dunkirk.sh
Kieran's opinionated (and probably slightly dumb) nix config
1# dunkirk.sh
2
3Kieran's opinionated NixOS infrastructure — declarative server config, self-hosted services, and automated deployments.
4
5## Layout
6
7```
8~/dots
9├── .github/workflows # CI/CD (deploy-rs + per-service reusable workflow)
10├── dots # config files symlinked by home-manager
11│ └── wallpapers
12├── machines
13│ ├── atalanta # macOS M4 (nix-darwin)
14│ ├── ember # dell r210 server (basement)
15│ ├── moonlark # framework 13 (dead)
16│ ├── nest # shared tilde server (home-manager only)
17│ ├── prattle # oracle cloud x86_64
18│ ├── tacyon # rpi 5
19│ └── terebithia # oracle cloud aarch64 (main server)
20├── modules
21│ ├── lib
22│ │ └── mkService.nix # service factory (see Deployment section)
23│ ├── home # home-manager modules
24│ │ ├── aesthetics # theming and wallpapers
25│ │ ├── apps # app configs (ghostty, helix, git, ssh, etc.)
26│ │ ├── system # shell, environment
27│ │ └── wm/hyprland
28│ └── nixos # nixos modules
29│ ├── apps # system-level app configs
30│ ├── services # self-hosted services (mkService-based + custom)
31│ │ ├── restic # backup system with CLI
32│ │ └── bore # tunnel proxy
33│ └── system # pam, wifi
34├── packages # custom nix packages
35└── secrets # agenix-encrypted secrets
36```
37
38## Machines
39
40| Name | Platform | Role |
41|------|----------|------|
42| **terebithia** | Oracle Cloud aarch64 | Main server — runs all services |
43| **prattle** | Oracle Cloud x86_64 | Secondary server |
44| **atalanta** | macOS M4 | Development laptop (nix-darwin) |
45| **ember** | Dell R210 | Basement server |
46| **tacyon** | Raspberry Pi 5 | Edge device |
47| **nest** | Shared tilde | Home-manager only |