Zero Maintenance. Zero Waste. Zero Downtime. A declarative, cost-effective NixOS computer lab architecture for any school.
One configuration file. One rebuild. Twenty students online — on hardware that was destined for the bin.
KaziLab is a complete, reproducible blueprint for turning a room full of aging business PCs into a modern, fully-managed computer lab — without buying new hardware, without proprietary licenses, and without a dedicated IT department on-site.
The entire system state is declared in NixOS configuration, tracked in Git, and reproducible from scratch. When something breaks: roll back. When something needs updating: update once, all clients follow. One server, one config, zero drift.
Built for the Ngaruma Vocational Training Centre in the Kilimanjaro Region, Tanzania — and designed to be forked, adapted, and deployed in any school with similar constraints.
Kazi = Work (Swahili)
| Principle | How |
|---|---|
| Zero Maintenance | NixOS declarative config. Rebuild once, all 20 desktops follow. |
| Zero Waste | Refurbished enterprise hardware. 10-year target lifespan. |
| Zero Downtime | ZFS mirror + UPS + WireGuard remote access from anywhere in the world |
| Open Source Only | NixOS + MikroTik RouterOS. No vendor lock-in, ever. |
| Financially Sane | ~3,600 EUR total. 120 students. Works out at ~30 EUR per student. |
[Admin / Germany]
|
WireGuard VPN (punches through CGNAT — no static IP needed)
|
[MikroTik hAP ax3] <-- Airtel LTE/5G
Firewall | DHCP | DNS | NTP | QoS | WireGuard endpoint
|
[MikroTik CRS326-24G-2S+RM Switch]
10G SFP+ uplink to server / 24x 1G ports for clients
|
┌────────────────────────────────────────────────┐
│ NixOS Server (AMD Ryzen 9 5950X, 64 GB ECC) │
│ ZFS mirror | systemd-nspawn containers │
│ │
│ [ct-auth ] LLDAP — 120 student accounts │
│ [web01 ] Nginx + iPXE netboot images │
│ [kiwix01 ] Offline Wikipedia / Khan Academy │
│ │
│ Shared /nix/store + /home via NFS │
└────────────────────────────────────────────────┘
|
20 × Thin Clients (HP ProDesk / Dell OptiPlex)
NixOS diskless netboot via iPXE → XFCE4 desktop locally
tmpfs root, NFS /nix/store. Reboot = factory fresh.
| Resource | URL |
|---|---|
| NixOS Configuration | https://github.com/NgarumaVTC/nixos |
| Zukunft bauen e.V. | https://www.zukunft-bauen.online/ |
| File | Contents |
|---|---|
| background.org | Context, problem statement, solution rationale |
| hardware.org | Bill of Materials + hardware decision rationale |
| architecture.org | NixOS server & container architecture |
| network.org | IP layout, VLANs, MikroTik configuration |
| implementation.org | Step-by-step deployment guide (NixOS) |
| disaster_recovery.org | ZFS recovery procedures |
Full hardware budget: ~3,645 EUR for a lab serving 120 students.
| Category | Cost (EUR) |
|---|---|
| Server (CPU/MB/RAM) | 1,190 |
| Storage (ZFS mirror) | 610 |
| Power (UPS/PSU/Strip) | 523 |
| Networking | 333 |
| Peripherals & Cables | 527 |
| Audio / Video | 282 |
| Local Assembly & Case | 170 |
| Total | 3,635 |
Full breakdown with sourcing notes: hardware.org
Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)
Share, fork, adapt — for your school, your country, your constraints. Give credit. Keep it open.