From 297a6df29e56fd72e4888fad295a4683659c9e6f Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sat, 11 Oct 2025 15:40:43 +0200 Subject: [PATCH 01/35] feat: Add gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..485dee6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.idea From b2e904306b299e96fdd316857ead0ac351c5a4c1 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sat, 11 Oct 2025 15:41:13 +0200 Subject: [PATCH 02/35] feat(traefik): Add external services --- hosts/Binnenpost/default.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/hosts/Binnenpost/default.nix b/hosts/Binnenpost/default.nix index d78e2da..561fbe1 100644 --- a/hosts/Binnenpost/default.nix +++ b/hosts/Binnenpost/default.nix @@ -16,6 +16,7 @@ apps = { speedtest.enable = true; technitiumDNS.enable = true; + traefik.enable = true; }; virtualisation.guest.enable = true; }; @@ -76,6 +77,14 @@ }; }; + virtualisation.oci-containers.containers.traefik.labels = { + "traefik.http.routers.roxanne.rule" = "Host(`roxanne.depeuter.dev`)"; + "traefik.http.services.roxanne.loadbalancer.server.url" = "https://192.168.0.13:8006"; + + "traefik.http.routers.hugo.rule" = "Host(`hugo.depeuter.dev`)"; + "traefik.http.services.hugo.loadbalancer.server.url" = "https://192.168.0.11:444"; + }; + system.stateVersion = "24.05"; }; } From 2c195bf8077c90b2330ba6d43e3de1b5048bfa92 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Mon, 13 Oct 2025 20:35:46 +0200 Subject: [PATCH 03/35] chore(arr): Use functions --- modules/apps/arr/default.nix | 178 +++++++---------------------------- 1 file changed, 35 insertions(+), 143 deletions(-) diff --git a/modules/apps/arr/default.nix b/modules/apps/arr/default.nix index e2c0df5..7b530c3 100644 --- a/modules/apps/arr/default.nix +++ b/modules/apps/arr/default.nix @@ -12,7 +12,16 @@ let PGID = toString config.users.groups.media.gid; UMASK = "002"; in { - options.homelab.apps.arr = { + options.homelab.apps.arr = let + mkAppOption = appName: { + enable = lib.mkEnableOption "${appName} using Docker"; + exposePorts = lib.mkOption { + type = lib.types.bool; + description = "Expose ${appName} port"; + default = cfg.exposePorts; + }; + }; + in { enable = lib.mkEnableOption "Arr Stack using Docker"; exposePorts = lib.mkOption { type = lib.types.bool; @@ -21,46 +30,11 @@ in { default = ! config.homelab.apps.traefik.enable; }; - bazarr = { - enable = lib.mkEnableOption "Bazarr using Docker"; - exposePorts = lib.mkOption { - type = lib.types.bool; - description = "Expose Bazarr port"; - default = cfg.exposePorts; - }; - }; - prowlarr = { - enable = lib.mkEnableOption "Prowlarr using Docker"; - exposePorts = lib.mkOption { - type = lib.types.bool; - description = "Expose Prowlarr port"; - default = cfg.exposePorts; - }; - }; - qbittorrent = { - enable = lib.mkEnableOption "qBittorrent using Docker"; - exposePorts = lib.mkOption { - type = lib.types.bool; - description = "Expose qBittorrent port"; - default = cfg.exposePorts; - }; - }; - radarr = { - enable = lib.mkEnableOption "Radarr using Docker"; - exposePorts = lib.mkOption { - type = lib.types.bool; - description = "Expose Radarr port"; - default = cfg.exposePorts; - }; - }; - sonarr = { - enable = lib.mkEnableOption "Sonarr using Docker"; - exposePorts = lib.mkOption { - type = lib.types.bool; - description = "Expose Sonarr port"; - default = cfg.exposePorts; - }; - }; + bazarr = mkAppOption "Bazarr"; + prowlarr = mkAppOption "Prowlarr"; + qbittorrent = mkAppOption "qBittorrent"; + radarr = mkAppOption "Radarr"; + sonarr = mkAppOption "Sonarr"; }; config = { @@ -87,9 +61,9 @@ in { virtualisation.containers.enable = lib.mkIf inUse true; }; - fileSystems = lib.mkIf inUse { - "/srv/bazarr-backup" = lib.mkIf cfg.bazarr.enable { - device = "192.168.0.11:/mnt/BIG/BACKUP/BAZARR"; + fileSystems = let + mkFileSystem = device: { + inherit device; fsType = "nfs"; options = [ "rw" @@ -102,75 +76,14 @@ in { ]; }; - "/srv/prowlarr-backup" = lib.mkIf cfg.prowlarr.enable { - device = "192.168.0.11:/mnt/BIG/BACKUP/PROWLARR"; - fsType = "nfs"; - options = [ - "rw" - "auto" - "nfsvers=4.2" - "rsize=1048576" "wsize=1048576" - "hard" - "timeo=600" "retrans=2" - "_netdev" "nosuid" "tcp" - ]; - }; - - "/srv/qbittorrent" = lib.mkIf cfg.qbittorrent.enable { - device = "192.168.0.11:/mnt/SMALL/CONFIG/QBITTORRENT"; - fsType = "nfs"; - options = [ - "rw" - "auto" - "nfsvers=4.2" - "rsize=1048576" "wsize=1048576" - "hard" - "timeo=600" "retrans=2" - "_netdev" "nosuid" "tcp" - ]; - }; - - "/srv/radarr-backup" = lib.mkIf cfg.radarr.enable { - device = "192.168.0.11:/mnt/BIG/BACKUP/RADARR"; - fsType = "nfs"; - options = [ - "rw" - "auto" - "nfsvers=4.2" - "rsize=1048576" "wsize=1048576" - "hard" - "timeo=600" "retrans=2" - "_netdev" "nosuid" "tcp" - ]; - }; - - "/srv/sonarr-backup" = lib.mkIf cfg.sonarr.enable { - device = "192.168.0.11:/mnt/BIG/BACKUP/SONARR"; - fsType = "nfs"; - options = [ - "rw" - "auto" - "nfsvers=4.2" - "rsize=1048576" "wsize=1048576" - "hard" - "timeo=600" "retrans=2" - "_netdev" "nosuid" "tcp" - ]; - }; - - "/srv/torrent" = { - device = "192.168.0.11:/mnt/SMALL/MEDIA/TORRENT"; - fsType = "nfs"; - options = [ - "rw" - "auto" - "nfsvers=4.2" - "rsize=1048576" "wsize=1048576" - "hard" - "timeo=600" "retrans=2" - "_netdev" "nosuid" "tcp" - ]; - }; + hugoBackup = "192.168.0.11:/mnt/BIG/BACKUP"; + in lib.mkIf inUse { + "/srv/bazarr-backup" = lib.mkIf cfg.bazarr.enable (mkFileSystem "${hugoBackup}/BAZARR"); + "/srv/prowlarr-backup" = lib.mkIf cfg.bazarr.enable (mkFileSystem "${hugoBackup}/PROWLARR"); + "/srv/qbittorrent" = lib.mkIf cfg.qbittorrent.enable (mkFileSystem "192.168.0.11:/mnt/SMALL/CONFIG/QBITTORRENT"); + "/srv/radarr-backup" = lib.mkIf cfg.radarr.enable (mkFileSystem "${hugoBackup}/RADARR"); + "/srv/sonarr-backup" = lib.mkIf cfg.sonarr.enable (mkFileSystem "${hugoBackup}/SONARR"); + "/srv/torrent" = mkFileSystem "192.168.0.11:/mnt/SMALL/MEDIA/TORRENT"; }; # Make sure the Docker network exists. @@ -195,45 +108,24 @@ in { }; # Create a user for each app. - users.users = { - bazarr = lib.mkIf cfg.bazarr.enable { - uid = lib.mkForce 3003; + users.users = let + mkUser = uid: { + uid = lib.mkForce uid; isSystemUser = true; group = config.users.groups.media.name; home = "/var/empty"; shell = null; }; - prowlarr = lib.mkIf cfg.prowlarr.enable { - uid = lib.mkForce 3004; - isSystemUser = true; - group = config.users.groups.media.name; - home = "/var/empty"; - shell = null; - }; - qbittorrent = lib.mkIf cfg.qbittorrent.enable { - uid = lib.mkForce 3005; - isSystemUser = true; - group = config.users.groups.media.name; + in { + bazarr = lib.mkIf cfg.bazarr.enable (mkUser 3003); + prowlarr = lib.mkIf cfg.prowlarr.enable (mkUser 3004); + qbittorrent = lib.mkIf cfg.qbittorrent.enable (mkUser 3005) // { extraGroups = [ config.users.groups.apps.name ]; - home = "/var/empty"; - shell = null; - }; - radarr = lib.mkIf cfg.radarr.enable { - uid = lib.mkForce 3006; - isSystemUser = true; - group = config.users.groups.media.name; - home = "/var/empty"; - shell = null; - }; - sonarr = lib.mkIf cfg.sonarr.enable { - uid = lib.mkForce 3007; - isSystemUser = true; - group = config.users.groups.media.name; - home = "/var/empty"; - shell = null; }; + radarr = lib.mkIf cfg.radarr.enable (mkUser 3006); + sonarr = lib.mkIf cfg.sonarr.enable (mkUser 3007); }; virtualisation.oci-containers.containers = let From 652a9da0778b163f401ecc501087d6da45f1ad39 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sat, 18 Oct 2025 17:09:08 +0200 Subject: [PATCH 04/35] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/7df7ff7d8e00218376575f0acdcc5d66741351ee?narHash=sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs%3D' (2025-10-02) → 'github:NixOS/nixpkgs/544961dfcce86422ba200ed9a0b00dd4b1486ec5?narHash=sha256-EVAqOteLBFmd7pKkb0%2BFIUyzTF61VKi7YmvP1tw4nEw%3D' (2025-10-15) • Updated input 'sops-nix': 'github:Mic92/sops-nix/9fcfabe085281dd793589bdc770a2e577a3caa5d?narHash=sha256-f9QC2KKiNReZDG2yyKAtDZh0rSK2Xp1wkPzKbHeQVRU%3D' (2025-09-29) → 'github:Mic92/sops-nix/ab8d56e85b8be14cff9d93735951e30c3e86a437?narHash=sha256-8mN3kqyqa2PKY0wwZ2UmMEYMcxvNTwLaOrrDsw6Qi4E%3D' (2025-10-13) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index ca6e418..67df8c4 100644 --- a/flake.lock +++ b/flake.lock @@ -20,11 +20,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1759381078, - "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", + "lastModified": 1760524057, + "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", + "rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", "type": "github" }, "original": { @@ -48,11 +48,11 @@ ] }, "locked": { - "lastModified": 1759188042, - "narHash": "sha256-f9QC2KKiNReZDG2yyKAtDZh0rSK2Xp1wkPzKbHeQVRU=", + "lastModified": 1760393368, + "narHash": "sha256-8mN3kqyqa2PKY0wwZ2UmMEYMcxvNTwLaOrrDsw6Qi4E=", "owner": "Mic92", "repo": "sops-nix", - "rev": "9fcfabe085281dd793589bdc770a2e577a3caa5d", + "rev": "ab8d56e85b8be14cff9d93735951e30c3e86a437", "type": "github" }, "original": { From 6deb36d92061cbb5c359a9c2c6c84a07f69882d3 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sat, 18 Oct 2025 18:59:17 +0200 Subject: [PATCH 05/35] chore(ssh): Update keys --- hosts/Gitea/default.nix | 7 +++++++ hosts/Vaultwarden/default.nix | 7 +++++++ users/admin/default.nix | 20 +++++++++++++------- users/backup/default.nix | 7 +------ 4 files changed, 28 insertions(+), 13 deletions(-) diff --git a/hosts/Gitea/default.nix b/hosts/Gitea/default.nix index 5b2492f..c6c9b43 100644 --- a/hosts/Gitea/default.nix +++ b/hosts/Gitea/default.nix @@ -5,6 +5,13 @@ homelab = { apps.gitea.enable = true; virtualisation.guest.enable = true; + + users.admin = { + enable = true; + authorizedKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFrp6aM62Bf7bj1YM5AlAWuNrANU3N5e8+LtbbpmZPKS" + ]; + }; }; networking = { diff --git a/hosts/Vaultwarden/default.nix b/hosts/Vaultwarden/default.nix index d8115bc..5ded575 100644 --- a/hosts/Vaultwarden/default.nix +++ b/hosts/Vaultwarden/default.nix @@ -9,6 +9,13 @@ name = "Hugo's Vault"; }; virtualisation.guest.enable = true; + + users.admin = { + enable = true; + authorizedKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnihoyozOCnm6T9OzL2xoMeMZckBYR2w43us68ABA93" + ]; + }; }; networking = { diff --git a/users/admin/default.nix b/users/admin/default.nix index 4038266..dc01c81 100644 --- a/users/admin/default.nix +++ b/users/admin/default.nix @@ -3,24 +3,30 @@ let cfg = config.homelab.users.admin; in { - options.homelab.users.admin.enable = lib.mkEnableOption "user System Administrator"; + options.homelab.users.admin = { + enable = lib.mkEnableOption "user System Administrator"; + authorizedKeys = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ + # HomeLab > NixOS > admin > ssh + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGWIOOEqTy8cWKpENVbzD4p7bsQgQb/Dgpzk8i0dZ00T" + ]; + }; + }; config = lib.mkIf cfg.enable { nix.settings.trusted-users = [ - config.users.users.admin.name + config.users.users.gh0st.name ]; - users.users.admin = { + users.users.gh0st = { description = "System Administrator"; isNormalUser = true; extraGroups = [ config.users.groups.wheel.name # Enable 'sudo' for the user. ]; initialPassword = "ChangeMe"; - openssh.authorizedKeys.keys = [ - # HomeLab > NixOS > admin > ssh - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGWIOOEqTy8cWKpENVbzD4p7bsQgQb/Dgpzk8i0dZ00T" - ]; + openssh.authorizedKeys.keys = cfg.authorizedKeys; packages = with pkgs; [ curl git diff --git a/users/backup/default.nix b/users/backup/default.nix index 8181d02..acae033 100644 --- a/users/backup/default.nix +++ b/users/backup/default.nix @@ -13,13 +13,8 @@ in { "docker" # Allow access to the docker socket. ]; openssh.authorizedKeys.keys = [ - # TODO ChangeMe - - # Tibo-NixFat - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPrG+ldRBdCeHEXrsy/qHXIJYg8xQXVuiUR0DxhFjYNg" - # Hugo - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDAxR813vqq5zbu1NHrIybu5Imlu3k0rDCGxHiuGEhPoVV9c5FpnKNGLCi3ctm15ZcVBX4HcponYsKRBsCzM2pI4uXjxhHkLzbss5LttFuSzv5v/QHfLW1bvyJEMBEPxguGqAydAeWrBFdI9uHBEXeb325uKxMKBZHYvvpyAQ115c1wKy1bL8BfR0LTkhsFqexRvI86q59AVrAU/KFf6RXO0T9QA6H/vyWLlIPc7Ta+tSWwQ68bMmS5Pwn8q58tOAOAd6Lpt4TqUDJSppPjLEPKyKC6ShwMdEjwmwpEG0hxfsvaU8XERyQbSbEE9sLHRA2LoEdtMx3J8nzX3AwYUNspsqIv6NQZksnVqJ8OfL45ngUFcSJ6kBsUvCZfzEUGUTJ6Js0v84NOIXxNG/ZfPsk6ArXm3dvj2TYeK8llO6wpJnMMyztmmiODWoj9tepZSij44IgVM5wdWYIK/RZoYTsCQbmvJFfB8jhyJnf/7F19Vo5+LwhmCOsQh/KEK0F1DVc= admin@Hugo" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICms6vjhE9kOlqV5GBPGInwUHAfCSVHLI2Gtzee0VXPh" ]; }; }; From ca7875dee906334815393f10920a3d7ab8780108 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Wed, 4 Feb 2026 09:25:45 +0100 Subject: [PATCH 06/35] feat: Move URLs to vars --- hosts/Ingress/default.nix | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/hosts/Ingress/default.nix b/hosts/Ingress/default.nix index 68cdcfe..9268714 100644 --- a/hosts/Ingress/default.nix +++ b/hosts/Ingress/default.nix @@ -80,7 +80,7 @@ prefixLength = 24; # Only allow PFS-enabled ciphers with AES256 sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; - upstreams.docservice.servers."192.168.0.14:8080" = {}; + upstreams.docservice.servers."${nextcloud.host}:${toString nextcloud.officePort}" = {}; appendHttpConfig = '' map $http_x_forwarded_proto $the_scheme { @@ -107,19 +107,24 @@ prefixLength = 24; default = true; }; - "cloud.depeuter.dev" = { + "cloud.depeuter.dev" = let + nextcloud = { + host = "192.168.0.14"; + officePort = 8080; + }; + in { enableACME = true; forceSSL = true; locations = { "/" = { - proxyPass = "http://192.168.0.14"; + proxyPass = "http://${nextcloud.host}"; extraConfig = '' add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always; fastcgi_request_buffering off; ''; }; "/office/" = { - proxyPass = "http://192.168.0.14:8080/"; + proxyPass = "http://${nextcloud.host}:${toString nextcloud.officePort}/"; priority = 500; recommendedProxySettings = false; extraConfig = '' @@ -137,12 +142,6 @@ prefixLength = 24; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; ''; }; - "calendar.depeuter.dev" = { - useACMEHost = "depeuter.dev"; - locations."/".return = "301 https://cloud.depeuter.dev/apps/calendar"; - }; - "tasks.depeuter.dev".locations."/".return = "301 https://cloud.depeuter.dev/apps/tasks"; - "notes.depeuter.dev".locations."