xqtc/ryuko-nix
xqtc/ryuko-nix
2
1
Fork 1
Code Issues 1 Pull requests 8 Projects Releases Packages Wiki Activity Actions
No description
148 commits 10 branches 0 tags 2.7 MiB
Find a file
Exact
xqtc cd9c78790d Merge pull request 'add X-Clacks-Overhead header to marie.software' (#26) from marie/ryuko-nix:marie/xclacksoverhead into main 
Reviewed-on: #26
2025-11-18 19:35:40 +01:00
.forgejo/workflows Merge branch 'main' into renovate/https-github.com-peter-evans-create-pull-request-7.x 2025-08-16 13:16:07 +02:00
.iwe i don't even know anymore 2025-10-15 20:12:10 +02:00
common add cache.suizid.jetzt 2025-11-04 21:26:25 +01:00
hosts add X-Clacks-Overhead header to marie.software 2025-11-18 19:31:16 +01:00
kubernetes Update Helm release kube-prometheus-stack to v76.5.1 2025-08-22 20:30:11 +02:00
notes i don't even know anymore 2025-10-15 20:12:10 +02:00
secrets hydra stuff 2025-11-02 03:11:30 +01:00
.gitignore add pre-commit-hooks 2025-06-07 13:49:05 +02:00
flake.lock add minecraft server 2025-11-09 14:34:56 +01:00
flake.nix add minecraft server 2025-11-09 14:34:56 +01:00
harmonia.pub hydra stuff 2025-11-02 03:11:30 +01:00
justfile nix fmt; idk anymore 2025-04-10 17:12:12 +02:00
known_hosts.nix nix fmt 2025-06-01 14:08:00 +02:00
README.md make postgres server lxc 2025-06-08 12:33:34 +02:00
renovate.json Migrate config renovate.json 2025-08-16 12:50:12 +02:00
ryuko-nix.png stuff 2025-05-10 19:04:34 +02:00
statix.toml add statix.toml 2025-06-07 14:51:02 +02:00
topology.graph update topology graph 2025-05-10 22:40:44 +02:00

README.md

Ryuko Nix Hive

This flake describes all NixOS hosts deployed on ryuko.

Hosts

  • ./hosts/
    • caddy/: Our reverse proxy handling incoming HTTP requests.
    • grafana/: Our grafana host and prometheus scraper.
    • dns1/: Our primary authorative DNS server handling the ip.ryuko.suizid.jetzt zone.
    • dns2/,dns3: Secondary DNS servers to dns1/.
    • psql1/: Our PostgreSQL DB server.
    • vaultwarden/: A vaultwarden instance.

Bootstrapping a new VM

  1. Create VM
  • Make sure to enable discard for all drives and to select the vmbr1 network in order to get a DHCP lease from our OPNsense router.
  1. Go to the console tab and set a password for the root user

TODO: Build custom NixOS installer ISO with SSH keys configured

  1. From your terminal run
nixos-anywhere --flake .#<YOUR OUTPUT> root@<DHCP LEASE> --generate-hardware-config nixos-generate-config ./hosts/<YOUR HOST>/hardware-configuration.nix --phases disko,install
  1. Reboot VM
  2. Add VM to colmena hive output
  3. Add VM's systemc ssh ed25519 key to secrets/secrets.nix

Pre-commit hooks

This repository utilizes pre-commit hooks. To install them just run nix develop.