From 61b1ceffd976a68c0547f95f4d5052aa13e89dd6 Mon Sep 17 00:00:00 2001 From: Noah Masur <7386960+nmasur@users.noreply.github.com> Date: Sat, 8 Feb 2025 12:58:06 -0500 Subject: [PATCH] hostnames and user settings --- flake.lock | 110 +----------------- flake.nix | 24 ++-- modules/common/default.nix | 42 +++---- .../nmasur/presets/programs/calendar.nix | 49 ++++++++ .../nmasur/presets/programs/himalaya.nix | 2 +- .../modules/nmasur/profiles/experimental.nix | 3 +- .../modules/nmasur/profiles/linux-base.nix | 6 +- .../modules/nmasur/presets/programs/fish.nix | 3 +- .../nmasur/presets/services/hammerspoon.nix | 3 +- .../nix-darwin/modules/nmasur/settings.nix | 14 +++ platforms/nixos/modules/hostnames.nix | 8 -- .../nmasur/presets/programs/calendar.nix | 33 ------ .../nmasur/presets/services/actualbudget.nix | 5 +- .../modules/nmasur/presets/services/arr.nix | 17 +-- .../modules/nmasur/presets/services/bind.nix | 11 +- .../nmasur/presets/services/calibre-web.nix | 7 +- .../nmasur/presets/services/filebrowser.nix | 5 +- .../presets/services/gitea-runner-local.nix | 3 +- .../modules/nmasur/presets/services/gitea.nix | 11 +- .../nmasur/presets/services/grafana.nix | 47 ++++---- .../nmasur/presets/services/immich.nix | 9 +- .../nmasur/presets/services/influxdb2.nix | 5 +- .../nmasur/presets/services/jellyfin.nix | 7 +- .../presets/services/minecraft-server.nix | 3 +- .../{ => nmasur/presets}/services/n8n.nix | 16 ++- .../nmasur/presets/services/nextcloud.nix | 11 +- .../nmasur/presets/services/ntfy-sh.nix | 7 +- .../nmasur/presets/services/paperless.nix | 5 +- .../services/prometheus-remote-write.nix | 3 +- .../nmasur/presets/services/thelounge.nix | 5 +- .../nmasur/presets/services/transmission.nix | 9 +- .../nmasur/presets/services/uptime-kuma.nix | 5 +- .../nmasur/presets/services/vaultwarden.nix | 7 +- .../presets/services/victoriametrics.nix | 5 +- .../nmasur/presets/services/vm-agent.nix | 3 +- platforms/nixos/modules/nmasur/settings.nix | 19 +++ platforms/nixos/modules/secrets.nix | 3 +- .../nixos/modules/services/filebrowser.nix | 3 +- {windows => platforms/windows}/alacritty.yml | 0 .../windows}/autohotkey/RemapCaps.ahk | 0 .../autohotkey/RemapCapsCtrlEscapeV2.ahk | 0 .../windows}/caps-lock-ctrl.reg | 0 .../windows}/chocolatey.config | 0 {windows => platforms/windows}/utc-time.reg | 0 .../windows}/windows-programs.md | 0 45 files changed, 253 insertions(+), 275 deletions(-) create mode 100644 platforms/home-manager/modules/nmasur/presets/programs/calendar.nix create mode 100644 platforms/nix-darwin/modules/nmasur/settings.nix delete mode 100644 platforms/nixos/modules/hostnames.nix delete mode 100644 platforms/nixos/modules/nmasur/presets/programs/calendar.nix rename platforms/nixos/modules/{ => nmasur/presets}/services/n8n.nix (65%) create mode 100644 platforms/nixos/modules/nmasur/settings.nix rename {windows => platforms/windows}/alacritty.yml (100%) rename {windows => platforms/windows}/autohotkey/RemapCaps.ahk (100%) rename {windows => platforms/windows}/autohotkey/RemapCapsCtrlEscapeV2.ahk (100%) rename {windows => platforms/windows}/caps-lock-ctrl.reg (100%) rename {windows => platforms/windows}/chocolatey.config (100%) rename {windows => platforms/windows}/utc-time.reg (100%) rename {windows => platforms/windows}/windows-programs.md (100%) diff --git a/flake.lock b/flake.lock index 9263f36..b40ba97 100644 --- a/flake.lock +++ b/flake.lock @@ -138,26 +138,6 @@ "type": "github" } }, - "firefox-darwin": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1737161595, - "narHash": "sha256-Txp3uh0KdB3+Pe6xihU0JWWe0LK8iXTUnZ8bOcKu3w0=", - "owner": "bandithedoge", - "repo": "nixpkgs-firefox-darwin", - "rev": "3224752c71a5245e90cfae360e0dc5de98e2b53c", - "type": "github" - }, - "original": { - "owner": "bandithedoge", - "repo": "nixpkgs-firefox-darwin", - "type": "github" - } - }, "flake-compat": { "flake": false, "locked": { @@ -213,24 +193,6 @@ } }, "flake-utils": { - "inputs": { - "systems": "systems" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { "inputs": { "systems": [ "mac-app-util", @@ -250,9 +212,9 @@ "type": "indirect" } }, - "flake-utils_3": { + "flake-utils_2": { "inputs": { - "systems": "systems_3" + "systems": "systems_2" }, "locked": { "lastModified": 1705309234, @@ -321,37 +283,15 @@ "type": "github" } }, - "jujutsu": { - "inputs": { - "flake-utils": "flake-utils", - "nixpkgs": [ - "nixpkgs" - ], - "rust-overlay": "rust-overlay" - }, - "locked": { - "lastModified": 1737163288, - "narHash": "sha256-PROBXqOUzgqIG66S74P1nyg7MbNoQ01k3oF0IM7qpHY=", - "owner": "martinvonz", - "repo": "jj", - "rev": "83d40d2c425fa2e050bdac8837b19e5beb3bef25", - "type": "github" - }, - "original": { - "owner": "martinvonz", - "repo": "jj", - "type": "github" - } - }, "mac-app-util": { "inputs": { "cl-nix-lite": "cl-nix-lite", "flake-compat": "flake-compat", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs" ], - "systems": "systems_2" + "systems": "systems" }, "locked": { "lastModified": 1732920695, @@ -421,7 +361,7 @@ }, "nix2vim": { "inputs": { - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_2", "nixpkgs": [ "nixpkgs" ] @@ -654,11 +594,9 @@ "darwin": "darwin", "disko": "disko", "fidget-nvim-src": "fidget-nvim-src", - "firefox-darwin": "firefox-darwin", "gh-collaborators": "gh-collaborators", "hmts-nvim-src": "hmts-nvim-src", "home-manager": "home-manager", - "jujutsu": "jujutsu", "mac-app-util": "mac-app-util", "nextcloud-cookbook": "nextcloud-cookbook", "nextcloud-external": "nextcloud-external", @@ -693,27 +631,6 @@ "zenyd-mpv-scripts": "zenyd-mpv-scripts" } }, - "rust-overlay": { - "inputs": { - "nixpkgs": [ - "jujutsu", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1735784864, - "narHash": "sha256-tIl5p3ueaPw7T5T1UXkLc8ISMk6Y8CI/D/rd0msf73I=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "04d5f1836721461b256ec452883362c5edc5288e", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, "snipe-nvim-src": { "flake": false, "locked": { @@ -731,21 +648,6 @@ } }, "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_2": { "locked": { "lastModified": 1689347925, "narHash": "sha256-ozenz5bFe1UUqOn7f60HRmgc01BgTGIKZ4Xl+HbocGQ=", @@ -760,7 +662,7 @@ "type": "github" } }, - "systems_3": { + "systems_2": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", diff --git a/flake.nix b/flake.nix index 35c9bd3..ba78131 100644 --- a/flake.nix +++ b/flake.nix @@ -34,11 +34,11 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - # Use official Firefox binary for macOS - firefox-darwin = { - url = "github:bandithedoge/nixpkgs-firefox-darwin"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + # # Use official Firefox binary for macOS + # firefox-darwin = { + # url = "github:bandithedoge/nixpkgs-firefox-darwin"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; # Better App install management in macOS mac-app-util = { @@ -175,12 +175,12 @@ flake = false; }; - # Git alternative - # Fixes: https://github.com/martinvonz/jj/issues/4784 - jujutsu = { - url = "github:martinvonz/jj"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + # # Git alternative + # # Fixes: https://github.com/martinvonz/jj/issues/4784 + # jujutsu = { + # url = "github:martinvonz/jj"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; # Ren and rep - CLI find and replace rep = { @@ -275,7 +275,7 @@ overlays = [ inputs.nur.overlays.default inputs.nix2vim.overlay - inputs.jujutsu.overlays.default # Fix: https://github.com/martinvonz/jj/issues/4784 + # inputs.jujutsu.overlays.default # Fix: https://github.com/martinvonz/jj/issues/4784 (import ./overlays/neovim-plugins.nix inputs) (import ./overlays/tree-sitter.nix inputs) (import ./overlays/mpv-scripts.nix inputs) diff --git a/modules/common/default.nix b/modules/common/default.nix index 1acb573..7e292d1 100644 --- a/modules/common/default.nix +++ b/modules/common/default.nix @@ -16,27 +16,27 @@ ]; options = { - user = lib.mkOption { - type = lib.types.str; - description = "Primary user of the system"; - }; - fullName = lib.mkOption { - type = lib.types.str; - description = "Human readable name of the user"; - }; - userDirs = { - # Required to prevent infinite recursion when referenced by himalaya - download = lib.mkOption { - type = lib.types.str; - description = "XDG directory for downloads"; - default = if pkgs.stdenv.isDarwin then "$HOME/Downloads" else "$HOME/downloads"; - }; - }; - identityFile = lib.mkOption { - type = lib.types.str; - description = "Path to existing private key file."; - default = "/etc/ssh/ssh_host_ed25519_key"; - }; + # user = lib.mkOption { + # type = lib.types.str; + # description = "Primary user of the system"; + # }; + # fullName = lib.mkOption { + # type = lib.types.str; + # description = "Human readable name of the user"; + # }; + # userDirs = { + # # Required to prevent infinite recursion when referenced by himalaya + # download = lib.mkOption { + # type = lib.types.str; + # description = "XDG directory for downloads"; + # default = if pkgs.stdenv.isDarwin then "$HOME/Downloads" else "$HOME/downloads"; + # }; + # }; + # identityFile = lib.mkOption { + # type = lib.types.str; + # description = "Path to existing private key file."; + # default = "/etc/ssh/ssh_host_ed25519_key"; + # }; # homePath = lib.mkOption { # type = lib.types.path; # description = "Path of user's home directory."; diff --git a/platforms/home-manager/modules/nmasur/presets/programs/calendar.nix b/platforms/home-manager/modules/nmasur/presets/programs/calendar.nix new file mode 100644 index 0000000..6056a19 --- /dev/null +++ b/platforms/home-manager/modules/nmasur/presets/programs/calendar.nix @@ -0,0 +1,49 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + cfg = config.nmasur.presets.programs.calendar; +in + +{ + + options.nmasur.presets.programs.calendar = { + enable = lib.mkEnableOption "Calendar application"; + username = lib.mkOption { + type = lib.types.str; + description = "Username for the calendar service backend"; + default = config.nmasur.settings.username; + }; + hostname = lib.mkOption { + type = lib.types.str; + description = "Hostname for the calendar service backend"; + }; + url = lib.mkOption { + type = lib.types.str; + description = "Username for the calendar service backend"; + default = "https://${cfg.hostname}/remote.php/dav/principals/users/${cfg.username}"; + }; + }; + + config = lib.mkIf cfg.enable { + + accounts.calendar.accounts.default = { + basePath = "other/calendars"; # Where to save calendars in ~ directory + name = "personal"; + local.type = "filesystem"; + primary = true; + remote = { + passwordCommand = [ "" ]; + type = "caldav"; + url = cfg.url; + userName = cfg.username; + }; + }; + + home.packages = [ pkgs.gnome-calendar ]; + }; +} diff --git a/platforms/home-manager/modules/nmasur/presets/programs/himalaya.nix b/platforms/home-manager/modules/nmasur/presets/programs/himalaya.nix index b631980..ea6a1d3 100644 --- a/platforms/home-manager/modules/nmasur/presets/programs/himalaya.nix +++ b/platforms/home-manager/modules/nmasur/presets/programs/himalaya.nix @@ -20,7 +20,7 @@ in accounts.email.accounts.home.himalaya = { enable = true; settings = { - downloads-dir = config.userDirs.download; + downloads-dir = config.xdg.userDirs.download; smtp-insecure = true; }; }; diff --git a/platforms/home-manager/modules/nmasur/profiles/experimental.nix b/platforms/home-manager/modules/nmasur/profiles/experimental.nix index 408921c..62ca132 100644 --- a/platforms/home-manager/modules/nmasur/profiles/experimental.nix +++ b/platforms/home-manager/modules/nmasur/profiles/experimental.nix @@ -26,9 +26,10 @@ in ]; - programs.gh-dash.enable = true; + programs.gh-dash.enable = lib.mkDefault true; programs.helix.enable = lib.mkDefault true; programs.zed-editor.enable = lib.mkDefault true; + programs.himalaya.enable = lib.mkDefault true; }; diff --git a/platforms/home-manager/modules/nmasur/profiles/linux-base.nix b/platforms/home-manager/modules/nmasur/profiles/linux-base.nix index 2953346..19026e0 100644 --- a/platforms/home-manager/modules/nmasur/profiles/linux-base.nix +++ b/platforms/home-manager/modules/nmasur/profiles/linux-base.nix @@ -16,14 +16,14 @@ in config = lib.mkIf cfg.enable { # Allow Nix to manage the default applications list - mimeApps.enable = lib.mkDefault true; + xdg.mimeApps.enable = lib.mkDefault true; # Set directories for application defaults - userDirs = { + xdg.userDirs = { enable = lib.mkDefault true; createDirectories = lib.mkDefault true; documents = lib.mkDefault "$HOME/documents"; - download = lib.mkDefault config.userDirs.download; + download = lib.mkDefault "$HOME/downloads"; music = lib.mkDefault "$HOME/media/music"; pictures = lib.mkDefault "$HOME/media/images"; videos = lib.mkDefault "$HOME/media/videos"; diff --git a/platforms/nix-darwin/modules/nmasur/presets/programs/fish.nix b/platforms/nix-darwin/modules/nmasur/presets/programs/fish.nix index 3003ea9..9150603 100644 --- a/platforms/nix-darwin/modules/nmasur/presets/programs/fish.nix +++ b/platforms/nix-darwin/modules/nmasur/presets/programs/fish.nix @@ -7,6 +7,7 @@ let cfg = config.nmasur.presets.programs.fish; + inherit (config.nmasur.settings) username; in { @@ -18,7 +19,7 @@ in environment.shells = [ pkgs.fish ]; - users.users.${config.user}.shell = pkgs.fish; + users.users.${username}.shell = pkgs.fish; # Speeds up fish launch time on macOS programs.fish.useBabelfish = true; diff --git a/platforms/nix-darwin/modules/nmasur/presets/services/hammerspoon.nix b/platforms/nix-darwin/modules/nmasur/presets/services/hammerspoon.nix index 317f686..cb26e59 100644 --- a/platforms/nix-darwin/modules/nmasur/presets/services/hammerspoon.nix +++ b/platforms/nix-darwin/modules/nmasur/presets/services/hammerspoon.nix @@ -6,6 +6,7 @@ let cfg = config.nmasur.presets.services.hammerspoon; + inherit (config.nmasur.settings) username; in { @@ -19,7 +20,7 @@ in system.activationScripts.postUserActivation.text = '' defaults write org.hammerspoon.Hammerspoon MJConfigFile "${ - config.home-manager.users.${config.user}.xdg.configHome + config.home-manager.users.${username}.xdg.configHome }/hammerspoon/init.lua" sudo killall Dock ''; diff --git a/platforms/nix-darwin/modules/nmasur/settings.nix b/platforms/nix-darwin/modules/nmasur/settings.nix new file mode 100644 index 0000000..b6e7b37 --- /dev/null +++ b/platforms/nix-darwin/modules/nmasur/settings.nix @@ -0,0 +1,14 @@ +{ lib, ... }: + +{ + options.nmasur.settings = { + username = lib.mkOption { + type = lib.types.str; + description = "Primary username for the system"; + }; + fullName = lib.mkOption { + type = lib.types.str; + description = "Human readable name of the user"; + }; + }; +} diff --git a/platforms/nixos/modules/hostnames.nix b/platforms/nixos/modules/hostnames.nix deleted file mode 100644 index a00aa02..0000000 --- a/platforms/nixos/modules/hostnames.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ lib, ... }: - -{ - - options.hostnames = lib.mkOption { - type = lib.types.attrsOf lib.types.str; - }; -} diff --git a/platforms/nixos/modules/nmasur/presets/programs/calendar.nix b/platforms/nixos/modules/nmasur/presets/programs/calendar.nix deleted file mode 100644 index b5b2df7..0000000 --- a/platforms/nixos/modules/nmasur/presets/programs/calendar.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: - -let - cfg = config.nmasur.presets.programs.calendar; -in - -{ - - options.nmasur.presets.programs.calendar.enable = lib.mkEnableOption "Calendar application"; - - config = lib.mkIf cfg.enable { - - accounts.calendar.accounts.default = { - basePath = "other/calendars"; # Where to save calendars in ~ directory - name = "personal"; - local.type = "filesystem"; - primary = true; - remote = { - passwordCommand = [ "" ]; - type = "caldav"; - url = "https://${config.hostnames.content}/remote.php/dav/principals/users/${config.user}"; - userName = config.user; - }; - }; - - home.packages = [ pkgs.gnome-calendar ]; - }; -} diff --git a/platforms/nixos/modules/nmasur/presets/services/actualbudget.nix b/platforms/nixos/modules/nmasur/presets/services/actualbudget.nix index 8436afc..6537bcc 100644 --- a/platforms/nixos/modules/nmasur/presets/services/actualbudget.nix +++ b/platforms/nixos/modules/nmasur/presets/services/actualbudget.nix @@ -6,6 +6,7 @@ let cfg = config.nmasur.presets.services.actualbudget; + hostnames = config.nmasur.settings.hostnames; in { @@ -60,7 +61,7 @@ in # Allow web traffic to Caddy caddy.routes = [ { - match = [ { host = [ config.hostnames.budget ]; } ]; + match = [ { host = [ hostnames.budget ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -71,7 +72,7 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.budget ]; + services.cloudflare-dyndns.domains = [ hostnames.budget ]; # Backups services.restic.backups.default.paths = [ "/var/lib/actualbudget" ]; diff --git a/platforms/nixos/modules/nmasur/presets/services/arr.nix b/platforms/nixos/modules/nmasur/presets/services/arr.nix index 59d01c1..f77abed 100644 --- a/platforms/nixos/modules/nmasur/presets/services/arr.nix +++ b/platforms/nixos/modules/nmasur/presets/services/arr.nix @@ -8,6 +8,7 @@ let cfg = config.nmasur.presets.services.actualbudget; + hostnames = config.nmasur.settings.hostnames; # This config specifies ports for Prometheus