Updated shared.nix to enhance domain parameter propagation and modified configuration.nix to utilize the inherited domain for machine-specific setups. Adjusted example-service.nix to accept the domain as an argument, improving modularity. Additionally, added a new documentation file explaining the LNBits flake deployment process, detailing architecture, key components, and deployment instructions for better onboarding and understanding of the system.
Introduced a new example-build-local.nix file to facilitate machine-specific web-app builds, enhancing the deployment process. Updated the .gitignore to include build-local.nix, ensuring user-specific configurations remain untracked. Revised the DEPLOYMENT-GUIDE.md to reflect the addition of build-local.nix and provide clearer instructions for setting up configuration files, improving the onboarding experience for new users.
Introduced a new example-krops.nix file for deployment configuration, providing a template for machine-specific setups. Updated the .gitignore to include krops.nix, ensuring user-specific configurations are not tracked. Expanded the DEPLOYMENT-GUIDE.md with detailed initial setup instructions, including steps for creating and customizing krops.nix and machine configurations, enhancing the onboarding process for new users.
Updated the .gitignore to include machine-specific configurations and secrets handling. Expanded the DEPLOYMENT-GUIDE.md to provide detailed instructions for adding new machines using a template, along with steps for managing encrypted secrets. Introduced example configuration files for boot settings and a sample WireGuard service, improving modularity and flexibility in the NixOS deployment process. Adjusted krops.nix to reference the correct path for machine-specific configurations.
Updated the lnbits.nix configuration to set appropriate permissions on the extensions directory and create a symlink for LNBits extensions, improving security and functionality.
Updated the lnbits.nix configuration to import the LNBits service module from a flake, improving maintainability and alignment with deployment practices. Adjusted the shared configuration to make the 'domain' parameter accessible to all imported modules, and removed the deprecated lnbits-service.nix file to streamline the setup.
Expanded the DEPLOYMENT-GUIDE.md to include a comprehensive section on managing encrypted secrets using Passage and Pass. Detailed steps for setting up, creating, and deploying machine-specific secrets, along with security notes. Updated krops.nix and config/lnbits.nix to include configurations for deploying custom LNBits extensions, enhancing the flexibility and security of the NixOS deployment process.
Introduced a comprehensive guide for adding machine-specific services in the DEPLOYMENT-GUIDE.md, including steps to configure WireGuard for specific machines. Added example configuration files for boot settings, machine-specific configurations, and an example service for WireGuard. This enhances the modularity and flexibility of the NixOS deployment process, allowing for tailored configurations per machine.
Modified krops.nix to switch to a git-based nixpkgs source, noting the initial download cost. Updated shared.nix to change module imports to absolute paths and enabled experimental Nix features. Adjusted configuration.nix to import shared configuration from an absolute path and updated the domain name for machine1. These changes enhance clarity, maintainability, and functionality in the NixOS setup.
Modified the LNBits service configuration to accept 'pkgs' as an argument and updated the package reference to use the deployed flake source located at '/var/src/lnbits-src'. This change enhances the flexibility and maintainability of the configuration by ensuring it aligns with the current deployment structure.
Updated the shared Nix configuration to replace dots in the domain with hyphens for hostname setting, enhancing clarity. Additionally, enabled experimental Nix features, including 'nix-command' and 'flakes', to improve functionality and flexibility in the NixOS setup.
Updated the shared Nix configuration to extract the hostname from the domain, enhancing clarity in the setup. Reordered module imports to ensure proper dependency management, including the addition of module arguments for better customization. This change improves the overall organization and maintainability of the NixOS configuration.
Enhanced the DEPLOYMENT-GUIDE.md by adding clarity to the steps for adding new machines, updating environment variables, images, and web-app code. Adjusted formatting for better readability. In krops.nix, updated the target hostname for machine1 to 'root@cathare-node' and changed the Nixpkgs reference from 'nixos-25.05' to '25.05' for consistency. These changes improve the documentation and configuration management for the deployment process.
Introduced a new configuration for the LNBits service, enabling it with customizable options such as host, port, and environment variables. The Nginx configuration has been updated to include WebSocket support and proxy settings for LNBits, ensuring secure and efficient handling of requests. This enhances the overall web service management and modularity of the NixOS setup.
Introduced separate configuration files for Nginx and pict-rs, enabling a streamlined setup for web services. The Nginx configuration includes reverse proxy settings, automatic SSL certificate generation with Let's Encrypt, and fail2ban for security. The pict-rs configuration facilitates image service management with CORS support. Updated the shared configuration to import these new files, improving modularity and maintainability of the NixOS setup.
Enhanced the shared Nix configuration by adding recommended settings for Nginx, including Gzip, optimization, and TLS settings. Disabled proxy settings to prevent interference with WebSocket. Additionally, enabled automatic SSL certificate generation using Let's Encrypt and configured fail2ban for improved security.
This update aims to strengthen the web application's security and performance while maintaining flexibility in the Nginx setup.
Updated the shared Nix configuration to replace the hostname parameter with a domain parameter, allowing for more flexible virtual host configurations. Adjusted machine1 and machine2 configurations to reflect this change, ensuring proper domain usage for Nginx virtual hosts, including new entries for web-app, LNbits, and image services.
Introduces a shared configuration file to streamline machine-specific settings for NixOS deployments. This includes:
- Hostname configuration
- Common system packages (vim, git, htop)
- SSH service enablement
- Nginx setup with virtual host configuration
- Firewall rules for HTTP/HTTPS access
Updates machine-specific configurations to import shared settings, reducing redundancy and improving maintainability.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Changes build strategy from building on target machines to building
locally and deploying pre-built artifacts. This simplifies target
machine configuration and improves deployment speed.
- Add build-local.nix for local machine-specific builds
- Update krops.nix to deploy built artifacts from ./build/{machine}/dist
- Remove build-helper.nix and build dependencies from machine configs
- Update documentation with new build-then-deploy workflow
- Add .gitignore for build directories
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implements per-machine customization for web-app deployment:
- Shared web-app source code deployed to all machines
- Machine-specific .env files and images
- Build helper script to assemble and build on target machines
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Sets up deployment infrastructure for two NixOS machines using krops,
with individual and combined deployment targets.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
