fixes and docs

2026-03-23 15:17:10 -05:00
parent 2c0b26ced0
commit 23f29b6ca1
25 changed files with 1590 additions and 795 deletions
--- a/docs/systems/nuc-nixos.md
+++ b/docs/systems/nuc-nixos.md
@@ -0,0 +1,57 @@
+# Intel NUC (nuc-nixos)
+
+`systems/x86_64-linux/nuc-nixos/`
+
+## Hardware
+
+- **Device**: Intel NUC
+- **Disk**: btrfs with LUKS encryption
+- **Security**: TPM2, Lanzaboote (Secure Boot)
+- **Kernel**: CachyOS `linux-cachyos-lto` (x86_64-v4 build)
+
+## Key Features
+
+- Headless server (no display manager, watchdog enabled)
+- Home Assistant — the primary smart home controller
+- OpenThread Border Router (OTBR) for Matter/Thread devices
+- Impermanence (ephemeral root, persistent state for HA and related services)
+- btrfs filesystem (unlike the bcachefs-based NAS and Pi5)
+
+## Network
+
+- **LAN IP**: 10.0.1.4 (static, `enp2s0`)
+- **Gateway / DNS**: 10.0.1.1
+- **Firewall**: 1883 (MQTT), 8880/8881 (OTBR), 8192
+
+## Services
+
+| Service | Port | Description |
+|---|---|---|
+| Home Assistant | 8097 | Smart home controller |
+| Mosquitto (MQTT) | 1883 | IoT message broker |
+| Zigbee2MQTT | 8080 | Zigbee device bridge |
+| Music Assistant | 8095 | Music streaming |
+| OTBR | 8880/8881 | OpenThread Border Router (Matter/Thread) |
+| ESPHome | — | ESP microcontroller firmware |
+| PostgreSQL | — | HA database backend |
+
+## Persistent Directories
+
+The following directories survive reboots via impermanence:
+
+- `/esphome`
+- `/var/lib/homeassistant`
+- `/var/lib/mosquitto`
+- `/var/lib/music-assistant`
+- `/var/lib/postgresql`
+- `/var/lib/zigbee2mqtt`
+
+## Configuration Files
+
+| File | Purpose |
+|---|---|
+| `default.nix` | All config in one file — HA, OTBR, network, hardware, impermanence |
+
+## Secrets
+
+Secrets are in `secrets/nuc-secrets.yaml`, encrypted for: `nuc`, `admin_nuc`, `matt`, `admin`, `jallen-nas`.