to scrape information arrConfig = { @@ -98,7 +99,7 @@ in group = "download"; match = [ { - host = [ config.hostnames.download ]; + host = [ hostnames.download ]; path = [ "/sonarr*" ]; } ]; @@ -114,7 +115,7 @@ in group = "download"; match = [ { - host = [ config.hostnames.download ]; + host = [ hostnames.download ]; path = [ "/radarr*" ]; } ]; @@ -129,7 +130,7 @@ in group = "download"; match = [ { - host = [ config.hostnames.download ]; + host = [ hostnames.download ]; path = [ "/readarr*" ]; } ]; @@ -144,7 +145,7 @@ in group = "download"; match = [ { - host = [ config.hostnames.download ]; + host = [ hostnames.download ]; path = [ "/prowlarr*" ]; } ]; @@ -160,7 +161,7 @@ in group = "download"; match = [ { - host = [ config.hostnames.download ]; + host = [ hostnames.download ]; path = [ "/bazarr*" ]; } ]; @@ -180,7 +181,7 @@ in group = "download"; match = [ { - host = [ config.hostnames.download ]; + host = [ hostnames.download ]; path = [ "/sabnzbd*" ]; } ]; @@ -193,7 +194,7 @@ in } { group = "download"; - match = [ { host = [ config.hostnames.download ]; } ]; + match = [ { host = [ hostnames.download ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -204,7 +205,7 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.download ]; + services.cloudflare-dyndns.domains = [ hostnames.download ]; # Enable Prometheus exporters systemd.services = lib.mapAttrs' (name: attrs: { diff --git a/platforms/nixos/modules/nmasur/presets/services/bind.nix b/platforms/nixos/modules/nmasur/presets/services/bind.nix index 19caaf5..5531b96 100644 --- a/platforms/nixos/modules/nmasur/presets/services/bind.nix +++ b/platforms/nixos/modules/nmasur/presets/services/bind.nix @@ -14,14 +14,15 @@ let cfg = config.nmasur.presets.services.bind; + hostnames = config.nmasur.settings.hostnames; localIp = "192.168.1.218"; localServices = [ - config.hostnames.stream - config.hostnames.content - config.hostnames.books - config.hostnames.download - config.hostnames.photos + hostnames.stream + hostnames.content + hostnames.books + hostnames.download + hostnames.photos ]; mkRecord = service: "${service} A ${localIp}"; localRecords = lib.concatLines (map mkRecord localServices); diff --git a/platforms/nixos/modules/nmasur/presets/services/calibre-web.nix b/platforms/nixos/modules/nmasur/presets/services/calibre-web.nix index b632f3f..5f0481b 100644 --- a/platforms/nixos/modules/nmasur/presets/services/calibre-web.nix +++ b/platforms/nixos/modules/nmasur/presets/services/calibre-web.nix @@ -1,7 +1,7 @@ # Calibre-web is an E-Book library and management tool. # - Exposed to the public via Caddy. -# - Hostname defined with config.hostnames.books +# - Hostname defined with hostnames.books # - File directory backed up to S3 on a cron schedule. { @@ -14,6 +14,7 @@ let cfg = config.nmasur.presets.services.calibre-web; + hostnames = config.nmasur.settings.hostnames; libraryPath = "/data/books"; in { @@ -38,7 +39,7 @@ in # Allow web traffic to Caddy caddy.routes = [ { - match = [ { host = [ config.hostnames.books ]; } ]; + match = [ { host = [ hostnames.books ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -54,7 +55,7 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.books ]; + services.cloudflare-dyndns.domains = [ hostnames.books ]; # Grant user access to Calibre directories users.users.${config.user}.extraGroups = [ "calibre-web" ]; diff --git a/platforms/nixos/modules/nmasur/presets/services/filebrowser.nix b/platforms/nixos/modules/nmasur/presets/services/filebrowser.nix index 6d33d17..7e3c308 100644 --- a/platforms/nixos/modules/nmasur/presets/services/filebrowser.nix +++ b/platforms/nixos/modules/nmasur/presets/services/filebrowser.nix @@ -5,6 +5,7 @@ }: let cfg = config.nmasur.presets.services.filebrowser; + hostnames = config.nmasur.settings.hostnames; in { @@ -20,7 +21,7 @@ in caddy.routes = [ { - match = [ { host = [ config.hostnames.files ]; } ]; + match = [ { host = [ hostnames.files ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -33,7 +34,7 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.files ]; + services.cloudflare-dyndns.domains = [ hostnames.files ]; }; diff --git a/platforms/nixos/modules/nmasur/presets/services/gitea-runner-local.nix b/platforms/nixos/modules/nmasur/presets/services/gitea-runner-local.nix index 0461413..40ddf05 100644 --- a/platforms/nixos/modules/nmasur/presets/services/gitea-runner-local.nix +++ b/platforms/nixos/modules/nmasur/presets/services/gitea-runner-local.nix @@ -13,6 +13,7 @@ let cfg = config.nmasur.presets.services.gitea-runner-local; + hostnames = config.nmasur.settings.hostnames; in { @@ -42,7 +43,7 @@ in wget ]; name = config.networking.hostName; - url = "https://${config.hostnames.git}"; + url = "https://${hostnames.git}"; tokenFile = config.secrets.giteaRunnerToken.dest; }; diff --git a/platforms/nixos/modules/nmasur/presets/services/gitea.nix b/platforms/nixos/modules/nmasur/presets/services/gitea.nix index 969ce60..0227ebb 100644 --- a/platforms/nixos/modules/nmasur/presets/services/gitea.nix +++ b/platforms/nixos/modules/nmasur/presets/services/gitea.nix @@ -7,6 +7,7 @@ let cfg = config.nmasur.presets.services.gitea; + hostnames = config.nmasur.settings.hostnames; giteaPath = "/var/lib/gitea"; # Default service directory in { @@ -28,7 +29,7 @@ in DISABLE_HTTP_GIT = false; # Allow requests hitting the specified hostname. - ACCESS_CONTROL_ALLOW_ORIGIN = config.hostnames.git; + ACCESS_CONTROL_ALLOW_ORIGIN = hostnames.git; # Automatically create viable users/orgs on push. ENABLE_PUSH_CREATE_USER = true; @@ -40,7 +41,7 @@ in server = { HTTP_PORT = 3001; HTTP_ADDRESS = "127.0.0.1"; - ROOT_URL = "https://${config.hostnames.git}/"; + ROOT_URL = "https://${hostnames.git}/"; SSH_PORT = 22; START_SSH_SERVER = false; # Use