Replace broken k8s harmonia deployment with native NixOS service.
Configuration:
- services.harmonia.enable = true
- Bind to [::]:5000 (IPv4 and IPv6)
- Sign key at /etc/harmonia/signing-key.private
- Open firewall port 5000
The signing key must be placed manually on john-endesktop at
/etc/harmonia/signing-key.private using the key generated earlier.
Closes: x-fqaob
Add a new system-level role for mounting WebDAV filesystems via rclone.
Includes rclone-torbox-setup helper script that uses rbw to bootstrap
credentials from Bitwarden.
Key features:
- Configurable WebDAV URL, username, mount point
- VFS cache mode and buffer size tuning for media streaming
- RequiresMountsFor option for ZFS pool dependencies
- Obscured password storage via environment file
Enable on john-endesktop for TorBox WebDAV access by rdt-client and
Jellyfin. Mount waits for /media ZFS pool before starting.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Enable enableBuilder role on john-endesktop
- Add john-endesktop to nix-book's builder list (maxJobs=1, speedFactor=1)
- Document SSH setup process for new clients in remote-build role
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add fast-cpu and fast-storage labels since this node has a faster CPU
than other cluster nodes and is the NFS host with fast local storage.
Also add k3s-upgrade=disabled to exclude from system-upgrade-controller.
Add reusable k3s-node role with configurable options for server/agent
modes. Configure john-endesktop as a k3s agent joining the cluster at
10.0.0.222.
Role supports:
- Server or agent role selection
- Configurable server address and token file
- Graceful node shutdown
- Optional firewall port opening
- Cluster initialization for first server
Note: NixOS nodes must be labeled with `k3s-upgrade=disabled` to exclude
them from the system-upgrade-controller, since NixOS manages k3s upgrades
through Nix rather than in-place binary replacement.
Create configuration to migrate john-endesktop from Arch Linux to NixOS while
maintaining existing ZFS pools (media JBOD and swarmvols mirror) and NFS
exports for k3s cluster.
Configuration includes:
- ZFS support with automatic pool import
- NFS server exporting both pools to 10.0.0.0/24
- Correct ZFS hostid (007f0101) to resolve hostid warnings
- Btrfs root filesystem on nvme0n1p5 (810GB)
- Comprehensive migration plan with rollback procedures
The migration is designed to be safe with Arch Linux remaining bootable
as a fallback until NixOS is verified stable.
