Overlay network

My homelab is currently using Tailscale which is awesome service and most homelaber are using it and I fully recommend it for anyone. But it’s not selfhosted and it’s not as flexible as I would like it to be.

Netmaker is solid choice, but thanks to them modifying the /etc/hosts file, I’m unable to use it on nixos.
OpenZiti great new option. Supporting all possible usecases and it can be selfhosted and it’s new way how to do zero trust networking. But it’s seems to be really new and complicated.
Headscale as self hosted version of Tailscale it seems interesting and might offer bigger flexibility.

VPN

Currently my homelab and my setup is lacking VPN in the traditional sense. So I will be seeking to find some suitable vpn providers. Any suggestions are welcomed.

Secret management

For any reasonable configurations of my nixos servers or my kubernetes clusters I will need secrets, but since I’m striving to keep everything open source I will need some secret management I can either commit into the repository or that is completely separated from the repositories.
For kubernetes I will be evaluating:

• SealedSecret from bitnami labs
• Vault from Hashicorp
• Possible other For Nixos I’m interested in exploring agenix .

Nix servers

I want to explore more option of deploying and updating my nixos serves and workstations automatically. Creating deployment with nixos-generators and exploring how the nits works. Since all of my servers share configurations I want to explore deploying my own version of cachix to speed up builds.