eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
402 commits 79 branches 160 tags 8.6 MiB
Commit graph

9 commits

Author SHA1 Message Date
Erich Blume
535f897054 Polish ringtail NixOS config and add documentation (#208) 
## Summary
- Fix Super+Return keybinding to launch wezterm in sway
- Set fish as default login shell
- Remove `initialPassword` (real password already set)
- Add 1Password CLI + GUI, chezmoi, and dev tool packages (neovim, eza, fd, fzf, zoxide, starship, atuin, bat, ripgrep)
- Add ringtail reference card, update host inventory and reference index
- Changelog fragment

## Post-merge deployment
- `mise run provision-ringtail` to rebuild NixOS
- On ringtail: launch 1Password GUI, enable CLI integration (Settings > Developer > CLI integration)
- Chezmoi needs `.chezmoiignore` updates in the dotfiles repo (separate task)

Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/208
 2026-02-18 17:53:47 -08:00
Erich Blume
7bf46f4e28 Add flake.lock for ringtail NixOS config 
Prevents 'Git tree is dirty' warnings during nixos-rebuild.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-18 09:31:21 -08:00
Erich Blume
5a087c10df Fix deprecated greetd.tuigreet package reference 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-18 09:30:01 -08:00
Erich Blume
4b7491c58f Add python3 to ringtail for Ansible compatibility 
NixOS doesn't include Python by default. Ansible needs it on the
managed host for module execution.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-18 09:29:09 -08:00
Erich Blume
b08ed98881 Enable passwordless sudo for wheel group on ringtail 
Required for Ansible unattended provisioning via become: true.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-18 09:25:32 -08:00
Erich Blume
8ee6c1271a Add --accept-routes and --ssh to tailscale config 
Makes tailscale settings declarative so they persist across rebuilds.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-18 09:24:17 -08:00
Erich Blume
aaf7e73c27 Fix sway on NVIDIA proprietary drivers 
Sway/wlroots refuses to start on proprietary NVIDIA by default.
Add --unsupported-gpu flag and disable hardware cursors.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-18 09:08:26 -08:00
Erich Blume
104e49d337 Allow unfree packages for NVIDIA drivers and Steam 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-18 08:56:27 -08:00
Erich Blume
b9d813cde1 Add NixOS configuration for ringtail workstation (#207) 
## Summary
- NixOS flake for ringtail (gaming/compute workstation, RTX 4080) in `nixos/ringtail/`
- Declarative disk partitioning via disko (GPT, 512M EFI + ext4 root on NVMe)
- NVIDIA proprietary drivers, sway/Wayland desktop, greetd, PipeWire, Steam
- Tailscale integration for tailnet connectivity
- Ansible playbook + `mise run provision-ringtail` for ongoing management
- Pulumi auth key (`tag:homelab`, `tag:blumeops`) for tailnet bootstrap

## Deployment Order
1. **Merge PR**
2. `pulumi up` in tailscale stack → creates auth key
3. Retrieve auth key: `pulumi stack output ringtail_authkey --show-secrets`
4. On ringtail NixOS installer:
   - `nix run github:nix-community/disko -- --mode disko /tmp/disk-config.nix` (or from cloned repo)
   - `nixos-install --flake github:eblume/blumeops?dir=nixos/ringtail#ringtail`
5. Reboot, `tailscale up --auth-key=<key>`
6. Verify: `tailscale status`, SSH from gilbert

## Test plan
- [ ] Review NixOS configuration for completeness
- [ ] Verify disko partition layout matches ringtail hardware
- [ ] Run `pulumi preview` for tailscale stack
- [ ] Install NixOS on ringtail
- [ ] Confirm tailscale connectivity
- [ ] Confirm sway desktop works
- [ ] Test `mise run provision-ringtail` for ongoing management

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/207
 2026-02-18 08:24:25 -08:00