diff --git a/CLAUDE.md b/CLAUDE.md index 61141ec..a28b754 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -125,6 +125,9 @@ This ensures documentation matches the exact nixpkgs version (currently NixOS 25 - `http-proxy/`, `ca/`, `postgres/`, `nats/`, `jellyfin/`, etc. - `/secrets/` - SOPS-encrypted secrets with age encryption - `/common/` - Shared configurations (e.g., VM guest agent) +- `/docs/` - Documentation and plans + - `plans/` - Future plans and proposals + - `plans/completed/` - Completed plans (moved here when done) - `/playbooks/` - Ansible playbooks for fleet management - `/.sops.yaml` - SOPS configuration with age keys for all servers diff --git a/docs/plans/nixos-improvements.md b/docs/plans/nixos-improvements.md index 473348b..c032b5d 100644 --- a/docs/plans/nixos-improvements.md +++ b/docs/plans/nixos-improvements.md @@ -2,6 +2,26 @@ This document contains planned improvements to the NixOS infrastructure that are not directly part of the automated deployment pipeline. +## Planned + +### Custom NixOS Options for Service and System Configuration + +Currently, most service configurations in `services/` and shared system configurations in `system/` are written as plain NixOS module imports without declaring custom options. This means host-specific customization is done by directly setting upstream NixOS options or by duplicating configuration across hosts. + +The `homelab.dns` module (`modules/homelab/dns.nix`) is the first example of defining custom options under a `homelab.*` namespace. This pattern should be extended to more of the repository's configuration. + +**Goals:** + +- Define `homelab.*` options for services and shared configuration where it makes sense, following the pattern established by `homelab.dns` +- Allow hosts to enable/configure services declaratively (e.g. `homelab.monitoring.enable`, `homelab.http-proxy.virtualHosts`) rather than importing opaque module files +- Keep options simple and focused — wrap only the parts that vary between hosts or that benefit from a clearer interface. Not everything needs a custom option. + +**Candidate areas:** + +- `system/` modules (e.g. auto-upgrade schedule, ACME CA URL, monitoring endpoints) +- `services/` modules where multiple hosts use the same service with different parameters +- Cross-cutting concerns that are currently implicit (e.g. which Loki endpoint promtail ships to) + ## Completed - [DNS Automation](completed/dns-automation.md) - Automatically generate DNS entries from host configurations