting to run
🏠 Home Lab CI/CD Pipeline / 🔨 Build Configurations (push) Blocked by required conditions
🏠 Home Lab CI/CD Pipeline / 🔒 Security Audit (push) Blocked by required conditions
🏠 Home Lab CI/CD Pipeline / 📚 Documentation & Modules (push) Blocked by required conditions
🏠 Home Lab CI/CD Pipeline / 🔄 Update Dependencies (push) Waiting to run
🏠 Home Lab CI/CD Pipeline / 🚀 Deploy Configuration (push) Blocked by required conditions
🏠 Home Lab CI/CD Pipeline / 📢 Notify Results (push) Blocked by required conditions
✅ Major deployment milestone achieved:
**sleeper-service Configuration:**
- Successfully deployed flake-based NixOS on Intel Xeon file server
- Resolved ZFS mounting conflicts causing boot failures
- Implemented ZFS native mounting (/mnt/storage, /mnt/storage/media)
- Added Pi-hole DNS integration (10.0.0.14) for package resolution
- Configured systemd-networkd with static IP (10.0.0.8)
- System boots cleanly in ~1 minute with ZFS auto-mounting
**Infrastructure Updates:**
- SSH key management deployed and operational
- Network configuration with multi-tier DNS (Pi-hole, router, Google)
- NFS server configuration for network storage
- Data preservation verified: 903GB ZFS pool intact
**Technical Solutions:**
- Added nomodeset kernel parameter for graphics compatibility
- Disabled NVIDIA drivers for headless server operation
- Removed conflicting ZFS entries from hardware-configuration.nix
- Established remote deployment workflow via rsync + SSH
**Documentation:**
- Updated plan.md with deployment status and lessons learned
- Added deployment commands and troubleshooting notes
- Documented ZFS native mounting migration process
**Data Verified:**
- Films: 184GB, Series: 612GB, Audiobooks: 94GB, Music: 9.1GB, Books: 3.5GB
- Storage pool: 903GB used, 896GB available
- All media accessible via proper ZFS auto-mounting
This represents the first successful multi-machine flake deployment in the home lab infrastructure migration.
97 lines
2.3 KiB
Nix
97 lines
2.3 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
{
|
|
imports =
|
|
[ # Include the results of the hardware scan.
|
|
./hardware-configuration.nix
|
|
./starship.nix
|
|
./aliases.nix
|
|
./podman.nix
|
|
./libvirt.nix
|
|
./incus.nix
|
|
./jellyfin.nix
|
|
./tailscale.nix
|
|
./calibre-web.nix
|
|
./audiobook.nix
|
|
#./ollama.nix
|
|
./forgejo.nix
|
|
];
|
|
|
|
# Swap zram
|
|
zramSwap = {
|
|
enable = true;
|
|
algorithm = "zstd";
|
|
};
|
|
# Use the GRUB 2 boot loader.
|
|
boot.loader.grub.enable = true;
|
|
boot.loader.grub.efiSupport = true;
|
|
boot.loader.grub.efiInstallAsRemovable = true;
|
|
boot.loader.efi.efiSysMountPoint = "/boot/";
|
|
boot.loader.grub.device = "nodev";
|
|
|
|
# Disks and Updates
|
|
services.fstrim.enable = true;
|
|
|
|
# Mount remote filesystem
|
|
fileSystems."/mnt/remote/media" = {
|
|
device = "sleeper-service:/mnt/storage";
|
|
fsType = "nfs";
|
|
options = [ "x-systemd.automount" ];
|
|
};
|
|
|
|
# Enable all unfree hardware support.
|
|
hardware.firmware = with pkgs; [ firmwareLinuxNonfree ];
|
|
hardware.enableAllFirmware = true;
|
|
hardware.enableRedistributableFirmware = true;
|
|
nixpkgs.config.allowUnfree = true;
|
|
services.fwupd.enable = true;
|
|
|
|
# Networking
|
|
networking.hostName = "apps";
|
|
networking.networkmanager.enable = true;
|
|
|
|
# Set your time zone.
|
|
time.timeZone = "Europe/Oslo";
|
|
|
|
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
console = {
|
|
font = "Lat2-Terminus16";
|
|
keyMap = "no";
|
|
};
|
|
|
|
users.users.geir = {
|
|
isNormalUser = true;
|
|
extraGroups = [ "wheel"
|
|
"networkmanager"
|
|
"libvirt"
|
|
"podman"
|
|
"incus-admin"
|
|
];
|
|
packages = with pkgs; [
|
|
bottom fastfetch nerdfetch
|
|
];
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
neovim emacs nano curl htop glances kitty
|
|
wget git inxi nethogs fastfetch
|
|
];
|
|
|
|
# Enable the OpenSSH daemon.
|
|
services.openssh.enable = true;
|
|
services.openssh.settings.PermitRootLogin = "no";
|
|
services.openssh.settings.PasswordAuthentication = true;
|
|
|
|
|
|
# Enable Netdata
|
|
services.netdata.enable = true;
|
|
|
|
# Firewall
|
|
networking.firewall.enable = true;
|
|
networking.firewall.allowedTCPPorts = [ 22 19999 23231];
|
|
networking.firewall.allowedUDPPorts = [ 22 23231 ];
|
|
networking.nftables.enable = true;
|
|
system.stateVersion = "23.05";
|
|
|
|
}
|