sshd instead DISABLE_SSH = false; @@ -65,7 +66,7 @@ in { match = [ { - host = [ config.hostnames.git ]; + host = [ hostnames.git ]; path = [ "/metrics*" ]; } ]; @@ -78,7 +79,7 @@ in } # Allow access to primary server. { - match = [ { host = [ config.hostnames.git ]; } ]; + match = [ { host = [ hostnames.git ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -91,7 +92,7 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.git ]; + services.cloudflare-dyndns.domains = [ hostnames.git ]; # Scrape the metrics endpoint for Prometheus. prometheus.scrapeTargets = [ diff --git a/platforms/nixos/modules/nmasur/presets/services/grafana.nix b/platforms/nixos/modules/nmasur/presets/services/grafana.nix index 10bc51f..a9c6dca 100644 --- a/platforms/nixos/modules/nmasur/presets/services/grafana.nix +++ b/platforms/nixos/modules/nmasur/presets/services/grafana.nix @@ -7,6 +7,7 @@ let cfg = config.nmasur.presets.services.grafana; + hostnames = config.nmasur.settings.hostnames; promUid = "victoriametrics"; in { @@ -31,7 +32,7 @@ in enable = true; settings = { server = { - domain = config.hostnames.metrics; + domain = hostnames.metrics; http_addr = "127.0.0.1"; http_port = 3000; protocol = "http"; @@ -451,7 +452,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.git}/admin/runners"; + url = "https://${hostnames.git}/admin/runners"; } ]; options = { @@ -525,7 +526,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.stream}"; + url = "https://${hostnames.stream}"; } ]; options = { @@ -785,7 +786,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.download}"; + url = "https://${hostnames.download}"; } ]; } @@ -807,7 +808,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.download}/bazarr"; + url = "https://${hostnames.download}/bazarr"; } ]; } @@ -829,7 +830,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.download}/radarr"; + url = "https://${hostnames.download}/radarr"; } ]; } @@ -851,7 +852,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.download}/readarr"; + url = "https://${hostnames.download}/readarr"; } ]; } @@ -873,7 +874,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.content}"; + url = "https://${hostnames.content}"; } ]; } @@ -895,7 +896,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.books}"; + url = "https://${hostnames.books}"; } ]; } @@ -917,7 +918,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.download}/sabnzbd"; + url = "https://${hostnames.download}/sabnzbd"; } ]; } @@ -939,7 +940,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.influxdb}"; + url = "https://${hostnames.influxdb}"; } ]; } @@ -961,7 +962,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.stream}"; + url = "https://${hostnames.stream}"; } ]; } @@ -983,7 +984,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.download}/sonarr"; + url = "https://${hostnames.download}/sonarr"; } ]; } @@ -1005,7 +1006,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.irc}"; + url = "https://${hostnames.irc}"; } ]; } @@ -1027,7 +1028,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.download}/prowlarr"; + url = "https://${hostnames.download}/prowlarr"; } ]; } @@ -1049,7 +1050,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.metrics}"; + url = "https://${hostnames.metrics}"; } ]; } @@ -1071,7 +1072,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.git}"; + url = "https://${hostnames.git}"; } ]; } @@ -1093,7 +1094,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.secrets}"; + url = "https://${hostnames.secrets}"; } ]; } @@ -1115,7 +1116,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.prometheus}/vmui"; + url = "https://${hostnames.prometheus}/vmui"; } ]; } @@ -1137,7 +1138,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.paperless}"; + url = "https://${hostnames.paperless}"; } ]; } @@ -1159,7 +1160,7 @@ in { targetBlank = true; title = ""; - url = "https://${config.hostnames.audiobooks}"; + url = "https://${hostnames.audiobooks}"; } ]; } @@ -2562,7 +2563,7 @@ in caddy.routes = [ { - match = [ { host = [ config.hostnames.metrics ]; } ]; + match = [ { host = [ hostnames.metrics ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -2575,6 +2576,6 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.metrics ]; + services.cloudflare-dyndns.domains = [ hostnames.metrics ]; }; } diff --git a/platforms/nixos/modules/nmasur/presets/services/immich.nix b/platforms/nixos/modules/nmasur/presets/services/immich.nix index e728b30..0730201 100644 --- a/platforms/nixos/modules/nmasur/presets/services/immich.nix +++ b/platforms/nixos/modules/nmasur/presets/services/immich.nix @@ -2,6 +2,7 @@ let cfg = config.nmasur.presets.services.immich; + hostnames = config.nmasur.settings.hostnames; in { @@ -19,7 +20,7 @@ in machine-learning.environment = { }; mediaLocation = "/data/images"; secretsFile = null; - settings.server.externalDomain = "https://${config.hostnames.photos}"; + settings.server.externalDomain = "https://${hostnames.photos}"; environment = { IMMICH_ENV = "production"; IMMICH_LOG_LEVEL = "log"; @@ -30,7 +31,7 @@ in caddy.routes = [ { - match = [ { host = [ config.hostnames.photos ]; } ]; + match = [ { host = [ hostnames.photos ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -41,10 +42,10 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.photos ]; + services.cloudflare-dyndns.domains = [ hostnames.photos ]; # Point localhost to the local domain - networking.hosts."127.0.0.1" = [ config.hostnames.photos ]; + networking.hosts."127.0.0.1" = [ hostnames.photos ]; # Backups services.restic.backups.default.paths = [ "/data/images" ]; diff --git a/platforms/nixos/modules/nmasur/presets/services/influxdb2.nix b/platforms/nixos/modules/nmasur/presets/services/influxdb2.nix index 1bd84e8..ce1e602 100644 --- a/platforms/nixos/modules/nmasur/presets/services/influxdb2.nix +++ b/platforms/nixos/modules/nmasur/presets/services/influxdb2.nix @@ -7,6 +7,7 @@ let cfg = config.nmasur.presets.services.influxdb2; + hostnames = config.nmasur.settings.hostnames; in { @@ -56,7 +57,7 @@ in caddy.routes = lib.mkIf config.services.influxdb2.enable [ { - match = [ { host = [ config.hostnames.influxdb ]; } ]; + match = [ { host = [ hostnames.influxdb ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -67,6 +68,6 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.influxdb ]; + services.cloudflare-dyndns.domains = [ hostnames.influxdb ]; }; } diff --git a/platforms/nixos/modules/nmasur/presets/services/jellyfin.nix b/platforms/nixos/modules/nmasur/presets/services/jellyfin.nix index 19e5b9f..44e67f9 100644 --- a/platforms/nixos/modules/nmasur/presets/services/jellyfin.nix +++ b/platforms/nixos/modules/nmasur/presets/services/jellyfin.nix @@ -10,6 +10,7 @@ let cfg = config.nmasur.presets.services.jellyfin; + hostnames = config.nmasur.settings.hostnames; in { @@ -25,7 +26,7 @@ in { match = [ { - host = [ config.hostnames.stream ]; + host = [ hostnames.stream ]; path = [ "/metrics*" ]; } ]; @@ -38,7 +39,7 @@ in } # Allow access to normal route. { - match = [ { host = [ config.hostnames.stream ]; } ]; + match = [ { host = [ hostnames.stream ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -49,7 +50,7 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.stream ]; + services.cloudflare-dyndns.domains = [ hostnames.stream ]; # Create videos directory, allow anyone in Jellyfin group to manage it systemd.tmpfiles.rules = [ diff --git a/platforms/nixos/modules/nmasur/presets/services/minecraft-server.nix b/platforms/nixos/modules/nmasur/presets/services/minecraft-server.nix index eb917e3..0ae79fc 100644 --- a/platforms/nixos/modules/nmasur/presets/services/minecraft-server.nix +++ b/platforms/nixos/modules/nmasur/presets/services/minecraft-server.nix @@ -7,6 +7,7 @@ let cfg = config.nmasur.presets.services.minecraft-server; + hostnames = config.nmasur.settings.hostnames; localPort = 25564; publicPort = 49732; rconPort = 25575; @@ -52,7 +53,7 @@ in networking.firewall.allowedTCPPorts = [ publicPort ]; - cloudflare.noProxyDomains = [ config.hostnames.minecraft ]; + cloudflare.noProxyDomains = [ hostnames.minecraft ]; ## Automatically start and stop Minecraft server based on player connections diff --git a/platforms/nixos/modules/services/n8n.nix b/platforms/nixos/modules/nmasur/presets/services/n8n.nix similarity index 65% rename from platforms/nixos/modules/services/n8n.nix rename to platforms/nixos/modules/nmasur/presets/services/n8n.nix index 5c7e159..829b52a 100644 --- a/platforms/nixos/modules/services/n8n.nix +++ b/platforms/nixos/modules/nmasur/presets/services/n8n.nix @@ -2,14 +2,22 @@ # together with triggers. { config, lib, ... }: + +let + cfg = config.nmasur.presets.services.n8n; + hostnames = config.nmasur.settings.hostnames; +in + { - config = lib.mkIf config.services.n8n.enable { + options.nmasur.presets.services.n8n.enable = lib.mkEnableOption "n8n low-code automation tool"; + + config = lib.mkIf cfg.enable { unfreePackages = [ "n8n" ]; services.n8n = { - webhookUrl = "https://${config.hostnames.n8n}"; + webhookUrl = "https://${hostnames.n8n}"; settings = { listen_address = "127.0.0.1"; port = 5678; @@ -22,12 +30,12 @@ }; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.n8n ]; + services.cloudflare-dyndns.domains = [ hostnames.n8n ]; # Allow web traffic to Caddy caddy.routes = [ { - match = [ { host = [ config.hostnames.n8n ]; } ]; + match = [ { host = [ hostnames.n8n ]; } ]; handle = [ { handler = "reverse_proxy"; diff --git a/platforms/nixos/modules/nmasur/presets/services/nextcloud.nix b/platforms/nixos/modules/nmasur/presets/services/nextcloud.nix index d87e332..14f73b7 100644 --- a/platforms/nixos/modules/nmasur/presets/services/nextcloud.nix +++ b/platforms/nixos/modules/nmasur/presets/services/nextcloud.nix @@ -7,6 +7,7 @@ let cfg = config.nmasur.presets.services.nextcloud; + hostnames = config.nmasur.settings.hostnames; in { @@ -30,7 +31,7 @@ in settings = { default_phone_region = "US"; # Allow access when hitting either of these hosts or IPs - trusted_domains = [ config.hostnames.content ]; + trusted_domains = [ hostnames.content ]; trusted_proxies = [ "127.0.0.1" ]; maintenance_window_start = 4; # Run jobs at 4am UTC log_type = "file"; @@ -64,7 +65,7 @@ in # Point Caddy to Nginx caddy.routes = [ { - match = [ { host = [ config.hostnames.content ]; } ]; + match = [ { host = [ hostnames.content ]; } ]; handle = [ { handler = "subroute"; @@ -195,7 +196,7 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.content ]; + services.cloudflare-dyndns.domains = [ hostnames.content ]; # Create credentials file for nextcloud secrets.nextcloud = { @@ -217,11 +218,11 @@ in systemd.services.phpfpm-nextcloud.serviceConfig.StateDirectoryMode = lib.mkForce "0770"; # Log metrics to prometheus - networking.hosts."127.0.0.1" = [ config.hostnames.content ]; + networking.hosts."127.0.0.1" = [ hostnames.content ]; services.prometheus.exporters.nextcloud = { enable = config.prometheus.exporters.enable; username = config.services.nextcloud.config.adminuser; - url = "https://${config.hostnames.content}"; + url = "https://${hostnames.content}"; passwordFile = config.services.nextcloud.config.adminpassFile; }; prometheus.scrapeTargets = [ diff --git a/platforms/nixos/modules/nmasur/presets/services/ntfy-sh.nix b/platforms/nixos/modules/nmasur/presets/services/ntfy-sh.nix index 17d178c..6a8bb15 100644 --- a/platforms/nixos/modules/nmasur/presets/services/ntfy-sh.nix +++ b/platforms/nixos/modules/nmasur/presets/services/ntfy-sh.nix @@ -2,6 +2,7 @@ let cfg = config.nmasur.presets.services.ntfy-sh; + hostnames = config.nmasur.settings.hostnames; in { @@ -11,7 +12,7 @@ in services.ntfy-sh = { enable = true; settings = { - base-url = "https://${config.hostnames.notifications}"; + base-url = "https://${hostnames.notifications}"; upstream-base-url = "https://ntfy.sh"; listen-http = ":8333"; behind-proxy = true; @@ -22,7 +23,7 @@ in caddy.routes = [ { - match = [ { host = [ config.hostnames.notifications ]; } ]; + match = [ { host = [ hostnames.notifications ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -33,7 +34,7 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.notifications ]; + services.cloudflare-dyndns.domains = [ hostnames.notifications ]; }; } diff --git a/platforms/nixos/modules/nmasur/presets/services/paperless.nix b/platforms/nixos/modules/nmasur/presets/services/paperless.nix index 5f9ed08..9ba0272 100644 --- a/platforms/nixos/modules/nmasur/presets/services/paperless.nix +++ b/platforms/nixos/modules/nmasur/presets/services/paperless.nix @@ -4,6 +4,7 @@ let cfg = config.nmasur.presets.services.paperless; + hostnames = config.nmasur.settings.hostnames; in { @@ -33,7 +34,7 @@ in { match = [ { - host = [ config.hostnames.paperless ]; + host = [ hostnames.paperless ]; # path = [ "/paperless*" ]; # Change path name in Caddy } ]; @@ -47,7 +48,7 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.paperless ]; + services.cloudflare-dyndns.domains = [ hostnames.paperless ]; secrets.paperless = { source = ../../../private/prometheus.age; diff --git a/platforms/nixos/modules/nmasur/presets/services/prometheus-remote-write.nix b/platforms/nixos/modules/nmasur/presets/services/prometheus-remote-write.nix index fccada1..ff9c3ce 100644 --- a/platforms/nixos/modules/nmasur/presets/services/prometheus-remote-write.nix +++ b/platforms/nixos/modules/nmasur/presets/services/prometheus-remote-write.nix @@ -12,6 +12,7 @@ let cfg = config.nmasur.presets.services.prometheus-remote-write; + hostnames = config.nmasur.settings.hostnames; in { @@ -25,7 +26,7 @@ in remoteWrite = [ { name = config.networking.hostName; - url = "https://${config.hostnames.prometheus}/api/v1/write"; + url = "https://${hostnames.prometheus}/api/v1/write"; basic_auth = { # Uses password hashed with bcrypt above username = "prometheus"; diff --git a/platforms/nixos/modules/nmasur/presets/services/thelounge.nix b/platforms/nixos/modules/nmasur/presets/services/thelounge.nix index 77bd9cd..0f6e010 100644 --- a/platforms/nixos/modules/nmasur/presets/services/thelounge.nix +++ b/platforms/nixos/modules/nmasur/presets/services/thelounge.nix @@ -1,6 +1,7 @@ { config, lib, ... }: let cfg = config.nmasur.presets.services.thelounge; + hostnames = config.nmasur.settings.hostnames; in { @@ -22,7 +23,7 @@ in # Allow web traffic to Caddy caddy.routes = [ { - match = [ { host = [ config.hostnames.irc ]; } ]; + match = [ { host = [ hostnames.irc ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -33,6 +34,6 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.irc ]; + services.cloudflare-dyndns.domains = [ hostnames.irc ]; }; } diff --git a/platforms/nixos/modules/nmasur/presets/services/transmission.nix b/platforms/nixos/modules/nmasur/presets/services/transmission.nix index 82002e1..6cca6b9 100644 --- a/platforms/nixos/modules/nmasur/presets/services/transmission.nix +++ b/platforms/nixos/modules/nmasur/presets/services/transmission.nix @@ -10,6 +10,7 @@ let cfg = config.nmasur.presets.services.transmission; + hostnames = config.nmasur.settings.hostnames; in { @@ -37,7 +38,7 @@ in # This is a salted hash of the real password # https://github.com/tomwijnroks/transmission-pwgen rpc-password = "{c4c5145f6e18bcd3c7429214a832440a45285ce26jDOBGVW"; - rpc-host-whitelist = config.hostnames.transmission; + rpc-host-whitelist = hostnames.transmission; rpc-host-whitelist-enabled = true; rpc-whitelist = lib.mkDefault "127.0.0.1"; # Overwritten by Cloudflare rpc-whitelist-enabled = true; @@ -45,7 +46,7 @@ in }; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.transmission ]; + services.cloudflare-dyndns.domains = [ hostnames.transmission ]; # Bind transmission to wireguard namespace systemd.services.transmission = lib.mkIf config.wireguard.enable { @@ -66,14 +67,14 @@ in caddy.routes = let # Set if the download domain is the same as the Transmission domain - useDownloadDomain = config.hostnames.download == config.hostnames.transmission; + useDownloadDomain = hostnames.download == hostnames.transmission; in lib.mkAfter [ { group = if useDownloadDomain then "download" else "transmission"; match = [ { - host = [ config.hostnames.transmission ]; + host = [ hostnames.transmission ]; path = if useDownloadDomain then [ "/transmission*" ] else null; } ]; diff --git a/platforms/nixos/modules/nmasur/presets/services/uptime-kuma.nix b/platforms/nixos/modules/nmasur/presets/services/uptime-kuma.nix index 60ccc1d..a997259 100644 --- a/platforms/nixos/modules/nmasur/presets/services/uptime-kuma.nix +++ b/platforms/nixos/modules/nmasur/presets/services/uptime-kuma.nix @@ -2,6 +2,7 @@ let cfg = config.nmasur.presets.services.uptime-kuma; + hostnames = config.nmasur.settings.hostnames; in { @@ -20,7 +21,7 @@ in # Allow web traffic to Caddy caddy.routes = [ { - match = [ { host = [ config.hostnames.status ]; } ]; + match = [ { host = [ hostnames.status ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -33,7 +34,7 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.status ]; + services.cloudflare-dyndns.domains = [ hostnames.status ]; }; diff --git a/platforms/nixos/modules/nmasur/presets/services/vaultwarden.nix b/platforms/nixos/modules/nmasur/presets/services/vaultwarden.nix index 8f13a04..c115919 100644 --- a/platforms/nixos/modules/nmasur/presets/services/vaultwarden.nix +++ b/platforms/nixos/modules/nmasur/presets/services/vaultwarden.nix @@ -11,6 +11,7 @@ let cfg = config.nmasur.presets.services.vaultwarden; + hostnames = config.nmasur.settings.hostnames; vaultwardenPath = "/var/lib/bitwarden_rs"; # Default service directory in { @@ -22,7 +23,7 @@ in services.vaultwarden = { enable = true; config = { - DOMAIN = "https://${config.hostnames.secrets}"; + DOMAIN = "https://${hostnames.secrets}"; SIGNUPS_ALLOWED = false; SIGNUPS_VERIFY = true; INVITATIONS_ALLOWED = true; @@ -52,7 +53,7 @@ in caddy.routes = [ { - match = [ { host = [ config.hostnames.secrets ]; } ]; + match = [ { host = [ hostnames.secrets ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -66,7 +67,7 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.secrets ]; + services.cloudflare-dyndns.domains = [ hostnames.secrets ]; ## Backup config diff --git a/platforms/nixos/modules/nmasur/presets/services/victoriametrics.nix b/platforms/nixos/modules/nmasur/presets/services/victoriametrics.nix index 065ea7d..724d824 100644 --- a/platforms/nixos/modules/nmasur/presets/services/victoriametrics.nix +++ b/platforms/nixos/modules/nmasur/presets/services/victoriametrics.nix @@ -11,6 +11,7 @@ let cfg = config.nmasur.presets.services.victoriametrics; + hostnames = config.nmasur.settings.hostnames; username = "prometheus"; @@ -79,7 +80,7 @@ in caddy.routes = [ { - match = [ { host = [ config.hostnames.prometheus ]; } ]; + match = [ { host = [ hostnames.prometheus ]; } ]; handle = [ { handler = "reverse_proxy"; @@ -90,7 +91,7 @@ in ]; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.prometheus ]; + services.cloudflare-dyndns.domains = [ hostnames.prometheus ]; }; } diff --git a/platforms/nixos/modules/nmasur/presets/services/vm-agent.nix b/platforms/nixos/modules/nmasur/presets/services/vm-agent.nix index 0b86f20..2ed8877 100644 --- a/platforms/nixos/modules/nmasur/presets/services/vm-agent.nix +++ b/platforms/nixos/modules/nmasur/presets/services/vm-agent.nix @@ -11,6 +11,7 @@ let cfg = config.nmasur.presets.services.vm-agent; + hostnames = config.nmasur.settings.hostnames; username = "prometheus"; @@ -37,7 +38,7 @@ in package = pkgs-stable.vmagent; prometheusConfig = prometheusConfig; remoteWrite = { - url = "https://${config.hostnames.prometheus}/api/v1/write"; + url = "https://${hostnames.prometheus}/api/v1/write"; basicAuthUsername = username; basicAuthPasswordFile = config.secrets.vmagent.dest; }; diff --git a/platforms/nixos/modules/nmasur/settings.nix b/platforms/nixos/modules/nmasur/settings.nix new file mode 100644 index 0000000..966c139 --- /dev/null +++ b/platforms/nixos/modules/nmasur/settings.nix @@ -0,0 +1,19 @@ +{ lib, ... }: + +{ + options.nmasur.settings = { + username = lib.mkOption { + type = lib.types.str; + description = "Primary username for the system"; + }; + fullName = lib.mkOption { + type = lib.types.str; + description = "Human readable name of the user"; + }; + options.hostnames = lib.mkOption { + type = lib.types.attrsOf lib.types.str; + description = "Map of service names to FQDNs"; + default = { }; + }; + }; +} diff --git a/platforms/nixos/modules/secrets.nix b/platforms/nixos/modules/secrets.nix index 942d001..9164ed2 100644 --- a/platforms/nixos/modules/secrets.nix +++ b/platforms/nixos/modules/secrets.nix @@ -27,6 +27,7 @@ in identityFile = lib.mkOption { type = lib.types.path; description = "Path containing decryption identity."; + default = "/etc/ssh/ssh_host_ed25519_key"; }; secrets = lib.mkOption { @@ -91,7 +92,7 @@ in script = '' echo "${attrs.prefix}$( ${pkgs.age}/bin/age --decrypt \ - --identity ${config.secretsIdentityFile} ${attrs.source} + --identity ${config.identityFile} ${attrs.source} )" > ${attrs.dest} chown '${attrs.owner}':'${attrs.group}' '${attrs.dest}' diff --git a/platforms/nixos/modules/services/filebrowser.nix b/platforms/nixos/modules/services/filebrowser.nix index abf1be5..cba68dd 100644 --- a/platforms/nixos/modules/services/filebrowser.nix +++ b/platforms/nixos/modules/services/filebrowser.nix @@ -6,6 +6,7 @@ }: let cfg = config.services.filebrowser; + hostnames = config.nmasur.settings.hostnames; dataDir = "/var/lib/filebrowser"; @@ -57,7 +58,7 @@ in }; # Configure Cloudflare DNS to point to this machine - services.cloudflare-dyndns.domains = [ config.hostnames.files ]; + services.cloudflare-dyndns.domains = [ hostnames.files ]; }; diff --git a/windows/alacritty.yml b/platforms/windows/alacritty.yml similarity index 100% rename from windows/alacritty.yml rename to platforms/windows/alacritty.yml diff --git a/windows/autohotkey/RemapCaps.ahk b/platforms/windows/autohotkey/RemapCaps.ahk similarity index 100% rename from windows/autohotkey/RemapCaps.ahk rename to platforms/windows/autohotkey/RemapCaps.ahk diff --git a/windows/autohotkey/RemapCapsCtrlEscapeV2.ahk b/platforms/windows/autohotkey/RemapCapsCtrlEscapeV2.ahk similarity index 100% rename from windows/autohotkey/RemapCapsCtrlEscapeV2.ahk rename to platforms/windows/autohotkey/RemapCapsCtrlEscapeV2.ahk diff --git a/windows/caps-lock-ctrl.reg b/platforms/windows/caps-lock-ctrl.reg similarity index 100% rename from windows/caps-lock-ctrl.reg rename to platforms/windows/caps-lock-ctrl.reg diff --git a/windows/chocolatey.config b/platforms/windows/chocolatey.config similarity index 100% rename from windows/chocolatey.config rename to platforms/windows/chocolatey.config diff --git a/windows/utc-time.reg b/platforms/windows/utc-time.reg similarity index 100% rename from windows/utc-time.reg rename to platforms/windows/utc-time.reg diff --git a/windows/windows-programs.md b/platforms/windows/windows-programs.md similarity index 100% rename from windows/windows-programs.md rename to platforms/windows/windows-programs.md