No description

Find a file

steffen 72e53ea17f Some checks failed Deploy / flake-check (push) Successful in 32s Details Deploy / deploy-cryodev-main (push) Failing after 2s Details Deploy / build-pi-images (cryodev-pi) (push) Failing after 1m18s Details Deploy / create-release (push) Has been skipped Details add forgejo-deploy SSH key for CI/CD pipeline deployment		2026-03-14 14:05:30 +01:00
.forgejo/workflows	fix CI: use runs-on host, remove install-nix-action	2026-03-14 13:56:31 +01:00
apps	fix: use --sudo --ask-sudo-password instead of deprecated --use-remote-sudo	2026-03-14 12:11:21 +01:00
docs	docs: add Hetzner PTR record setup instructions	2026-03-14 13:05:14 +01:00
hosts	fix headplane: disable strict config validation	2026-03-14 13:25:59 +01:00
lib	Add SD image pipeline, documentation overhaul, and fix module issues	2026-03-11 08:41:58 +01:00
modules/nixos	fix ACME: set default group to nginx for webroot permissions	2026-03-14 13:45:08 +01:00
overlays	Initial commit	2026-03-06 08:31:13 +01:00
pkgs	Initial commit	2026-03-06 08:31:13 +01:00
scripts	Initial commit	2026-03-06 08:31:13 +01:00
templates	add deploy/create/install apps, fix templates and docs	2026-03-14 12:08:30 +01:00
users	add forgejo-deploy SSH key for CI/CD pipeline deployment	2026-03-14 14:05:30 +01:00
.gitignore	add .gitignore, fix headscale CLI to use numeric user IDs	2026-03-14 12:28:47 +01:00
.sops.yaml	rename admin_key to steffen_key, add forgejo admin account step	2026-03-14 12:33:09 +01:00
AGENTS.md	fix: use --sudo --ask-sudo-password instead of deprecated --use-remote-sudo	2026-03-14 12:11:21 +01:00
constants.nix	Initial commit	2026-03-06 08:31:13 +01:00
deploy.json	add deploy/create/install apps, fix templates and docs	2026-03-14 12:08:30 +01:00
digest.txt	updated docs and ai shit	2026-03-14 11:44:41 +01:00
flake.lock	Add SD image pipeline, documentation overhaul, and fix module issues	2026-03-11 08:41:58 +01:00
flake.nix	add deploy/create/install apps, fix templates and docs	2026-03-14 12:08:30 +01:00
README.md	Add SD image pipeline, documentation overhaul, and fix module issues	2026-03-11 08:41:58 +01:00

README.md

cryodev NixOS Configuration

Declarative NixOS infrastructure for the cryodev environment, managed with Nix Flakes.

Quick Start

# Clone repository
git clone https://git.cryodev.xyz/steffen/cryodev-server.git
cd cryodev-server

# Check configuration
nix flake check

# Build a host
nix build .#nixosConfigurations.cryodev-main.config.system.build.toplevel

Hosts

Host	Architecture	Deployment	Description
`cryodev-main`	x86_64	Push (deploy-rs)	Main server
`cryodev-pi`	aarch64	Pull (Comin)	Raspberry Pi client

Services

Service	Domain	Description
Headscale	`headscale.cryodev.xyz`	Self-hosted Tailscale server
Headplane	`headplane.cryodev.xyz`	Headscale web UI
Forgejo	`git.cryodev.xyz`	Git hosting with CI/CD
Netdata	`netdata.cryodev.xyz`	Monitoring dashboard
Mail	`mail.cryodev.xyz`	Email (Postfix/Dovecot)

Raspberry Pi SD Images

SD card images for Raspberry Pi clients are built automatically on every push to main.

Download from: Releases

# Flash to SD card
zstd -d cryodev-pi-sd-image.img.zst
sudo dd if=cryodev-pi-sd-image.img of=/dev/sdX bs=4M status=progress

See Adding a new Raspberry Pi for the full workflow.

Documentation

Full documentation is available in the docs/ directory:

Directory Structure

.
├── flake.nix           # Flake entry point
├── constants.nix       # Central configuration
├── hosts/              # Host configurations
├── modules/            # Reusable NixOS modules
├── pkgs/               # Custom packages
├── overlays/           # Nixpkgs overlays
├── templates/          # Host templates
├── scripts/            # Helper scripts
├── apps/               # Nix apps (rebuild)
├── lib/                # Helper functions
└── docs/               # Documentation

Commands

# Format code
nix fmt

# Run checks
nix flake check

# Update dependencies
nix flake update

# Enter dev shell
nix develop

# Build Pi SD image locally
nix build .#nixosConfigurations.cryodev-pi.config.system.build.sdImage

License

Private repository.