TODO.md

TODO

Originally a nice list of plans that has turned into a stream of consciousness mess of notes and tracking progress as I go. TODO - make into a proper TODO!

Documentation

• README
  • rewrite install instructions
  • add section on steps to add new system
  • add steps on how to re-generate secrets
  • add ways to contact for future friends
  • split install into separate docs
• secrets
  • README
  • comments
• hosts
  • README
  • comments
  • shared
    • README
    • comments
• modules
  • README
  • comments

Impermanence

• research possible solutions
  • Colin uses a homebrew FS module, looks very powerful, but I don't fully understand it yet
  • Impermenence module is more widely used and likely requires less maintenance
• implement selected solution

Modules

Email

• test out new thunderbird
• see if evolution can be declaratively configured

No email client for now. Gmail would be a pain.

Hosts

General

Syncthing

• setup syncthing for each host
• switch to agenix
• find out how to migrate device id across systems
• implement deviceID secrets into syncthing modules

Dinraal

Status - Full NixOS

• test split tunneling with wireguard so I have network access while away from home

Farosh

Status - Full NixOS

Naydra

Status - still running centOS (Next on Deck) local NAS server which doubles as a local container host

• separate out imports so server doesn't contain any desktop/unnecessary components
• write out new components
  • nfs client
  • nfs server (connect to farosh instead of sshd? Also can connect through split tunnel from dinraal)

Gleeok

Status - still running debian

• remote vps which serves as a container host for internet exposed containers with uptime requirements. Can likely shift some internal and only accessible through wireguard.

Korok

Status - See here

Otters -- typo but I'm leaving it 🦦

• RaspberryPi

  • consider if I have any use for this
    • does cec work with nixos? Probably can be made to
    • maybe lightweight computer/media player for tv?

• Router

  • networking is hard. is it easier on nix?
    • wouldn't mind dropping OPNSense
    • OTOH I am far from a networking expert. Would nixos created by me even be secure on a router?

• Phone

  • pinephone seems like a fun toy
    • don't have one, but maybe someday!

Containers

• test building container images using nix

• compare nix built images with ones on registry

• compare images with straight up nix installs

• or just be super lazy and install a systemd service to build and run containers from a repo (podman is amazing! who really needs docker-compose anyways) https://docs.podman.io/en/latest/markdown/podman-generate-systemd.html#generate-systemd-unit-file-for-a-container-with-new-flag

Research/Testing

• containers (as above)
• impermanence (as above)
• nixos-router vs current solution (OPNSense)
• nixos-mailserver vs current solution (bare metal on vps)
• Stalwart Mail Server could also work
• thunderbird config
• flatpak. Is it more stable than FHS for electron apps? or Steam?
• nixos-stable then pull specific packages from unstable
  • potentially make things like steam/electron apps more stable