/".return = "301 https://cloud.depeuter.dev/apps/notes"; "home.depeuter.dev" = { enableACME = true; @@ -158,12 +157,17 @@ prefixLength = 24; }; }; - "jelly.depeuter.dev" = { + "jelly.depeuter.dev" = let + jellyfin = { + host = "192.168.0.94"; + port = 8096; + }; + in { enableACME = true; forceSSL = true; locations = { "/" = { - proxyPass = "http://192.168.0.94:8096"; + proxyPass = "http://${jellyfin.host}:${jellyfin.port}"; extraConfig = '' # Proxy main Jellyfin traffic proxy_set_header Host $host; @@ -178,7 +182,7 @@ prefixLength = 24; ''; }; "/socket" = { - proxyPass = "http://192.168.0.91:8096"; + proxyPass = "http://${jellyfin.host}:${jellyfin.port}"; extraConfig = '' # Proxy Jellyfin Websockets traffic proxy_http_version 1.1; From d38c53762a90e1e7993586661c2a338e0b8ca1e6 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Wed, 4 Feb 2026 20:23:56 +0100 Subject: [PATCH 07/35] chore: Change Nextcloud IP --- hosts/Ingress/default.nix | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/hosts/Ingress/default.nix b/hosts/Ingress/default.nix index 9268714..c0a3ac9 100644 --- a/hosts/Ingress/default.nix +++ b/hosts/Ingress/default.nix @@ -68,7 +68,12 @@ prefixLength = 24; # List services that you want to enable. services = { # Enable Nginx as a reverse proxy - nginx = { + nginx = let + nextcloud = { + host = "192.168.0.23"; + officePort = 8080; + }; + in { enable = true; # Use recommended settings @@ -107,12 +112,7 @@ prefixLength = 24; default = true; }; - "cloud.depeuter.dev" = let - nextcloud = { - host = "192.168.0.14"; - officePort = 8080; - }; - in { + "cloud.depeuter.dev" = { enableACME = true; forceSSL = true; locations = { @@ -167,7 +167,7 @@ prefixLength = 24; forceSSL = true; locations = { "/" = { - proxyPass = "http://${jellyfin.host}:${jellyfin.port}"; + proxyPass = "http://${jellyfin.host}:${toString jellyfin.port}"; extraConfig = '' # Proxy main Jellyfin traffic proxy_set_header Host $host; @@ -182,7 +182,7 @@ prefixLength = 24; ''; }; "/socket" = { - proxyPass = "http://${jellyfin.host}:${jellyfin.port}"; + proxyPass = "http://${jellyfin.host}:${toString jellyfin.port}"; extraConfig = '' # Proxy Jellyfin Websockets traffic proxy_http_version 1.1; @@ -244,7 +244,7 @@ prefixLength = 24; locations = { "/" = { proxyPass = "http://192.168.0.22:10102"; - proxyWebSockets = true; + proxyWebsockets = true; }; "~ ^/admin".return = 403; }; From 5582384f01de990f4476d77c954787f04b0171c1 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Fri, 6 Feb 2026 09:20:43 +0100 Subject: [PATCH 08/35] feat: Add homepage module --- hosts/Development/default.nix | 4 ++ modules/apps/default.nix | 1 + modules/apps/homepage/default.nix | 79 +++++++++++++++++++++++++++++++ 3 files changed, 84 insertions(+) create mode 100644 modules/apps/homepage/default.nix diff --git a/hosts/Development/default.nix b/hosts/Development/default.nix index b2237b7..fda8e57 100644 --- a/hosts/Development/default.nix +++ b/hosts/Development/default.nix @@ -5,6 +5,10 @@ homelab = { apps = { bind9.enable = true; + homepage = { + enable = true; + exposePort = true; + }; traefik.enable = true; plex.enable = true; }; diff --git a/modules/apps/default.nix b/modules/apps/default.nix index 7c8b8f8..f62dca7 100644 --- a/modules/apps/default.nix +++ b/modules/apps/default.nix @@ -6,6 +6,7 @@ ./changedetection ./freshrss ./gitea + ./homepage ./jellyfin ./plex ./speedtest diff --git a/modules/apps/homepage/default.nix b/modules/apps/homepage/default.nix new file mode 100644 index 0000000..b34f32f --- /dev/null +++ b/modules/apps/homepage/default.nix @@ -0,0 +1,79 @@ +{ config, lib, ... }: + +let + cfg = config.homelab.apps.homepage; + + PUID = toString config.users.users.homepage.uid; + PGID = toString config.users.groups.apps.gid; + + homepage-config = "/srv/homepage-config"; + + proxyNet = config.homelab.apps.traefik.sharedNetworkName; +in { + options.homelab.apps.homepage = { + enable = lib.mkEnableOption "homepage"; + port = lib.mkOption { + type = lib.types.int; + default = 3000; + description = "homepage WebUI port"; + }; + exposePort = lib.mkEnableOption "expose homepage port"; + }; + + config = lib.mkIf cfg.enable { + homelab = { + users.apps.enable = true; + virtualisation.containers.enable = true; + }; + + users.users.homepage = { + uid = lib.mkForce 3018; + isSystemUser = true; + group = config.users.groups.apps.name; + home = "/var/empty"; + shell = null; + }; + + fileSystems."${homepage-config}" = { + device = "192.168.0.11:/mnt/SMALL/CONFIG/HOMEPAGE"; + fsType = "nfs"; + options = [ + "rw" + "auto" + "nfsvers=4.2" + "async" "soft" "timeo=100" "retry=50" "actimeo=1800" "lookupcache=all" + "nosuid" "tcp" + ]; + }; + + virtualisation.oci-containers.containers.homepage = let + host = "homepage.