Context
flake is the canonical NixOS infrastructure repo for kuhree.com homelab machines. It defines host configurations, modules, and deployment paths used to keep systems reproducible.
Goals
- Keep all host configs declarative and versioned.
- Make deployments repeatable across builder, manager, workers, NAS, edge proxy, and personal devices.
- Centralize infra changes with reviewable git history.
Implementation
Stack
- Nix flakes / NixOS modules
- agenix for encrypted secrets
- Host deploy workflow via
just deploy <host>andjust deploy-all
Architecture / Integrations
- Multi-host NixOS topology managed from one repo
- Secrets consumed through age/agenix integration
- Closely paired with
ctrlfor service-layer lifecycle in Docker Swarm
Repos / URLs
- Repo: https://git.kuhree.com/kuhree.com/flake
- Related project: ctrl
- Parent project: kuhree.com
- Sensitive host details: private
Status
Active.
Next actionable milestone: keep host role docs aligned with current just deploy targets and machine inventory.
Lessons
- Declarative host configs reduce drift fast when every machine lives in one source of truth.
- Pair infra-level changes with explicit deploy runbooks to avoid “works on one host” surprises.
Notes
- Prefer feature branches and PRs for infra changes unless explicitly directed otherwise.