Recently I have been playing around with running a homelab directly on a NixOS machine without kubernetes. I didn’t want to bother to have to setup certificates using Traefik (DNS challenge) and Cloudflare. I wanted to use the certificate that comes with Tailscale (wireguard VPN I use to connect to my home lab). In this post I will show you how I set this up as a Nix module. Nix Let us look at the relevant Nix code. ...
Background This series is a continuation of the other series. I have since updated my home lab, removing the RPIs and replacing them with some mini pcs. As part of this change I am now using deploy-rs instead of colmena. As its easier to integrate into my own flake, and it won’t roll out the change if breaks the networking, i.e. you cannot ssh to the machine. Why move away from Pulumi? As per the title of this post of the most significant changes I have made it moving my Kubernetes config from Pulumi to fluxcd. Pulumi I suspect is great for deploying infrastructure but became painful for managing the YAML config for the k3s cluster. ...