# malobeo infrastructure

this repository nxios configurations of the digital malobeo infrastructure. it should be used to setup, test, build and deploy different hosts in a reproducible manner.

the file structure is based on this [blog post](https://samleathers.com/posts/2022-02-03-my-new-network-and-deploy-rs.html)

## hosts

#### durruti
- nixos-container running on dedicated hetzner server
- login via ```ssh -p 222 malobeo@5.9.153.217```
- if rebuild switch fails due to biglock do ```mount -o remount,rw /nix/var/nix/db```
- currently is running tasklist in detached tmux session
  - [x] make module with systemd service out of that

## creating a new host

### setting up filesystem
currently nixos offers no declarative way of setting up filesystems and partitions. that means this has to be done manually for every new host. [to make it as easy as possible we can use this guide to setup an encrypted zfs filesystem](https://openzfs.github.io/openzfs-docs/Getting%20Started/NixOS/Root%20on%20ZFS.html)

*we could create a shell script out of that*

### deploying configuration

#### local deployment
``` shell
nixos-rebuild switch --use-remote-sudo
```

#### remote deployment

you need the hostname and ip address of the host:
``` shell
 nixos-rebuild switch --flake .#<hostname> --target-host root@<ip_address> --build-host localhost
```

in this case 'localhost' is used as buildhost which can be usefull if the target host is low systemresources


## development

### requirements
we use flake based configurations for our hosts. if you want to build configurations on you own machine you have to enable flakes first by adding the following to your *configuration.nix* or *nix.conf*
``` nix
nix.extraOptions = ''
  experimental-features = nix-command flakes
'';
```

More information about flakes can be found [here](https://nixos.wiki/wiki/Flakes)

### dev shell
a development shell with the correct environment can be created by running ```nix develop ```

If you're using direnv you can add flake support by following those steps: [link](https://nixos.wiki/wiki/Flakes#Direnv_integration)

### build a configuration

to build a configuration run the following command (replace ```<hostname>``` with the actual hostname):

``` shell
nix build .#nixosConfigurations.<hostname>.config.system.build.toplevel
```

### building raspberry image

for the raspberry it is possible to build the whole configuration as an sd-card image which then can be flashed directly. more information about building arm on nixos can be found [here](https://nixos.wiki/wiki/NixOS_on_ARM).

to be able to build the image you need to enable qemu emulation on the machine you are building with. therefore it is necessary to add the following to your configuration.nix:

``` nix
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
```

then you can build the image with:

``` shell
nix build .#nixosConfigurations.rpi1_base_image.config.system.build.sdImage
```

### run a configuration as vm

to run a vm we have to build it first using the following command (replace ```<hostname>``` with the actual hostname):

``` shell
nix build .#nixosConfigurations.<hostname>.config.system.build.vm
```

afterwards run the following command to start the vm:

``` shell
./result/bin/run-<hostname>-vm
```

### documentation

for documentation we currently just use README.md files.

the devshell provides the python package ['grip'](https://github.com/joeyespo/grip) which can be used to preview different README.md files in the browser.
the usage is simple, just run ```grip``` in the same folder as the README.md you wanna preview. then open your browser at ```http://localhost:6419 ```.

## todos...

#### infrastructure
* [ ] host a local wiki with public available information about the space, for example:
  * [ ] how to use coffe machine
  * [ ] how to turn on/off electricity
  * [ ] how to use beamer
  * [ ] how to buecher ausleihen
  * ...
* [x] host some pad (codimd aka hedgedoc)
* [ ] some network fileshare for storing the movies and streaming them within the network
* [x] malobeo network infrastructure rework
  * [x] request mulvad acc
  * [x] remove freifunk, use openwrt with mulvad configured
* [ ] evaluate imposing solutions
    * [ ] pdfarranger

#### external services
we want to host two services that need a bit more resources, this is a booking system for the room itself and a library system.
- [x] analyse best way to include our stuff into external nixOs server
  - [x] writing some module that is included by the server
  - [x] directly use nixOs container on host
  - [x] combination of both (module that manages nginx blabla + nixOs container for the services

#### bots&progrmaming
* [ ] create telegram bot automatically posting tuesday events
* [x] create webapp/interface replacing current task list pad
  * could be a simple form for every tuesday
  * [x] element bot should send updates if some tasks are not filled out