My personal homelab infrastructure, fully managed with NixOS and Clan. This repository contains all configurations for my servers, desktops, and network devices.
This is a complete NixOS homelab setup that manages:
- Servers: Public VPS (Hetzner, Infomaniak), physical servers, Raspberry Pi
- Desktops: Personal laptops and workstations
- Network: Routers, IoT devices, and monitoring
Everything is declarative, reproducible, and version-controlled whenever possible.
I'm using Clan to simplify infrastructure management:
Backbone of independent infrastructure
Or as I like to say:
Kill the cloud, build your darkcloud βοΈ
β Learn more about Clan and why I use it
- Simple host management: Easy inventory system
- Automatic secrets: Built-in secret generation and management
- Backup made easy: Integrated backup solution
- Declarative: Everything in code, no manual steps
I follow a hybrid approach:
- NixOS services first: Most applications run as native NixOS services
- Podman when needed: Some apps use containers to:
- Avoid service interruptions during system updates
- Use plugins or features not well-supported in NixOS (e.g., DokuWiki)
- Maintain stability during version upgrades
This gives me the best of both worlds: NixOS reproducibility with container flexibility.
Note
π§ Work in Progress - The project is being migrated to Clan architecture. During this transition, you'll find both old and new directory structures coexisting.
The homelab uses a modular flake-parts architecture with Clan: Key directories:
machines/: Per-host configurationsclan machines update "machine-name"modules/: Shared modules and legacy configurationsvars/: Secretsclan vars list "machine-name"and on nix expressionclan.core.vars.generators."secret-bucket-name"
nix/nixos/roles/: Service rolesnix/home-manager/: User environment configssops/: SOPS secrets
Here are the main services running in my homelab:
| Logo | Name | Type | Links | Hosts | Description |
|---|---|---|---|---|---|
 |
ACME | NixOS | doc | rpi40, bootstore, houston | Let's Encrypt Automatic Certificate Management Environment |
 |
Authelia | NixOS | module, doc | houston | An open-source authentication and single sign-on (SSO) |
 |
Dokuwiki | Podman | module, doc | houston | Simple to use and highly versatile Open Source wiki software |
 |
GoAccess | NixOS | module | houston | Real-time web log analyzer |
 |
Grafana | NixOS | module, doc | houston | The open and composable observability and data visualization platform [service port 3000] |
 |
linkding | Podman | module | houston | Bookmark manager |
|
LLDAP | Podman | module, doc | houston | Lightweight LDAP directory service for authentication |
 |
Reaction | NixOS | module, doc | houston | Block some network attacks |
| Vector | NixOS | module, doc | houston | High-performance observability data pipeline | |
| VictoriaMetrics | NixOS | module, doc | houston | Fast and scalable time series database | |
| Wastebin | NixOS | module | houston | Minimalist pastebin |
My workstations run a customized NixOS setup with i3 window manager and various productivity tools.
| Logo | Application | Description |
|---|---|---|
| borgbackup | Deduplication backup tool | |
 |
Firefox | Web browser |
 |
Gimp | Raster graphics editor |
 |
i3 | Tiling window manager |
 |
Inkscape | Vector graphics editor |
 |
LibreOffice | Office suite |
 |
Meld | Visual diff tool |
 |
Navi | Interactive cheatsheet tool |
 |
Neovim | VIDE - My customized Neovim config |
Quick access to system controls via i3 floating terminals:
| Bluetooth Manager | Disk Manager |
|---|---|
 |
 |
bluetuith |
bashmount |
| Audio Mixer | Network Manager |
|---|---|
 |
 |
pulsemixer |
nmtui |
π Houston Server
My main public VPS running on Hetzner Cloud (CX32: 4 vCPU, 8GB RAM, 80GB SSD).
What it does:
- π Authentication Hub: Authelia + LLDAP for SSO across all services
- π Full Observability Stack: Grafana, VictoriaMetrics, InfluxDB, Telegraf, Vector
- π± Self-Hosted Apps: DokuWiki, Linkding, Miniflux, Shaarli, and more
β See complete service list and details
π» Gagarin Workstation
My main desktop workstation for daily development and productivity.
Setup:
- πͺ i3 Tiling WM: Efficient workspace management with custom keybindings
- π οΈ Full Dev Environment: VIDE (Neovim), VS Code, Git, Docker, and more
- π¨ Creative Tools: GIMP, Inkscape, LibreOffice
- βοΈ System Management: TUI panels for quick access to system controls
β See complete configuration and tools
Complete list of hosts in the homelab (auto-generated with just doc-update):
| Logo | Name | OS | Description |
|---|---|---|---|
 |
boxΒ (192.168.0.1) | Sagem | SFR internet box |
 |
router-livingΒ (192.168.254.254) | MikroTik | Livingroom mikrotik router |
|
router-ladbedroomΒ (192.168.254.253) | MikroTik | Bedroom mikrotik router |
|
router-homeofficeΒ (192.168.254.252) | MikroTik | Office mikrotik router |
 |
sadhomeΒ (192.168.254.200) | NixOS | Stephanie's laptop |
|
rpi40Β (192.168.254.101) | NixOS | The RPI 4 server |
|
bootstoreΒ (192.168.254.100) | NixOS | HP Microserver N40L server |
|
b4d14Β (192.168.254.124) | NixOS | Dell XPS 9560 Latop |
|
badxpsΒ (192.168.254.114) | NixOS | Dell XPS 9570 Latop |
 |
vm-testΒ (127.0.0.1) | NixOS | qemu VM (SSH on port 2222) |
|
cab1eΒ (84.234.31.97) | NixOS | Wireguard VPN anonymizer server |
|
houstonΒ (91.99.130.127) | NixOS | Main public server |
|
gagarinΒ (192.168.254.147) | NixOS | My main desktop workstation |
A big thank to the contributors of OpenSource projects in particular :
- clan project Simplest way to re-enter independent computing with our framework
- doctor-cluster-config from German TUM School of Computation
- Mic92 and for his some nix contributions
- Misterio77 and for his some nix contributions
- longerHV nix configuration file
- wikipedia for logos inventories