khuedoan · khuedoan · Oct 2, 2025 · Oct 2, 2025 · Oct 2, 2025 · Oct 2, 2025
diff --git a/.gitignore b/.gitignore
@@ -7,3 +7,4 @@ book/
 *.tgz
 *kubeconfig.yaml
 Chart.lock
+result
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
diff --git a/.yamllint.yaml b/.yamllint.yaml
diff --git a/Makefile b/Makefile
@@ -5,14 +5,15 @@
 KUBECONFIG = $(shell pwd)/metal/kubeconfig.yaml
 KUBE_CONFIG_PATH = $(KUBECONFIG)
 
-default: metal system external smoke-test post-install clean
+default: metal system external smoke-test post-install clean fmt
 
 configure:
 	./scripts/configure
 	git status
 
 metal:
-	make -C metal
+	@echo 'Running PXE server as root for privileged ports'
+	sudo nix run .#homelabInstall
 
 system:
 	make -C system
@@ -38,11 +39,12 @@ restore:
 test:
 	make -C test
 
-clean:
-	docker compose --project-directory ./metal/roles/pxe_server/files down
-
 docs:
 	mkdocs serve
 
 git-hooks:
 	pre-commit install
+
+fmt:
+	treefmt
+	cd tools && go fmt ./...
diff --git a/README.md b/README.md
@@ -278,6 +278,7 @@ References:
 - [Self-host an automated Jellyfin media streaming stack](https://zerodya.net/self-host-jellyfin-media-streaming-stack)
 - [App Template Helm chart by bjw-s](https://bjw-s-labs.github.io/helm-charts/docs/app-template)
 - [Various application configurations in onedr0p/home-ops](https://github.com/onedr0p/home-ops)
+- [NixOS Netboot](https://nixos.wiki/wiki/Netboot)
 
 Here is a list of the contributors who have helped to improve this project.
 Big shout-out to them!

diff --git a/docs/installation/production/prerequisites.md b/docs/installation/production/prerequisites.md
@@ -26,6 +26,7 @@ By using this project you agree to [the license](../../reference/license.md).
     The initial controller is the machine used to bootstrap the cluster, we only need it once, you can use your laptop or desktop
 
 - A **Linux** machine that can run Docker (because the `host` networking driver used for PXE boot [only supports Linux](https://docs.docker.com/network/host/), you can use a Linux virtual machine with bridged networking if you're on macOS or Windows).
+- mDNS configured to resolve `.local` domains, either with `systemd-resolved` or `avahi` daemon (TODO clarify this part)
 
 ### Servers
 

diff --git a/docs/reference/architecture/decision-records.md b/docs/reference/architecture/decision-records.md
@@ -19,6 +19,10 @@ They are not permanent, we can change them in the future if better alternatives
 
     - CHANGEME
 
+## Switching from Fedora and Ansible to NixOS
+
+TODO
+
 ## Remove the Docker wrapper for Nix shell
 
 **Context**

diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -1,60 +1,75 @@
 {
-  description = "Homelab";
-
   inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
-    flake-utils.url = "github:numtide/flake-utils";
+    nixpkgs = {
+      url = "github:nixos/nixpkgs/nixos-25.05";
+    };
+    flake-utils = {
+      url = "github:numtide/flake-utils";
+    };
+    disko = {
+      url = "github:nix-community/disko";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
   };
 
-  outputs = { self, nixpkgs, flake-utils }:
-    flake-utils.lib.eachDefaultSystem (system:
+  outputs =
+    {
+      self,
+      nixpkgs,
+      flake-utils,
+      disko,
+    }:
+    (flake-utils.lib.eachDefaultSystem (
+      system:
       let
         pkgs = import nixpkgs { inherit system; };
+        installer = (import ./metal { inherit nixpkgs disko; }).installer;
+        build = installer.config.system.build;
+        homelabInstall = pkgs.buildGoModule {
+          pname = "homelab-install";
+          version = "0.1.0";
+          src = ./tools;
+          # TODO better way to build this shit
+          vendorHash = "sha256-rTJt3UWRUyhRDx1Sdno0fFBYMb4RPtzB7Z7sg45ZJ8o=";
+
+          postInstall = ''
+            wrapProgram $out/bin/homelab-install \
+              --add-flags "-kernel ${build.kernel}/bzImage" \
+              --add-flags "-initrd ${build.netbootRamdisk}/initrd" \
+              --add-flags "-init ${build.toplevel}/init" \
+              --prefix PATH : ${pkgs.lib.makeBinPath [ pkgs.nixos-anywhere ]}
+          '';
+
+          nativeBuildInputs = [ pkgs.makeWrapper ];
+        };
       in
-      with pkgs;
       {
-        devShells.default = mkShell {
-          packages = [
-            ansible
-            ansible-lint
-            bmake
-            diffutils
-            docker
-            docker-compose
+        devShells.default = pkgs.mkShell {
+          packages = with pkgs; [
             dyff
-            git
-            glibcLocales
+            gnumake
             go
             gotestsum
-            iproute2
-            jq
-            k9s
-            kanidm
-            kube3d
             kubectl
             kubernetes-helm
-            kustomize
-            libisoburn
-            neovim
+            nixfmt-tree
+            nixos-anywhere
+            nixos-rebuild
             openssh
-            opentofu # Drop-in replacement for Terraform
-            p7zip
-            pre-commit
-            qrencode
-            shellcheck
-            wireguard-tools
-            yamllint
-
-            (python3.withPackages (p: with p; [
-              jinja2
-              kubernetes
-              mkdocs-material
-              netaddr
-              pexpect
-              rich
-            ]))
+            opentofu
           ];
         };
+
+        packages = {
+          homelabInstall = homelabInstall;
+          nixosPxeServer = homelabInstall; # Alias for backwards compatibility
+          default = homelabInstall;
+        };
       }
-    );
+    ))
+    // {
+      nixosConfigurations = import ./metal {
+        inherit nixpkgs disko;
+      };
+    };
 }
diff --git a/metal/Makefile b/metal/Makefile
diff --git a/metal/ansible.cfg b/metal/ansible.cfg
diff --git a/metal/boot.yml b/metal/boot.yml
diff --git a/metal/cluster.yml b/metal/cluster.yml
-Original file line number
+Diff line change
@@ Expand Up / @@ -7,3 +7,4 @@ book/ @@
     *.tgz
     *kubeconfig.yaml
     Chart.lock
+    result