ppetru/alo-cluster
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
537 Commits 1 Branch 0 Tags
376b3cd7e416e9babf33b1b560ae4ec90582fe60
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Petru Paler 376b3cd7e4 Remove old config.
2025-10-23 21:22:27 +01:00
common
Move wordpress to NFS.
2025-10-22 15:01:01 +01:00
docs
Migrate another batch of services to NFS.
2025-10-23 21:20:11 +01:00
home
Forgotten comma.
2025-10-22 17:11:23 +01:00
hosts
NFS server and client setup.
2025-10-22 13:06:21 +01:00
secrets
Configs for sparky.
2025-10-19 20:15:56 +01:00
services
Remove old config.
2025-10-23 21:22:27 +01:00
.gitignore
chore: Ignore aider generated files
2025-04-04 09:38:03 +01:00
.sops.yaml
Configs for sparky.
2025-10-19 20:15:56 +01:00
CLAUDE.md
Migrate another batch of services to NFS.
2025-10-23 21:20:11 +01:00
flake.lock
Chrome instead of chromium for desktops.
2025-10-22 16:53:54 +01:00
flake.nix
Chrome instead of chromium for desktops.
2025-10-22 16:53:54 +01:00
README.md
Clarify host roles.
2025-10-20 22:29:57 +01:00
setup-host.txt
Configs for sparky.
2025-10-19 20:15:56 +01:00
stateful-commands.txt
Cleanup syncthing reference.
2025-10-22 16:38:44 +01:00

README.md

alo-cluster NixOS Configuration

This repository contains the NixOS configuration for a distributed cluster of machines managed as a unified flake.

Architecture Overview

The configuration uses a layered profile system that enables code reuse while maintaining clear separation of concerns:

minimal-node          # Base system (SSH, users, boot, impermanence)
    ↓
cluster-node          # Cluster services (Consul, GlusterFS, CIFS, encryption)
    ↓
server-node           # Server workloads (future: MySQL, PostgreSQL)
    ↓
workstation-node      # Development tools (Docker, deploy-rs, emulation)
    ↓
desktop-node          # GUI environment (Hyprland, Pipewire, fonts)

Each layer extends the previous one, inheriting all configurations. Hosts select a profile level that matches their role.

Special Node Types

  • cloud-node: Minimal + Consul only (cloud VPS deployments)
  • compute-node: Cluster + Nomad worker (container orchestration)

Directory Structure

.
├── flake.nix                 # Main flake definition with all hosts
├── common/
│   ├── global/               # Global configs applied to all systems
│   │   ├── console.nix       # Linux console colors (Solarized Dark)
│   │   ├── locale.nix        # Timezone and locale settings
│   │   └── nix.nix           # Nix daemon and flake configuration
│   ├── minimal-node.nix      # Base layer: SSH, users, boot, impermanence
│   ├── cluster-node.nix      # Cluster layer: Consul, GlusterFS, CIFS
│   ├── server-node.nix       # Server layer: bare metal services (future)
│   ├── workstation-node.nix  # Workstation layer: dev tools
│   ├── desktop-node.nix      # Desktop layer: GUI environment
│   ├── cloud-node.nix        # Cloud VPS profile
│   ├── compute-node.nix      # Nomad worker profile
│   ├── base-node.nix         # [DEPRECATED] Alias for cluster-node
│   └── [feature modules]     # Individual feature configs
├── hosts/
│   ├── c1/                   # Compute node 1
│   ├── c2/                   # Compute node 2
│   ├── c3/                   # Compute node 3
│   ├── alo-cloud-1/          # Cloud VPS
│   ├── chilly/               # Server node
│   ├── zippy/                # Workstation node
│   └── sparky/               # Desktop node
├── home/
│   ├── default.nix           # Home-manager entry point
│   ├── profiles/             # Per-profile package sets
│   │   ├── server.nix
│   │   ├── workstation.nix
│   │   └── desktop.nix
│   ├── programs/             # Per-profile program configurations
│   │   ├── server.nix        # CLI tools (fish, tmux, git, nixvim)
│   │   ├── workstation.nix   # + dev tools
│   │   └── desktop.nix       # + Hyprland, wofi
│   └── common/               # Shared home-manager configs
└── services/                 # Nomad job definitions (not NixOS)

Profile System

System Profiles

Profiles are automatically applied based on the mkHost call in flake.nix:

# Example: Desktop profile includes all layers up to desktop-node
mkHost "x86_64-linux" "desktop" [
  ./hosts/sparky
];

Available profiles:

  • "server" → minimal + cluster + server
  • "workstation" → minimal + cluster + server + workstation
  • "desktop" → minimal + cluster + server + workstation + desktop

Home-Manager Profiles

Home-manager automatically inherits the same profile as the system, configured in home/default.nix:

imports = [ ./programs/${profile}.nix ];
home.packages = profilePkgs.${profile};

This ensures system and user configurations stay synchronized.

Host Definitions

Current Hosts

Host Profile Role Hardware
c1, c2, c3 compute-node Nomad workers Bare metal servers
alo-cloud-1 cloud-node Reverse proxy Cloud VPS
chilly server Home Assistant in a VM Bare metal server
zippy workstation Development machine, server Bare metal server
sparky desktop Desktop environment Bare metal desktop

Adding a New Host

  1. Create host directory:

    mkdir -p hosts/newhost

  2. Create hosts/newhost/default.nix:

    { config, pkgs, ... }:
{
  imports = [
    ../../common/encrypted-btrfs-layout.nix  # or your layout
    ../../common/global
    ./hardware.nix
  ];

  networking.hostName = "newhost";
  # Host-specific configs here
}

  3. Generate hardware config:

    nixos-generate-config --show-hardware-config > hosts/newhost/hardware.nix

  4. Add to flake.nix:

    newhost = mkHost "x86_64-linux" "workstation" [
  ./hosts/newhost
];

Deployment

Using deploy-rs

Deploy to specific host:

deploy -s '.#sparky'

Deploy to all hosts:

deploy

Deploy with detailed logging:

deploy -s '.#sparky' -- --show-trace

Manual Deployment

nixos-rebuild switch --flake .#sparky --target-host sparky

Key Features

Impermanence

All hosts use tmpfs root with selective persistence. Persistent paths configured per-host in persistence.directories and persistence.files.

Unattended Encryption

Cluster nodes support automatic unlocking via Tailscale network using common/unattended-encryption.nix.

Cluster Services

  • Consul: Service discovery and distributed KV store
  • GlusterFS: Distributed filesystem client
  • CIFS/Samba: Network file sharing

Desktop Environment (sparky only)

  • Hyprland: Wayland compositor with CapsLock→Super remapping
  • wofi: Application launcher (Super+D)
  • foot: Terminal emulator (Super+Q)
  • greetd/tuigreet: Login manager with console option

Development Tools (workstation/desktop)

  • Docker with rootless mode
  • deploy-rs for NixOS deployments
  • ARM emulation via binfmt
  • Full NixVim configuration

Future Work

  • Migrate Nomad services (MySQL, PostgreSQL) to bare NixOS services under server-node.nix
  • Add monitoring stack (Prometheus, Grafana)
  • Document Tailscale key rotation process
  • Add automated testing for configuration changes
Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 1.5 MiB
Languages
Nix 51%
HCL 41.8%
Shell 7.2%