yaro/metanix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Starting out simple. Small.

Browse source
This commit is contained in:
Yaro Kasear 2025-07-20 12:45:51 -05:00
parent cde6ba8905
commit 96cc5e9501
5 changed files with 47 additions and 62 deletions
Download patch file Download diff file Expand all files Collapse all files

40
README.md
View file

@ -1,33 +1,39 @@
# Metanix
*Declare your infrastructure!*
_Declare your infrastructure!_
**THIS IS STILL IN DESIGN AND EXPERIMENTATION PHASE**
## Description
Metanix is a nix library designed to allow a central, no-nonsense nix file to be written to allow for a Source of Truth leading to deterministic configuration identifiers like IP addresses, UIDs, GIDs, and enable quickly establishing frameworks for NixOS systems existing within an ecosystem.
As such, I am trying to design this system to enable a would-be admin to answer very simple one-word questions. Sort of.
## What?
Or, in other words, what systems do you want Metanix to manage or at least be aware of?
## Where?
Or, in other words, what networks and subnets do you have and where do your systems/users belong?
## Who?
Or, in other words, who are your users?
Or, in other words, who are your users?
## How?
Or, in other words, what kind of access control groups do you want or need to best control how everything is used.
## Enter: THINGS
I use the term "thing" as an overall blanket classification for the four main types in the library: Locations, Systems, Users, and Groups.
**Locations** are networks with their own Internet access, or at the very least are networks that are supposedly physically distinct from other networks. It could be your house, your office building, an apartment, whatever. Typically, Metanix considers the fundamental defining aspects of these to be routers and subnets.
**Locations** are networks with their own Internet access, or at the very least are networks that are supposedly physically distinct from other networks. It could be your house, your office building, an apartment, whatever. Typically, Metanix considers the fundamental defining aspects of these to be routers and subnets.
**Systems** are devices in any location. It can be any kind of device. PCs, servers, smart phones, game consoles. Depending on how its defined, Metanix will manage the device in some way, either through NixOS/Nix/Home Manager configurations, or through services it configures through Nix like DHCP, DNS, Headscale, etc.
**Systems** are devices in any location. It can be any kind of device. PCs, servers, smart phones, game consoles. Depending on how its defined, Metanix will manage the device in some way, either through NixOS/Nix/Home Manager configurations, or through services it configures through Nix like DHCP, DNS, Headscale, etc.
**Users** are (usually) the people who are using the systems and participating in your networks. Depending on the context, the user will have an account on the system, perhaps a network share with their data, and specific access controls granted or restricted to them on Headscale.
**Users** are (usually) the people who are using the systems and participating in your networks. Depending on the context, the user will have an account on the system, perhaps a network share with their data, and specific access controls granted or restricted to them on Headscale.
**Groups** are, well, collections of things. Useful for providing a common configuration or access control to those things without having to do a bunch of needless extra legwork. This makes access control and security more straightforward, allows one to classify entire systems as being under a particular responsibility, etc.
@ -119,28 +125,32 @@ More on each of these categories of things later.
role = "infrastructure";
tags = [ "router" "linode" ];
services = [ "nginx-proxy" "headscale" ];
config = {...}: { # NixOS config here, or use a path to one. };
config = {...}: { # NixOS config here, or use a path to one.
};
};
metatron = {
owner = "yaro";
nixOS = true;
role = "server";
tags = ["server" "linode" "upstream"];
config = {...}: { # NixOS config here, or use a path to one. };
config = {...}: { # NixOS config here, or use a path to one.
};
};
io = {
owner = "yaro";
nixOS = true;
role = "infrastructure";
tags = ["router" "downstream"];
config = {...}: { # NixOS config here, or use a path to one. };
config = {...}: { # NixOS config here, or use a path to one.
};
};
europa = {
owner = "yaro";
nixOS = true;
role = "infrastructure";
tags = ["router" "downstream"];
config = {...}: { # NixOS config here, or use a path to one. };
config = {...}: { # NixOS config here, or use a path to one.
};
};
deimos = {
owner = "yaro";
@ -157,7 +167,8 @@ More on each of these categories of things later.
"forgejo"
"headscale"
];
config = {...}: { # NixOS config here, or use a path to one. };
config = {...}: { # NixOS config here, or use a path to one.
};
};
phobos = {
owner = "yaro";
@ -171,7 +182,8 @@ More on each of these categories of things later.
"sandbox"
"node-red"
];
config = {...}: { # NixOS config here, or use a path to one. };
config = {...}: { # NixOS config here, or use a path to one.
};
};
terra = {
owner = "yaro";
@ -189,7 +201,8 @@ More on each of these categories of things later.
group = {
userGroups = {
programmers = {
config = { ... }: { # Home-manager config here, or use a path to one. };
config = { ... }: { # Home-manager config here, or use a path to one.
};
};
};
systemGroups = {
@ -198,7 +211,8 @@ More on each of these categories of things later.
"nfs"
"isci"
];
config = { ... }: { # Home-manager config here, or use a path to one. };
config = { ... }: { # Home-manager config here, or use a path to one.
};
};
};
};