Clan is a toolkit that makes it easier to manage networks of VPN-connected NixOS machines.
The ultimate goal is to lower the barrier to self-host services massively to allow anyone to achieve this without special hardware. As of now using clan still requires NixOS knowledge but already
nicely combines a bunch of our open-source project that you may know (nixos-anywhere, sops-nix, nixos-generators, disko, …) in a uniform CLI. Join us on Matrix
Changelog from the past week
Backups
- Borgbackup is migrated to
vars - Pinpox: New backup module
resticis in progress. (Restic = alternative Backup system)
Installation
- Automatic disk encryption during installation:
- Automatically generate disk encryption keys using vars and provide these to disko
Clan modules / Inventory
- First prototype of dynamically adding clanModules over the API
- Module meta info:
- associate resources (services, vars, state) with our clan module
- Module Meta idea - HedgeDoc
Data-mesher
- Multiple ip addresses for a host
- Chasing down a segfault in nss-datamesher
- Multi-node NixOS VM test which runs through basic functionality
- Refining memberlist config and usage
- Better support for node reconnect
- Better visibility of cluster status with some http endpoints
- Improved logging
UI
- Started design: clanModules generate configuration surface in clan app.
- Imagined workflow steps for configuring an overarching module:
- Define roles
- Configure (if needed)
- Generate the ‘Credentials & Data’ (known as ‘vars’)
- Top-level options will be showed under “general”
- Nested attributes will be transformed into tab/sidebar navigation items
- UI will be dyncamically created and can be arbitrarily nested. Although we are concerned that deeply nested attributes will create bad ux. We might want to give some guidelines here how to structure clanModule options.
- Type/module annotations can provide a place to add more information for the input fields.
- Imagined workflow steps for configuring an overarching module:
VPNs
@Mic92Work-in-progress: hyprspace clanModule- A new vpn clanModule mycelium
- Usable via the inventory
- mycelium 🔹 - Clan Documentation
- Work-in-progress zerotier migration to
vars - While building the VPN benchmark clan_cli is being used as an headless API package
- This uncovered a multitude of things to work on and fix