Blog

My current setup relies on chezmoi combined with shell scripts and Ansible. What started as a clean solution has grown increasingly complicated over time.

On openSUSE, local Ansible playbooks worked reasonably well. But after switching back to Arch, the approach completely fell apart. Ansible on Arch forces you to configure too much through raw shell commands. What was once a playbook is now a collection of shell scripts calling other shell scripts. The simplicity is gone.

Chezmoi handles the dotfiles themselves fine, but it doesn't solve the broader problem: setting up the environment around those dotfiles. Installing packages, configuring services, managing project-specific contexts. All of that still requires brittle scripting.

What reignited my interest in Nix was attending 39C3 and subsequently diving into the NixCon 2025 recordings on media.ccc.de. Watching talks about reproducible builds, declarative system configuration, and the matured home-manager ecosystem made me realize how far the Nix community has come since my first encounter with NixOS back in early 2020.

The tooling has improved significantly. Flakes provide a standardized way to define inputs and outputs. Home-manager has grown into a robust solution for managing user environments. The documentation and community resources are vastly better than they were back then.

My development workflow is heavily influenced by direnv. Each project has its own .envrc that sets up the environment: language versions, tools, environment variables. It's been a game-changer for context-switching between projects.

# Example .envrc
use nix
export AWS_PROFILE=project-x
export KUBECONFIG=~/.kube/project-x.config

Direnv + nix-shell already gives me per-project tooling. But managing the non-project-specific parts of my environment (shell configuration, editor setup, CLI tools) remains manual and messy.

Home-manager takes the declarative approach beyond development environments to your entire user configuration:

• Modular Configuration: Split your config into logical modules. A git.nix for version control settings, a shell.nix for zsh/bash configuration, an editor.nix for Neovim or Emacs.
• Project-Specific Contexts: This is where it gets interesting. Instead of scattered AWS config files and manual profile switching, I can define project-specific modules that set up everything needed for a particular client or project.

# modules/work/project-x.nix
{ config, pkgs, ... }:
{
  programs.awscli = {
    enable = true;
    profiles.project-x = {
      region = "eu-central-1";
      sso_account_id = "123456789";
    };
  };

  home.sessionVariables = {
    PROJECT_X_CONFIG = "${config.home.homeDirectory}/.config/project-x";
  };
}

• Reproducibility: The same configuration produces the same environment on any machine. No more "it works on my laptop" for my own setup.
• Rollbacks: Made a configuration mistake? Roll back to the previous generation. This safety net makes experimentation less risky.

I'm not planning to switch to NixOS on the host system. Arch will remain my base. But home-manager works perfectly fine on non-NixOS systems, managing just the user environment while leaving the system configuration to pacman.

The migration will be gradual:

1. Start with the basics: shell configuration, common CLI tools
2. Move editor configuration into home-manager
3. Gradually add project-specific modules
4. Eventually have a fully declarative, version-controlled user environment

The beauty is that direnv and home-manager complement each other. Home-manager handles the baseline, the stuff I need everywhere. Direnv handles project-specific overrides and development shells. Together, they provide both consistency and flexibility.

Will I end up using HRT and become a Furry? I hope not!

One of the highlights of Congress was attending the soldering workshops run by Mitch Altman. If you've never had the chance to learn from him, you're missing out. The man has been teaching people to solder for decades and has a knack for making electronics accessible to complete beginners.

He's also the author of a fantastic comic called Soldering is Easy that explains the basics in a way that actually sticks. No dry technical manuals, just clear illustrations showing proper technique, common mistakes, and how to fix them. If you're starting out, find that comic. Also I always wanted to have a Brain Machine. I was looking forward to this years ago when being addicted to the books of Robert Anton Wilson but got scared off when knowing you have to assembly it yourself. This was my chance to learn from the inventor himself!

I did three additional ones on the Congress. One with Mitch too based on Arduino and his TV-B-Gone project (a TV remote shutting off all possible TVs haha) and one about Lora building an own ground station. So I guess all in all I was so happy to spark some more excitement about Tech.

There's something deeply satisfying about soldering. The smell of burned stuff, the precision required, the immediate feedback of a shiny joint versus a cold one. It's a meditative process that results in something tangible. A stark contrast to the ephemeral nature of most software work.

At the workshops I built a few kits and finally understood why my previous attempts at soldering had been so frustrating. Turns out, a decent iron and proper flux make all the difference. Who knew.

This year I want to do more electronic projects. Not just soldering kit builds, but actually designing and creating things:

• Experiment with microcontrollers beyond the usual Arduino blink sketches
• Something something ESP32 magic
• Maybe finally tackle that custom macro pad idea I've had for years
• Learn to read schematics properly
• Learn how to do my own PCB designs (Because why not!)
• Ordering way tooooo much stuff on aliexpress
• Creating blinking stuff
• Own programmable christmas lights for my Homeoffice plan/tree "Nain"

The hacker spaces and assembly halls at Congress were full of inspiration. People building everything from synthesizers to badge add-ons to art installations. That energy is contagious.