${config.networking.domain}"; + in { + hostname = "homepage"; + image = "ghcr.io/gethomepage/homepage:v1.10.1"; + autoStart = true; + user = "${toString PUID}:${toString PGID}"; + ports = lib.mkIf cfg.exposePort [ + "${toString cfg.port}:3000/tcp" + ]; + networks = [ + proxyNet + ]; + volumes = [ + "${homepage-config}:/app/config" + # "/var/run/docker.sock:/var/run/docker.sock:ro" # For docker integrations + ]; + labels = { + "traefik.enable" = "true"; + "traefik.docker.network" = proxyNet; + "traefik.http.routers.homepage.rule" = "Host(`${host}`)"; + "traefik.http.services.homepage.loadbalancer.server.port" = toString cfg.port; + }; + environment = { + inherit PUID PGID; + + HOMEPAGE_ALLOWED_HOSTS = "${host},192.168.0.91:3000"; + }; + }; + }; +} From 16b72ed6e02f6b8bae4ec84f23d45f877f9d7f0e Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Fri, 6 Feb 2026 14:15:19 +0100 Subject: [PATCH 09/35] feat: Test Action --- .github/workflows/test.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..eb99b2a --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,16 @@ +name: "Test" +on: + pull_request: + push: +jobs: + tests: + runs-on: ubuntu-latest + container: + image: catthehacker/ubuntu:act-latest + steps: + - uses: actions/checkout@v5 + - uses: https://github.com/cachix/install-nix-action@v31 + with: + nix_path: nixpkgs=channel:nixos-unstable + - name: "My custom step" + run: nix run nixpkgs#hello From bc8118b48a9dbfc3192f82daa2a979882f15fc64 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 11:57:18 +0100 Subject: [PATCH 10/35] chore: Disable test workflow --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index eb99b2a..8cb0f4b 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -4,6 +4,7 @@ on: push: jobs: tests: + if: false runs-on: ubuntu-latest container: image: catthehacker/ubuntu:act-latest From 90bd5ed66bf670329327c824efd3e5d2a57689cf Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 11:57:38 +0100 Subject: [PATCH 11/35] Determine hosts --- .github/workflows/build.yml | 34 ++++++++++++++++++++++++++++++++++ .gitignore | 1 + 2 files changed, 35 insertions(+) create mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..2a1fb35 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,34 @@ +name: "Build" +on: + pull_request: + +jobs: + determine_hosts: + name: "Determining hosts to build" + runs-on: ubuntu-latest + container: + image: catthehacker/ubuntu:act-latest + + steps: + - uses: actions/checkout@v5 + - uses: https://github.com/cachix/install-nix-action@v31 + with: + nix_path: nixpkgs=channel:nixos-unstable + - name: "List hosts" + id: hosts + run: nix eval .#nixosConfigurations --apply builtins.attrNames --json + outputs: + hosts: ${{ steps.hosts.outputs }} + + build: + runs-on: ubuntu-latest + container: + image: catthehacker/ubuntu:act-latest + needs: determine_hosts + strategy: + matrix: + hostname: ${{ fromJSON(needs.determine_hosts.outputs.hosts) }} + + steps: + - run: echo "${{ matrix.hostname }}" + diff --git a/.gitignore b/.gitignore index 485dee6..8daf605 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ .idea +result From 4103c488b3958413b5c135fd751b9421ab01c62c Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 11:58:43 +0100 Subject: [PATCH 12/35] Build each host --- .github/workflows/build.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2a1fb35..482df03 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,7 +16,8 @@ jobs: nix_path: nixpkgs=channel:nixos-unstable - name: "List hosts" id: hosts - run: nix eval .#nixosConfigurations --apply builtins.attrNames --json + run: | + nix eval .#nixosConfigurations --apply builtins.attrNames --json outputs: hosts: ${{ steps.hosts.outputs }} @@ -30,5 +31,11 @@ jobs: hostname: ${{ fromJSON(needs.determine_hosts.outputs.hosts) }} steps: - - run: echo "${{ matrix.hostname }}" + - name: "Define host" + env: + hostname: ${{ matrix.hostname }} + run: | + echo "${hostname}" + - run: | + nixos-rebuild build --flake ".#${hostname}" From 60fe8110b1249ca3751419c21be2fc05be25dfd7 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 12:00:31 +0100 Subject: [PATCH 13/35] Add NixOS to build step as well --- .github/workflows/build.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 482df03..44248aa 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -31,6 +31,10 @@ jobs: hostname: ${{ fromJSON(needs.determine_hosts.outputs.hosts) }} steps: + - uses: actions/checkout@v5 + - uses: https://github.com/cachix/install-nix-action@v31 + with: + nix_path: nixpkgs=channel:nixos-unstable - name: "Define host" env: hostname: ${{ matrix.hostname }} From bfbe4204e75de965f8cbcdf3bb2cb72c83b96615 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 12:04:02 +0100 Subject: [PATCH 14/35] More specific hostnames --- .github/workflows/build.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 44248aa..baafa8e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,7 +17,8 @@ jobs: - name: "List hosts" id: hosts run: | - nix eval .