No description

Find a file

xqtc 39a26ff80b nix flake update		2025-07-11 23:45:28 +02:00
.forgejo/workflows	add nix flake update pipeline	2025-04-13 11:20:42 +02:00
common	nix fmt	2025-06-01 14:08:00 +02:00
hosts	Add navidrome stuff; rekey	2025-07-04 22:39:08 +02:00
secrets	Add navidrome stuff; rekey	2025-07-04 22:39:08 +02:00
.gitignore	add pre-commit-hooks	2025-06-07 13:49:05 +02:00
flake.lock	nix flake update	2025-07-11 23:45:28 +02:00
flake.nix	Add navidrome stuff; rekey	2025-07-04 22:39:08 +02:00
justfile	nix fmt; idk anymore	2025-04-10 17:12:12 +02:00
known_hosts.nix	nix fmt	2025-06-01 14:08:00 +02:00
README.md	make postgres server lxc	2025-06-08 12:33:34 +02:00
ryuko-nix.png	stuff	2025-05-10 19:04:34 +02:00
statix.toml	add statix.toml	2025-06-07 14:51:02 +02:00
topology.graph	update topology graph	2025-05-10 22:40:44 +02:00

README.md

Ryuko Nix Hive

This flake describes all NixOS hosts deployed on ryuko.

Hosts

./hosts/
- caddy/: Our reverse proxy handling incoming HTTP requests.
- grafana/: Our grafana host and prometheus scraper.
- dns1/: Our primary authorative DNS server handling the ip.ryuko.suizid.jetzt zone.
- dns2/,dns3: Secondary DNS servers to dns1/.
- psql1/: Our PostgreSQL DB server.
- vaultwarden/: A vaultwarden instance.

Bootstrapping a new VM

Create VM

Make sure to enable discard for all drives and to select the vmbr1 network in order to get a DHCP lease from our OPNsense router.

Go to the console tab and set a password for the root user

TODO: Build custom NixOS installer ISO with SSH keys configured

From your terminal run

nixos-anywhere --flake .#<YOUR OUTPUT> root@<DHCP LEASE> --generate-hardware-config nixos-generate-config ./hosts/<YOUR HOST>/hardware-configuration.nix --phases disko,install

Reboot VM
Add VM to colmena hive output
Add VM's systemc ssh ed25519 key to secrets/secrets.nix

Pre-commit hooks

This repository utilizes pre-commit hooks. To install them just run nix develop.