How to Set up Cloudflare Tunnels With Traefik (In NixOS)

Recently, I was setting up Navidrome, kind of like a self-hosted Spotify, in my home lab and I wanted to set it up to use proxy auth in Authentik. But to do this I needed to use with a reverse proxy, i.e. Traefik. In this article I will show you how to you can point your Cloudflare tunnel to Traefik and have that forward the request to the service. Prerequisite In this article, I assume you are already familiar with Cloudflare Tunnels and Traefik. ...

How to Set up Authentik Forward Auth With Traefik on NixOS

In this post, I will show you how you can set up forward auth for a single host in Authentik, with Traefik as our reverse proxy on NixOS. This is particularly useful way to protect apps that don’t have any built in auth. Authentik is a great app which can handle authentication for almost all of our home lab. So we only need to log in with Authentik, to log in to any of our apps. ...

Setup TLS Certificate With Traefik & Tailscale on NixOS

Recently I have been playing around with running a homelab directly on a NixOS machine without kubernetes. I didn’t want to bother to have to setup certificates using Traefik (DNS challenge) and Cloudflare. I wanted to use the certificate that comes with Tailscale (wireguard VPN I use to connect to my home lab). In this post I will show you how I set this up as a Nix module. Nix Let us look at the relevant Nix code. ...

How I Set up BTRFS and LUKS on NixOS Using Disko

In this post, I will show you how you can declaratively partition our drives using Nix(OS). TL;DR; We can use a tool called disko to partition our drives declaratively and combine it with NixOS anywhere for a remote install. Showing an example setting up LUKS encryption with BTRFS file system. Background If you’re like me, then when you started playing with NixOS, You found yourself constantly reinstalling it and starting again. ...

How I Fixed Hibernate on My NixOS Machine

tl:dr; Wi-Fi drivers were stopping the PC from suspending. I am using an Ethernet cable to connect my PC. So didn’t need the Wi-Fi drivers. By adding them to a blocklist. I think you only need the 2nd one in the list. { boot.blacklistedKernelModules = [ "ath12k_pci" "ath12k" ]; } Recently, I upgraded my PC to an am5 machine with an X670E Gigabyte motherboard. However, when I did this hibernate was left broken, alongside suspend. ...

How To Create A Custom NixOS ISO

Introduction In this post, I will show you how you can create a custom NixOS ISO image, using our normal nix configuration as if it another machine/device. Some of you may be wondering why you want to do that vs using the normal ISO. Particular for installing on my machines I would like to have my device setup in one go, rather than previously I would install using the normal ISO, then clone my dot files and build my config again. ...

TIL: How to fix being unable to change locations in Mullvad VPN on NixOS

Recently, I was unable to change the location on my Mullvad VPN from other thing other than sweden. Even using the mullvad cli tool I would keep getting errors like: invalid argument for type conversion: missing custom lists settings it turned out to somehow a mismatch in versions where everything was running 2023.6 but my mullvad cli was using 2023.5. So I ended up fixing this by changing my config to: ...

TIL: How to Use Tailscale to Connect to K3S PI Cluster

TIL: How to Use Tailscale to Connect to K3S PI Cluster So what do we do if want to connect to our K3S cluster running our RPIs, but we are not on the same network/at home. Well we can look to use a VPN, in this article we will be using tailscale. It is super easy to setup on NixOS, and we need very little config for Tailscale. It also has a generous free tier, which will be more than enough for our home lab use case. ...

How to Deploy K3s With Colmena on Pi Cluster

In this post, we will go over how we can deploy K3S on our PI cluster we have set up. Which is running NixOS, and we can also pass secrets using sops nix based on the previous parts of this series. Some of you maybe wondering what is K3S, it is a Kubernetes distribution which is tiny i.e. the binary is only 50 MB. It also has fewer dependencies. Make it perfect our PI cluster and home lab and IoT apps. ...

TIL: How to Fix a NTFS Drive on NixOS

TIL: How to NTFS Drive on NixOS Recently, I was trying to open an NTFS drive on my NixOS machine; however, the drive was corrupted. So I did the following to fix the drive. nix-shell -p ntfs3g ntfsfix /dev/sda1 Where /dev/sda1 is the broken drive. This was enough for me to be able to mount the drive and access the files on it. I didn’t need to fix it on a Window machine. ...

TIL: How to Use Sops Nix With Colmena

TIL: How to Use Sops Nix With Colmena If we are using colmena, how can we set it up when we deploy a secret, for example when deploying k3s the token? i.e. services.k3s.tokenFile = "/my.token";. So to do this first, I will assume you already have a colmena config and sops-nix setup in your config. First, let’s set up our hosts, in this case RPIs which already come /etc/ssh/ssh_host_ed25519_key ssh key we can turn to an age key, i. ...

How I Manage My Raspberry Pi Cluster Using Colmena

So in the previous article I showed you how I had set up my 4 RPI (Raspberry Pi) cluster and put NixOS on the machines. They are now connectable over SSH using just their hostnames, i.e. ssh [email protected]. Initially we deployed NixOS and a basic configuration to each of the RPIs manually. We want to automate this process rather than deploying to each machine manually. I looked at bento, but couldn’t quite work out how to make it work for my use case. ...