#nixosConfigurations --apply builtins.attrNames --json + hosts="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" + echo "hostnames=${hosts}" >> "$GITHUB_OUTPUT" outputs: hosts: ${{ steps.hosts.outputs }} @@ -28,7 +29,7 @@ jobs: needs: determine_hosts strategy: matrix: - hostname: ${{ fromJSON(needs.determine_hosts.outputs.hosts) }} + hostname: ${{ fromJSON(needs.determine_hosts.outputs.hosts.hostnames) }} steps: - uses: actions/checkout@v5 @@ -39,7 +40,7 @@ jobs: env: hostname: ${{ matrix.hostname }} run: | - echo "${hostname}" + echo "Hostname: ${hostname}" - run: | nixos-rebuild build --flake ".#${hostname}" From cef1259f8d76e8f699a87736a8c56cafd042ad10 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 12:06:26 +0100 Subject: [PATCH 15/35] fix json elements --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index baafa8e..de0b62b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,7 +20,7 @@ jobs: hosts="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" echo "hostnames=${hosts}" >> "$GITHUB_OUTPUT" outputs: - hosts: ${{ steps.hosts.outputs }} + hosts: ${{ steps.hosts.outputs.hostnames }} build: runs-on: ubuntu-latest @@ -29,7 +29,7 @@ jobs: needs: determine_hosts strategy: matrix: - hostname: ${{ fromJSON(needs.determine_hosts.outputs.hosts.hostnames) }} + hostname: ${{ fromJSON(needs.determine_hosts.outputs.hosts) }} steps: - uses: actions/checkout@v5 From 7d8a6693c1ff9bd2f32bb6dde6f1be5145b79caf Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 12:14:07 +0100 Subject: [PATCH 16/35] try different way --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index de0b62b..13865b6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -40,7 +40,7 @@ jobs: env: hostname: ${{ matrix.hostname }} run: | - echo "Hostname: ${hostname}" + echo "Hostname: ${{ matrix.hostname }}" - run: | nixos-rebuild build --flake ".#${hostname}" From 2996df479f1f898e433052f6ce672145eda7082f Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 12:17:33 +0100 Subject: [PATCH 17/35] Debug matrix --- .github/workflows/build.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 13865b6..766266c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -36,6 +36,8 @@ jobs: - uses: https://github.com/cachix/install-nix-action@v31 with: nix_path: nixpkgs=channel:nixos-unstable + - name: Debug Matrix + run: echo "The matrix value is: [${{ matrix.hostname }}]" - name: "Define host" env: hostname: ${{ matrix.hostname }} From b5af201e86aa8f59a45334c22f4db23669d5bedf Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 12:18:59 +0100 Subject: [PATCH 18/35] run on push --- .github/workflows/build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 766266c..9e11680 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,6 +1,7 @@ name: "Build" on: pull_request: + push: jobs: determine_hosts: From fce4a03fa5878aaa2946b336ca166a789c630a85 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 12:25:00 +0100 Subject: [PATCH 19/35] use var directly --- .github/workflows/build.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9e11680..d59217a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -40,10 +40,8 @@ jobs: - name: Debug Matrix run: echo "The matrix value is: [${{ matrix.hostname }}]" - name: "Define host" - env: - hostname: ${{ matrix.hostname }} run: | - echo "Hostname: ${{ matrix.hostname }}" + echo "Building for: ${{ matrix.hostname }}" - run: | - nixos-rebuild build --flake ".#${hostname}" + nixos-rebuild build --flake ".#${{ matrix.hostname }}" From 675204152d62b97a871bddd3364cf73b4dbf15e8 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 12:25:52 +0100 Subject: [PATCH 20/35] fix mappings --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d59217a..7738210 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -38,7 +38,7 @@ jobs: with: nix_path: nixpkgs=channel:nixos-unstable - name: Debug Matrix - run: echo "The matrix value is: [${{ matrix.hostname }}]" + run: echo "The matrix value is: [ ${{ matrix.hostname }} ]" - name: "Define host" run: | echo "Building for: ${{ matrix.hostname }}" From 99141d2c7a37bcf47741b639e131f92dece82d24 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 12:26:31 +0100 Subject: [PATCH 21/35] fix mappings --- .github/workflows/build.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7738210..f095725 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -38,7 +38,8 @@ jobs: with: nix_path: nixpkgs=channel:nixos-unstable - name: Debug Matrix - run: echo "The matrix value is: [ ${{ matrix.hostname }} ]" + run: | + echo "The matrix value is: ${{ matrix.hostname }}" - name: "Define host" run: | echo "Building for: ${{ matrix.hostname }}" From 3e78d7e0f77e9767fc3a06796a5ed78856e638f0 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 12:29:05 +0100 Subject: [PATCH 22/35] add toolcache --- .github/workflows/build.