Background So I have a small home lab, where I have a few random things running, like a GitLab CI runner, a media server etc. All my home lab servers (3 of them) are running NixOS and are defined within my Nix flake what services they run.
For example: https://gitlab.com/hmajid2301/nixicle/-/blob/main/systems/x86_64-linux/ms01/default.nix?ref_type=heads
They are set up using nixos-anywhere like most of my other services. Then using deploy-rs we can ssh onto our home lab servers and deploy nix config, i.e. updating packages.
...
Recently I have been playing around with running a homelab directly on a NixOS machine without kubernetes. I didn’t want to bother to have to setup certificates using Traefik (DNS challenge) and Cloudflare. I wanted to use the certificate that comes with Tailscale (wireguard VPN I use to connect to my home lab).
In this post I will show you how I set this up as a Nix module.
Nix Let us look at the relevant Nix code.
...
Background This series is a continuation of the other series. I have since updated my home lab, removing the RPIs and replacing them with some mini pcs.
As part of this change I am now using deploy-rs instead of colmena. As its easier to integrate into my own flake, and it won’t roll out the change if breaks the networking, i.e. you cannot ssh to the machine.
Why move away from Pulumi? As per the title of this post of the most significant changes I have made it moving my Kubernetes config from Pulumi to fluxcd. Pulumi I suspect is great for deploying infrastructure but became painful for managing the YAML config for the k3s cluster.
...