How I Setup My Raspberry Pi Cluster With Nixos

Background Recently, I proceeded to experiment with some Raspberry PIs (RPI) that I had lying around. I wanted to do something with them, so I decided I would turn them into a k8s cluster and put various random tools that might be nice to have on it. Such as a GitLab runner, Jellyfin media server & pi hole for ad blocking. Hardware The list below shows the things I used to set up my rpi cluster. ...

Part 3: Hyprland as Part of Your Development Workflow

Preamble Now we have looked at our choice of hardware, which OS to use and specifically, how to configure NixOS (at a high-level), using a git repository. In this part, we will go over which window manager to use. There are two main types we could use here. Either a desktop environment like Gnome or KDE. Which comes with batteries included, it provides us with everything we need and we don’t need to configure much to get stuff working. ...

How Can You Export Your Atuin History to Fish History?

I have made an post in the past about how you can set up Atuin to sync share history across multiple devices. Whilst this works great and does the job, fish shell doesn’t have the same history that Atuin does. Sometimes we want to have better suggestions in Fish. For example, when you start to type fish shell will suggest the last command in your history that best matches what you are typing (see example below). ...

How to Setup a Go Development Shell With Nix Flakes

As you may know, I have been using Nix/NixOS for the last few months. I finally started doing some development, after spending lots and lots and lots of time tweaking my setup (and neovim). As part of starting to do some real development work, I am now trying to leverage devshells with Nix flakes. I like the concept of Nix devshells, I have tried using Docker dev containers in the past, but the issue I had with those was adding my tools such as shell (fish) or cli tools was not easy. ...

Part 2: How to Setup Nixos as Part of Your Development Workflow

Premable In this second part of the series, we will look at how we can not set up NixOS past installation. How we can install software and various other tools. After part 1 we should have NixOS installed, mind you since I’ve written that blog post I found a way to create a custom ISO image from my Nix config. This ISO contains a custom install script, the main advantage being able to use a tool called disko to partition our disks. ...

Setup Ventoy on Nixos

Introduction Typically when we want to install a new OS we use an ISO to create a bootable USB drive. We can then plug this into our device, say laptop, and boot from that USB and install our OS. However, typically you can only put a single ISO on a USB. So what if wanted a USB with say Window, Arch Linux, TailsOS and NixOS how could we do that? ...

My NixOS Dotfiles Explained

In this post, we will just go over the basics of how we can configure our setup using a git repo, nix flakes and home-manager. I will go over how I structured my nix config. Not an in-depth tutorial Note this will not be an in-depth guide into NixOS/Home Manager itself. That could well be a series on its own. We will just go over the main ways I configure NixOS/Nix and why I do it the way I do. ...

TIL: How to get Kanshi to work on NixOS and Hyprland

TIL: How to get Kanshi to work on NixOS and Hyprland I have been using Kanshi to setup my monitor setups automagically depending on which monitors are plugged i.e. if my laptop is docked or not. If it is docked I want my laptop display to be off, when not docked I want it to be on. So my kanshi config file ~/.config/kanshi/config to look something like: I use the name of my monitors as the ports they are plugged into my vary. ...

Part 1: NixOS as part of your Development Workflow

Introduction Dev Machine My main machine for development at the moment is a 12th Generation Intel Framework Laptop. This series has been inspired by Dev Workflow Intro by Josh Medeski. In this series of posts, I will go over how I have set up my developer workflow and explain why I have made certain decisions and why I use certain tools. This series aim to make it less daunting for you to start your journey on improving your developer workflow. ...

Update Nix Packages Using update-nix-fetchgit

Recently I’ve been trying to work out how to update packages that I define declaratively in my Nix config. I think I figured out how to do it using my Nix flake. By running nix flake update and then sudo nixos-rebuild switch --flake ~/dotfiles#framework to update the packages. However, I have some plugins say for tmux which are defined like so: t-smart-manager = pkgs.tmuxPlugins.mkTmuxPlugin { pluginName = "t-smart-tmux-session-manager"; version = "unstable-2023-06-05"; rtpFilePath = "t-smart-tmux-session-manager. ...

Setting Up Tmux With Nix Home Manager

Introduction In this post I will show you how you can setup tmux (plugins) using the nix package manager, specifically using home-manager. I will also show you how you can avoid an issue I encountered where tmux resurrect wasn’t working properly due to plugin ordering. Typically we use the tmux plugin manager to manage our tmux plugins. However, when I moved to NixOS, I wanted to move away from having lots of different ways of managing what is on my system. ...

Why I moved to NixOS

Recently I decided to move from Arch Linux to NixOS. Rather than doing what I should’ve done which was try to use NixOS in a VM first and learn Nix properly. I decided to jump into the deep end and completely delete my current Arch Linux build with Nix. This included replacing my dotfiles setup using DotBot moving them to Nix flakes and home-manager (more on this in a bit). In this post, I’ll go over why I moved over to NixOS, and why I am staying put for now. ...

TIL: How to Declaratively Setup Mullvad VPN with NixOS

TIL: How to Declaratively Setup Mullvad VPN with NixOS I have recently moved to NixOS, one of the great features of NixOS is that you can set up your entire machine from a single git repo. We can do this declaratively, what we mean by this is we tell nix what we want the state to be and nixos will work out how to get there. For example, we can install Mullvad set various options already. ...