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f095725..3295110 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -3,6 +3,9 @@ on: pull_request: push: +env: + RUNNER_TOOL_CACHE: /toolcache + jobs: determine_hosts: name: "Determining hosts to build" From de54d86be1c78f1b04441a9a414420f85511b818 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 12:33:23 +0100 Subject: [PATCH 23/35] Change names and ordere --- .github/workflows/build.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3295110..ca38b1a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,12 +7,13 @@ env: RUNNER_TOOL_CACHE: /toolcache jobs: - determine_hosts: + determine-hosts: name: "Determining hosts to build" runs-on: ubuntu-latest container: image: catthehacker/ubuntu:act-latest - + outputs: + hosts: ${{ steps.hosts.outputs.hostnames }} steps: - uses: actions/checkout@v5 - uses: https://github.com/cachix/install-nix-action@v31 @@ -22,18 +23,16 @@ jobs: id: hosts run: | hosts="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" - echo "hostnames=${hosts}" >> "$GITHUB_OUTPUT" - outputs: - hosts: ${{ steps.hosts.outputs.hostnames }} + echo "hostnames=${hosts}" >> $GITHUB_OUTPUT build: runs-on: ubuntu-latest container: image: catthehacker/ubuntu:act-latest - needs: determine_hosts + needs: determine-hosts strategy: matrix: - hostname: ${{ fromJSON(needs.determine_hosts.outputs.hosts) }} + hostname: ${{ fromJSON(needs.determine-hosts.outputs.hosts) }} steps: - uses: actions/checkout@v5 From 4eff2772d12a9b61091d261bc285fb02ae5b7a03 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 14:50:41 +0100 Subject: [PATCH 24/35] Debugging --- .github/workflows/build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ca38b1a..9950555 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -23,6 +23,7 @@ jobs: id: hosts run: | hosts="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" + echo "${hosts}" echo "hostnames=${hosts}" >> $GITHUB_OUTPUT build: From 478ace7bb43babf31e979ec338e0bc79ec01feb3 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 14:54:31 +0100 Subject: [PATCH 25/35] Debugging extra step --- .github/workflows/build.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9950555..e950a7b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -19,12 +19,15 @@ jobs: - uses: https://github.com/cachix/install-nix-action@v31 with: nix_path: nixpkgs=channel:nixos-unstable - - name: "List hosts" + - name: "Determine hosts" id: hosts run: | hosts="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" echo "${hosts}" echo "hostnames=${hosts}" >> $GITHUB_OUTPUT + - name: "List hosts" + run: | + echo "${{ steps.hosts.outputs.hostnames }}" build: runs-on: ubuntu-latest From 4245b09a71a7b98385893b86a3b4a886e166c1bb Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 14:58:21 +0100 Subject: [PATCH 26/35] Debugging needs outputs --- .github/workflows/build.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e950a7b..1b14f27 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: hosts="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" echo "${hosts}" echo "hostnames=${hosts}" >> $GITHUB_OUTPUT - - name: "List hosts" + - name: "List hosts of step" run: | echo "${{ steps.hosts.outputs.hostnames }}" @@ -43,6 +43,9 @@ jobs: - uses: https://github.com/cachix/install-nix-action@v31 with: nix_path: nixpkgs=channel:nixos-unstable + - name: "Debug needs outputs" + run: | + echo "${{ needs.determine-hosts.outputs }}" - name: Debug Matrix run: | echo "The matrix value is: ${{ matrix.hostname }}" From bc42639059125dfa42f216acb86b9cf220448dc0 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 14:59:10 +0100 Subject: [PATCH 27/35] Debugging needs outputs hosts --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1b14f27..9455028 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -45,7 +45,7 @@ jobs: nix_path: nixpkgs=channel:nixos-unstable - name: "Debug needs outputs" run: | - echo "${{ needs.determine-hosts.outputs }}" + echo "${{ needs.determine-hosts.outputs.hosts }}" - name: Debug Matrix run: | echo "The matrix value is: ${{ matrix.hostname }}" From 8824ee080ccd8c75b6cc7338ca865dde769f224f Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 15:08:55 +0100 Subject: [PATCH 28/35] Preserve quotes --- .github/workflows/build.