Personal home lab NixOS setup exposed as a flake.
# Enter development shell
nix develop
# Build a machine
nix build .#nixosConfigurations.<machine>.config.system.build.toplevel
# Deploy to local machine
sudo nixos-rebuild switch --flake .#<machine>
# Deploy to remote machine
nixos-rebuild switch --flake .#<machine> --target-host root@<hostname>| Document | Description |
|---|---|
| Repository Structure | Directory layout and key files |
| Modules | Available nixosModules |
| Machines | Machine overview and VPN assignments |
| Secrets | Agenix/ragenix secrets management |
| Development | Development workflow and tools |
| Profiles | Disk layouts and hardware profiles |
| Scripts | Helper scripts |
| Upgrade Notes | Service upgrade procedures |
| New Machine | Adding a new machine |
- Local Manual:
man configuration.nix - NixOS Manual
- NixOS Wiki
- Package Search
- Options Search
- nixos/nixpkgs repo
- Local Manual:
man home-configuration.nix - Options Reference
- Repository
Projects used in this configuration:
| Project | Purpose |
|---|---|
| impermanence | Ephemeral root filesystem |
| disko | Declarative disk partitioning |
| nixos-hardware | Hardware quirks |
| nixos-facter | Hardware detection |
| stylix | System-wide theming |
| nix-ld | Run unpatched binaries |
| nixvim | Neovim configuration |
| ucodenix | AMD microcode updates |
| nix-flatpak | Declarative Flatpak |
| ragenix | Secrets management |
Services running on the homelab:
| Service | Description |
|---|---|
| Home Assistant | Home automation |
| Frigate | Camera NVR |
| Adguard Home | Network ad blocking |
| immich | Photo management |
| Nextcloud | File sync and sharing |
| Collabora | Document editing |
| Vaultwarden | Password manager |
| Murmur | Voice chat (Mumble) |
| WireGuard | VPN |
| Syncthing | File synchronization |
| Paperless-ngx | Document management |
| go2rtc | Camera streaming |
| Smokeping | Network monitoring |
| Jellyfin | Media server |
Build a custom install ISO:
nix build .#install-isoSee NEW-MACHINE.md for detailed instructions.
# Boot target with NixOS ISO, set password, get IP
# From existing machine:
nix run github:nix-community/nixos-anywhere -- \
--build-on local \
--flake .#<machine> \
--disk-encryption-keys /tmp/disk.key /tmp/disk.key \
nixos@<target-ip># Note: Disable encryption for VM testing
nix run github:nix-community/nixos-anywhere -- --flake .#<machine> --vm-testIf mounts don't come up after install:
sudo systemctl restart systemd-tmpfiles-resetup.service