My personal homelab infrastructure, fully managed with NixOS and Clan. This repository contains all configurations for my servers, desktops, and network devices.
This is a complete NixOS homelab setup that manages:
- Servers: Public VPS (Hetzner, Infomaniak), physical servers, Raspberry Pi
- Desktops: Personal laptops and workstations
- Network: Routers, IoT devices, and monitoring
Everything is declarative, reproducible, and version-controlled whenever possible.
I'm using Clan to simplify infrastructure management:
Backbone of independent infrastructure
Or as I like to say:
Kill the cloud, build your darkcloud โ๏ธ
โ Learn more about Clan and why I use it
- Simple host management: Easy inventory system
- Automatic secrets: Built-in secret generation and management
- Backup made easy: Integrated backup solution
- Declarative: Everything in code, no manual steps
I follow a hybrid approach:
- NixOS services first: Most applications run as native NixOS services
- Podman when needed: Some apps use containers to:
- Avoid service interruptions during system updates
- Use plugins or features not well-supported in NixOS (e.g., DokuWiki)
- Maintain stability during version upgrades
This gives me the best of both worlds: NixOS reproducibility with container flexibility.
Note
๐ง Work in Progress - The project is being migrated to Clan architecture. During this transition, you'll find both old and new directory structures coexisting.
The homelab uses a modular flake-parts architecture with Clan: Key directories:
machines/: Per-host configurationsclan machines update "machine-name"modules/: Shared modules and legacy configurationsvars/: Secretsclan vars list "machine-name"and on nix expressionclan.core.vars.generators."secret-bucket-name"
nix/nixos/roles/: Service rolesnix/home-manager/: User environment configssops/: SOPS secrets
Here are the main services running in my homelab:
| Logo | Name | Type | Links | online service | Description |
|---|---|---|---|---|---|
 |
ACME | NixOS | doc | rpi40, bootstore, houston | Let's Encrypt Automatic Certificate Management Environment |
 |
Authelia | NixOS | module, doc | douane.ma-cabane.eu | An open-source authentication and single sign-on (SSO) |
 |
Dokuwiki | Podman rootless | module, doc | encyclopedie.ma-cabane.eu | Simple to use and highly versatile Open Source wiki software |
| GoAccess | NixOS | module | stats.ma-cabane.eu | Real-time web log analyzer | |
 |
Grafana | NixOS | module, doc | lampiotes.ma-cabane.eu | The open and composable observability and data visualization platform [service port 3000] |
 |
linkding | Podman rootless | module | bonnes-adresses.ma-cabane.eu | Bookmark manager |
 |
LLDAP | Podman rootless | module, doc | houston | Lightweight LDAP directory service for authentication |
| homepage-dashboard | NixOS | module | salon.ma-cabane.eu | Highly customizable homepage dashboard | |
| Miniflux | NixOS | module | journaliste.ma-cabane.eu | Minimalist RSS feed reader | |
 |
Pawtunes | Podman rootless | module | radio.ma-cabane.eu | Favorites Radio streaming player |
 |
Reaction | NixOS | module, doc | houston | Block some network attacks |
 |
Shaarli | Podman rootless | module | megaphone.ma-cabane.eu | Personal, minimalist, super-fast bookmarking service |
| Vector | NixOS | module, doc | houston | High-performance observability data pipeline | |
| VictoriaMetrics | NixOS | module, doc | houston | Fast and scalable time series database | |
| Wastebin | NixOS | module | codes.ma-cabane.eu | Minimalist pastebin |
My workstations run a customized NixOS setup with i3 window manager and various productivity tools.
| Logo | Application | Description |
|---|---|---|
| borgbackup | Deduplication backup tool | |
 |
Firefox | Web browser |
 |
Gimp | Raster graphics editor |
 |
i3 | Tiling window manager |
 |
Inkscape | Vector graphics editor |
 |
LibreOffice | Office suite |
 |
Meld | Visual diff tool |
 |
Navi | Interactive cheatsheet tool |
 |
Neovim | VIDE - My customized Neovim config |
Quick access to system controls via i3 floating terminals:
| Bluetooth Manager | Disk Manager |
|---|---|
 |
 |
bluetuith |
bashmount |
| Audio Mixer | Network Manager |
|---|---|
 |
 |
pulsemixer |
nmtui |
๐ Houston Server
My main public VPS running on Hetzner Cloud (CX32: 4 vCPU, 8GB RAM, 80GB SSD).
What it does:
- ๐ Authentication Hub: Authelia + LLDAP for SSO across all services
- ๐ Full Observability Stack: Grafana, VictoriaMetrics, InfluxDB, Telegraf, Vector
- ๐ฑ Self-Hosted Apps: DokuWiki, Linkding, Miniflux, Shaarli, and more
โ See complete service list and details
๐ป Gagarin Workstation
My main desktop workstation for daily development and productivity.
Setup:
- ๐ช i3 Tiling WM: Efficient workspace management with custom keybindings
- ๐ ๏ธ Full Dev Environment: VIDE (Neovim), VS Code, Git, Docker, and more
- ๐จ Creative Tools: GIMP, Inkscape, LibreOffice
- โ๏ธ System Management: TUI panels for quick access to system controls
โ See complete configuration and tools
Complete list of hosts in the homelab (auto-generated with just doc-update):
| Logo | Name | OS | Description |
|---|---|---|---|
 |
boxย (192.168.0.1) | Sagem | SFR internet box |
 |
router-livingย (192.168.254.254) | MikroTik | Livingroom mikrotik router |
|
router-ladbedroomย (192.168.254.253) | MikroTik | Bedroom mikrotik router |
|
router-homeofficeย (192.168.254.252) | MikroTik | Office mikrotik router |
 |
sadhomeย (192.168.254.200) | NixOS | Stephanie's laptop |
|
rpi40ย (192.168.254.101) | NixOS | The RPI 4 server |
|
bootstoreย (192.168.254.100) | NixOS | HP Microserver N40L server |
|
b4d14ย (192.168.254.124) | NixOS | Dell XPS 9560 Latop |
|
badxpsย (192.168.254.114) | NixOS | Dell XPS 9570 Latop |
 |
vm-testย (127.0.0.1) | NixOS | qemu VM (SSH on port 2222) |
|
cab1eย (84.234.31.97) | NixOS | Wireguard VPN anonymizer server |
|
houstonย (91.99.130.127) | NixOS | Main public server |
|
gagarinย (192.168.254.147) | NixOS | My main desktop workstation |
A big thank to the contributors of OpenSource projects in particular :
- clan project Simplest way to re-enter independent computing with our framework
- doctor-cluster-config from German TUM School of Computation
- Mic92 and for his some nix contributions
- Misterio77 and for his some nix contributions
- longerHV nix configuration file
- wikipedia for logos inventories