History

DannyDannyDanny 47fc658523 feat(clan): add vps-relay + strip bbbot cloudflared 🚢 Stage 4.5: declare a Hetzner-hosted reverse-proxy VPS as a clan machine. - nixos/hosts/vps-relay.nix: Debian→NixOS cx23 in hel1. Caddy at public 80/443 reverse-proxies navidrome.dannydannydanny.me and bbbot.dannydannydanny.me over ZT to sunken-ship. - nixos/disko-cloud.nix: simple GPT + ext4 root, no LUKS — cloud provider has physical disk anyway and there's no operator at boot. - flake-modules/clan.nix: register vps-relay as an inventory machine, zerotier peer, internet networking target at its clan-generated ZT IPv6, and add vps-relay.clan to clanHostsModule /etc/hosts. - sunken-ship fitness-bot: drop pkgs.cloudflared from PATH + set WEBAPP_URL=https://bbbot.dannydannydanny.me. Paired with the bbbot upstream patch (start.py honors env WEBAPP_URL and skips cloudflared when set) — once the 15-min fitness-bot-pull timer pulls that change, bbbot will stop churning trycloudflare.com URLs. Vars (zerotier identity/ip + sops machine key) generated on sunken-ship because clan's hermetic sandbox on macOS fails to run the zerotier identity generator (same workaround as for data-mesher earlier). VPS install flow: Hetzner-created Debian box, then `clan machines install vps-relay --target-host root@<public-ipv4>` reinstalls to NixOS; subsequent updates go over ZT.		2026-04-24 13:43:21 +02:00
..
home/danny	chore(flake): bump clan-community fork (dm-send-deploy narHash skip) 🔖	2026-04-20 20:06:08 +02:00
hosts	feat(clan): add vps-relay + strip bbbot cloudflared 🚢	2026-04-24 13:43:21 +02:00
disko-cloud.nix	feat(clan): add vps-relay + strip bbbot cloudflared 🚢	2026-04-24 13:43:21 +02:00
disko-server.nix	Add NixOS server installer USB (disko LUKS + WiFi, hostname prompt)	2026-03-08 16:16:25 +01:00
fish.nix	refactor(nix): move flake to repo root 🚚	2026-04-19 15:19:59 +02:00
installer-iso.nix	Add NixOS server installer USB (disko LUKS + WiFi, hostname prompt)	2026-03-08 16:16:25 +01:00
neovim.nix	fix(neovim): set withRuby and withPython3 explicitly to false 🔇	2026-04-19 13:48:25 +02:00
ollama.nix	feat: add ollama ✨ 💩	2025-10-26 19:48:17 +01:00
readme.md	docs: update stale dotfiles/nixos flake paths 📝	2026-04-20 20:28:05 +02:00
server-configuration-with-flakes.nix	Rename nixos-server to sunken-ship	2026-03-01 12:44:28 +01:00
server-install-configuration.nix	Rename nixos-server to sunken-ship	2026-03-01 12:44:28 +01:00
wsl.conf	chore: remove wsl.conf	2025-09-09 15:24:51 +02:00

readme.md

NixOS modules

Host-specific NixOS and home-manager modules live under this dir:

hosts/<machine>.nix + hosts/<machine>-hardware.nix
home/danny/home.nix (home-manager)
fish.nix, neovim.nix, ollama.nix, installer-iso.nix, disko-server.nix

The flake itself (flake.nix, flake.lock, flake-modules/, lib/, modules/, sops/, vars/) lives at the repo root, not here. See CLAUDE.md at the repo root for rebuild commands, clan.lol operations, and the dotfiles-rebuild timer.

Quick rebuild reference

# macOS
cd ~/dotfiles && darwin-rebuild switch --flake .

# WSL
sudo nixos-rebuild switch --flake ~/dotfiles#wsl

# Servers (via clan from mac)
nix run git+https://git.clan.lol/clan/clan-core#clan-cli -- \
  machines update sunken-ship --flake ~/dotfiles

Server bootstrap (one-time)

nix run --extra-experimental-features "nix-command flakes" nixpkgs#git -- \
  clone https://github.com/DannyDannyDanny/dotfiles.git /tmp/dotfiles
sudo mv /tmp/dotfiles /etc/dotfiles
sudo nixos-rebuild switch --flake /etc/dotfiles#sunken-ship \
  --option accept-flake-config true

If the daemon doesn't have flakes: copy server-configuration-with-flakes.nix to /etc/nixos/configuration.nix, sudo nixos-rebuild switch, then build the flake.

SSH keys (not in repo): scp ~/.ssh/*.pub danny@server:/tmp/, then on server mkdir -p ~/.ssh; cat /tmp/*.pub >> ~/.ssh/authorized_keys. See docs/ssh-and-secrets.md.

No git in PATH: sudo nix run nixpkgs#git -- -C /etc/dotfiles pull origin main.