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9455028..d4b53ca 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -22,12 +22,8 @@ jobs: - name: "Determine hosts" id: hosts run: | - hosts="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" - echo "${hosts}" - echo "hostnames=${hosts}" >> $GITHUB_OUTPUT - - name: "List hosts of step" - run: | - echo "${{ steps.hosts.outputs.hostnames }}" + hostnames="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" + printf "hostnames=%s\n" "${hostnames}" >> "${GITHUB_OUTPUT}" # Preserve quotes build: runs-on: ubuntu-latest From 9008b6ab3d9c2e80152720f105cd3a0d6c3176d1 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 15:09:38 +0100 Subject: [PATCH 29/35] printf escaped --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d4b53ca..26bd67d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -23,7 +23,7 @@ jobs: id: hosts run: | hostnames="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" - printf "hostnames=%s\n" "${hostnames}" >> "${GITHUB_OUTPUT}" # Preserve quotes + printf "hostnames=%q \n" "${hostnames}" >> "${GITHUB_OUTPUT}" # Preserve quotes build: runs-on: ubuntu-latest From 02f2ade703f802237cbb24d4dc7342fc45c01172 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 15:16:02 +0100 Subject: [PATCH 30/35] Using EOF --- .github/workflows/build.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 26bd67d..7a98325 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -23,7 +23,11 @@ jobs: id: hosts run: | hostnames="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" - printf "hostnames=%q \n" "${hostnames}" >> "${GITHUB_OUTPUT}" # Preserve quotes + { + echo "hostnames<> "${GITHUB_OUTPUT}" # Preserve quotes build: runs-on: ubuntu-latest From 44131ad8e77d8c530f5933c010e5d27942b8c90b Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 15:17:34 +0100 Subject: [PATCH 31/35] test --- .github/workflows/build.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7a98325..e24ffc9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -23,11 +23,7 @@ jobs: id: hosts run: | hostnames="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" - { - echo "hostnames<> "${GITHUB_OUTPUT}" # Preserve quotes + printf "hostnames=%s\n" "${hostnames}" >> "${GITHUB_OUTPUT}" build: runs-on: ubuntu-latest @@ -45,7 +41,7 @@ jobs: nix_path: nixpkgs=channel:nixos-unstable - name: "Debug needs outputs" run: | - echo "${{ needs.determine-hosts.outputs.hosts }}" + printf "%s\n" "${{ needs.determine-hosts.outputs.hosts }}" - name: Debug Matrix run: | echo "The matrix value is: ${{ matrix.hostname }}" From ea3492ee27ec0e2ea7aaed945b412e0deda61025 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 15:26:27 +0100 Subject: [PATCH 32/35] escape? --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e24ffc9..a2dd14e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -22,7 +22,7 @@ jobs: - name: "Determine hosts" id: hosts run: | - hostnames="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" + hostnames="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json | tr '\n' ', ' | sed 's/,$//')" printf "hostnames=%s\n" "${hostnames}" >> "${GITHUB_OUTPUT}" build: From a5ed47a4783b6be2233d71bde6fc69aa7fe78537 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 15:30:52 +0100 Subject: [PATCH 33/35] without json parse --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a2dd14e..7926715 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -22,7 +22,7 @@ jobs: - name: "Determine hosts" id: hosts run: | - hostnames="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json | tr '\n' ', ' | sed 's/,$//')" + hostnames="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json)" printf "hostnames=%s\n" "${hostnames}" >> "${GITHUB_OUTPUT}" build: @@ -32,7 +32,7 @@ jobs: needs: determine-hosts strategy: matrix: - hostname: ${{ fromJSON(needs.determine-hosts.outputs.hosts) }} + hostname: ${{ needs.determine-hosts.outputs.hosts }} steps: - uses: actions/checkout@v5 From 3d4082c25c06741297ee5cb53e921e8e54731d3f Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 15:35:02 +0100 Subject: [PATCH 34/35] hardcoding --- .github/workflows/build.yml | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7926715..ca96545 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -32,22 +32,17 @@ jobs: needs: determine-hosts strategy: matrix: - hostname: ${{ needs.determine-hosts.outputs.hosts }} + hostname: [ + Development + Testing + ] steps: - uses: actions/checkout@v5 - uses: https://github.com/cachix/install-nix-action@v31 with: nix_path: nixpkgs=channel:nixos-unstable - - name: "Debug needs outputs" + - name: "Build host" run: | - printf "%s\n" "${{ needs.determine-hosts.outputs.hosts }}" - - name: Debug Matrix - run: | - echo "The matrix value is: ${{ matrix.hostname }}" - - name: "Define host" - run: | - echo "Building for: ${{ matrix.hostname }}" - - run: | nixos-rebuild build --flake ".#${{ matrix.hostname }}" From b9bd093ba878bffdfddf9f35e4735191c84fd654 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 8 Feb 2026 15:38:18 +0100 Subject: [PATCH 35/35] change build command --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ca96545..cce5071 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -44,5 +44,5 @@ jobs: nix_path: nixpkgs=channel:nixos-unstable - name: "Build host" run: | - nixos-rebuild build --flake ".#${{ matrix.hostname }}" + nix build ".#nixosConfigurations.${{ matrix.hostname }}.config.system.build.toplevel"