Time to heat up the iron.

The reasons piled up over time:

• AI Music Flooding the Platform: Searching for anything now returns a mix of legitimate artists and algorithmically generated filler. It's getting harder to discover actual human-made music.
• Price Increases: Every year it gets more expensive. At some point you have to ask what you're actually paying for.
• Features I Don't Use: Audiobooks, podcasts, video content. Spotify keeps adding things I have zero interest in while the core music experience stagnates.

I own a decent collection of music purchased over the years. Mashups for running, albums from artists I actually want to support, tracks you simply can't find on streaming platforms. Having all of that scattered between YouTube, local files, and Spotify never made sense.

After some research, I settled on:

• Navidrome: A lightweight, self-hosted music server that implements the Subsonic API. It's designed specifically for music, unlike more general media servers.
• Symfonium: An Android app that connects to Subsonic-compatible servers. It's a paid app, but the customization options are extensive. You can configure it to look and feel surprisingly close to Spotify. Also can be used for local storage, several other media servers (Yes also Jellyfin) or cloud storage providers. But the customization is quiet powerful!

I did consider Jellyfin since I already use it for video. But for music specifically, Navidrome felt like the better choice. It's focused, actively developed, and the Subsonic standard means broad client compatibility. And their webplayer makes it look like Spotify in the browser too!

One thing to note: Navidrome uses SQLite by default, and with a library pushing over 3TB, performance can get sluggish. Scanning, searching, and updating metadata takes time. The developer is working on PostgreSQL support which should help significantly for larger collections. For now, it's manageable but not instant. I did use Docker to host it myself and had to fiddle around some parameters when to do some automatic scanning. But it should work out of the box as intended and honestly after I was done wasn't sure if I am that I did create much performance boost after all.

The app deserves special mention. Out of the box it looks nothing like Spotify, but dig into the settings and you can reshape almost everything:

• Grid layouts for albums and artists
• Customizable now-playing screen
• Offline sync for selected playlists
• Downloadable options so I can sync when I am at home but am fine when going for a walk (Didn't want to allow access from the outside even if I could using my vpn)
• Gapless playback and replay gain support

It took an evening of tweaking, but now the experience feels familiar while actually playing music I own.

Absolutely. The initial setup takes effort, and maintaining your own library requires more work than just hitting play on a playlist. But knowing exactly what I'm listening to, having full control over my collection, and not paying a subscription for an increasingly worse service makes it worthwhile.

Self-hosting isn't for everyone. But if you've got the music and the hardware, give Navidrome a look.

I got scammed. 500 Euros gone to someone selling fake 38C3 tickets on Twitter/X. The transaction seemed legitimate enough at the time. It wasn't. Classic case of wanting something badly enough that you ignore the warning signs.

This can happen to anyone. Even people who should know better.

First thing I did was report him to the CCC directly. My hope was that they could warn others before someone else fell for the same scheme. Then I filed a report with my local police, including all the details I had: the conversations, the bank account he used, everything.

A few days ago I received a letter from the police. The investigation has been stopped. They couldn't identify him well enough to link him to the crime. Frustrating, but not entirely surprising.

The somewhat interesting part: the bank account I reported led somewhere. Turns out he was involved in money laundering. So while they might not get him for my 500 Euros specifically, at least there's a chance he'll face consequences for something.

In January, I received another message. Supposedly from his wife, apologizing that things "couldn't work out." Right.

It was obviously him, reacting after the police got involved. A clumsy attempt at damage control or maybe trying to gauge if I was still paying attention. I didn't respond. There's nothing to say to someone who steals from people trying to attend a hacker conference.

The money is gone. That stings. But if reporting him helps stop even one future scam, or if the money laundering investigation leads somewhere, then at least something came from it.

Buy tickets through official channels. If you can't get one, accept it. The FOMO isn't worth 500 Euros and months of dealing with police reports.

I didn't end up attending 38C3. But honestly, it was okay. I had been dealing with a foot issue in the months before, and by December I had finally recovered. So instead of Congress, I spent that time hiking and actually using my foot again. Sometimes things work out differently than planned.

Org does more than Markdown. Tables actually work. Footnotes exist. I can embed code blocks and run them (Babel). And since I'm already in org mode all day, I don't have to context-switch when writing a post.

Pretty simple:

• Added org support in Hugo's config.toml
• Ran pandoc on my old Markdown files to convert them
• Fixed a few formatting quirks that didn't translate perfectly

Yes. Everything's in one format now. I write posts the same way I write notes. No more switching between markup syntaxes.