Skip to content

TODO.md

Latest commit

 

History

History
66 lines (58 loc) · 3.05 KB

TODO.md

File metadata and controls

66 lines (58 loc) · 3.05 KB

Homelab TODO

Core Infrastructure

  • Monitoring: Prometheus + Grafana + Alertmanager (with email alerts)
  • Internal DNS: AdGuard Home with split DNS for *.domain.com
  • SSL Certificates: ACME with DNS challenges for wildcard certs
  • DDNS: Linode DNS updates every 5 minutes
  • Backup System: Restic with automated snapshots

Application Services (NixOS Services)

  • Media Server: Jellyfin
  • Media Management: Sonarr, Radarr, Prowlarr, Bazarr
  • Media Requests: Jellyseerr
  • Usenet Downloader: SABnzbd
  • Dashboard: Homepage
  • Cloud Storage: Nextcloud
  • Password Manager: Vaultwarden
  • Home Automation: Home Assistant

Declarative Config (Completed via preStart scripts)

API keys and core settings are now declaratively injected on every boot:

  • SABnzbd: Full config including usenet servers, categories, paths
  • Bazarr: OpenSubtitles credentials, Sonarr/Radarr connections
  • Sonarr/Radarr/Prowlarr: API keys injected into config.xml
  • Jellyseerr: API key injected into settings.json

Manual setup still required (state stored in SQLite):

  • Jellyfin: Create users, add media libraries, generate API key for Homepage
  • Prowlarr: Add indexers (usenet/torrent)
  • Sonarr/Radarr: Add root folders, quality profiles, connect to SABnzbd
  • Jellyseerr: Run setup wizard (connect to Jellyfin, add Sonarr/Radarr)

Media Stack Configuration (Post-Deployment)

  • Configure usenet credentials in SABnzbd
  • Add indexers to Prowlarr (public trackers, usenet indexers)
  • Connect Sonarr/Radarr to Prowlarr for indexer management
  • Set up quality profiles in Sonarr/Radarr
  • Configure download paths and media library locations
  • Connect Jellyseerr to Jellyfin (API key setup)
  • Test end-to-end workflow: request → download → library
  • Optional: Implement declarative-jellyfin flake for advanced config

Network & External Access

  • AdGuard Home: Local DNS server with ad-blocking
  • Split DNS: Internal resolution for homelab services
  • Wildcard SSL: *.domain.com certificates via DNS challenges
  • Change UDM DNS to homelab once server build is stable
  • Consider Tailscale for secure remote access
  • Investigate additional AdGuard lists and settings

Data Storage

  • Configure SMB mount at /mnt/alexandria
  • Document data locations and recovery procedures

OpenClaw Declarative Migration

  • Migrate OpenClaw to fully declarative nix-openclaw Home Manager module — see OPENCLAW_NIX_TRANSITION.md
    • Get Home Manager running on floe (standalone or as NixOS module)
    • Map current openclaw.json to programs.openclaw.config
    • Move secrets (bot tokens, API keys) to files
    • Remove manual services/openclaw.nix and hand-managed config
    • Migrate plugins/skills to module options

Documentation & Maintenance

  • Document service URLs and access methods
  • Create service status dashboard (Homepage with widgets)
  • Set up monitoring alerts (Alertmanager with email)
  • Document rollback procedures