noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-07-05 22:00:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

more rearchitecting folders

Browse Source
This commit is contained in:
Noah Masur
2025-02-14 15:36:54 -05:00
parent c7f20e958b
commit 798bac75e8
37 changed files with 164 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
platforms/nixos/modules/nmasur/presets/programs/template.nix
View File

@ -1,18 +0,0 @@
{
config,
pkgs,
lib,
...
}:
let
cfg = config.nmasur.presets.programs.;
in
{
options.nmasur.presets.programs..enable = lib.mkEnableOption "";
config = lib.mkIf cfg.enable {
};
}

2
platforms/nixos/modules/nmasur/presets/services/bind.nix
View File

@ -35,7 +35,7 @@ in
# Normally I block all requests not coming from Cloudflare, so I have to also
# allow my local network.
config.nmasur.presets.services.caddy.cidrAllowlist = [ "192.168.0.0/16" ];
nmasur.presets.services.caddy.cidrAllowlist = [ "192.168.0.0/16" ];
services.bind = {

2
platforms/nixos/modules/nmasur/presets/services/cloudflare.nix
View File

@ -63,7 +63,7 @@ in
config = lib.mkIf cfg.enable {
# Forces Caddy to error if coming from a non-Cloudflare IP
config.nmasur.presets.services.caddy.cidrAllowlist = cloudflareIpRanges;
nmasur.presets.services.caddy.cidrAllowlist = cloudflareIpRanges;
# Tell Caddy to use Cloudflare DNS for ACME challenge validation
services.caddy.package = pkgs.caddy.withPlugins {

2
platforms/nixos/modules/nmasur/presets/services/nextcloud.nix
View File

@ -26,7 +26,7 @@ in
maxUploadSize = "50G";
config = {
adminpassFile = config.secrets.nextcloud.dest;
dbtype = "pgsql";
dbtype = "pgsql"; # Enables postgresql
};
settings = {
default_phone_region = "US";

4
platforms/nixos/modules/nmasur/presets/programs/zfs.nix → platforms/nixos/modules/nmasur/presets/zfs.nix
View File

@ -6,12 +6,12 @@
}:
let
cfg = config.nmasur.presets.services.zfs;
cfg = config.nmasur.presets.zfs;
in
{
options.nmasur.presets.services.zfs.enable = lib.mkEnableOption "ZFS file system";
options.nmasur.presets.zfs.enable = lib.mkEnableOption "ZFS file system";
config = lib.mkIf cfg.enable {

4
platforms/nixos/modules/nmasur/profiles/aws.nix
View File

@ -1,11 +1,11 @@
{ config, ... }:
{ config, lib, ... }:
let
cfg = config.nmasur.profiles.aws;
in
{
options.nmasur.profiles.nmasur.aws.enable = lib.mkEnableOption "AWS EC2";
options.nmasur.profiles.aws.enable = lib.mkEnableOption "AWS EC2";
config = lib.mkIf cfg.enable {

43
platforms/nixos/modules/nmasur/profiles/communications.nix Normal file
View File

@ -0,0 +1,43 @@
{
config,
lib,
...
}:
let
cfg = config.nmasur.profiles.communications;
in
{
options.nmasur.profiles.communications.enable =
lib.mkEnableOption "communications server configuration";
config = lib.mkIf cfg.enable {
nmasur.presets = {
programs = {
msmtp.enable = lib.mkDefault true;
};
services = {
actualbudget.enable = lib.mkDefault true;
caddy.enable = lib.mkDefault true;
cloudflare.enable = lib.mkDefault true;
cloudflared.enable = lib.mkDefault true;
gitea.enable = lib.mkDefault true;
grafana.enable = lib.mkDefault true;
influxdb2.enable = lib.mkDefault true;
minecraft-server.enable = lib.mkDefault true;
n8n.enable = lib.mkDefault true;
nix-autoupgrade.enable = lib.mkDefault true; # On by default for communications
ntfy-sh.enable = lib.mkDefault true;
postgresql.enable = lib.mkDefault true;
thelounge.enable = lib.mkDefault true;
uptime-kuma.enable = lib.mkDefault true;
vaultwarden.enable = lib.mkDefault true;
victoriametrics.enable = lib.mkDefault true;
};
};
};
}

2
platforms/nixos/modules/nmasur/profiles/latest.nix
View File

@ -18,5 +18,7 @@ in
# Use latest released Linux kernel by default
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
nmasur.presets.services.nix-autoupgrade.enable = lib.mkDefault true;
};
}

42
platforms/nixos/modules/nmasur/profiles/nas.nix Normal file
View File

@ -0,0 +1,42 @@
{
config,
lib,
...
}:
let
cfg = config.nmasur.profiles.nas;
in
{
options.nmasur.profiles.nas.enable = lib.mkEnableOption "NAS (storage device) configuration";
config = lib.mkIf cfg.enable {
nmasur.presets = {
zfs.enable = lib.mkDefault true;
programs = {
msmtp.enable = lib.mkDefault true;
};
services = {
arr.enable = lib.mkDefault true;
audiobookshelf.enable = lib.mkDefault true;
bind.enable = lib.mkDefault true;
caddy.enable = lib.mkDefault true;
calibre-web.enable = lib.mkDefault true;
cloudflare.enable = lib.mkDefault true;
cloudflared.enable = lib.mkDefault true;
filebrowser.enable = lib.mkDefault true;
immich.enable = lib.mkDefault true;
jellyfin.enable = lib.mkDefault true;
nextcloud.enable = lib.mkDefault true;
nix-autoupgrade.enable = lib.mkDefault false; # Off by default for NAS
paperless.enable = lib.mkDefault true;
samba.enable = lib.mkDefault true;
postgresql.enable = lib.mkDefault true;
};
};
};
}

2
platforms/nixos/modules/nmasur/profiles/server.nix
View File

@ -16,6 +16,8 @@ in
networking.firewall.allowPing = lib.mkDefault true;
nmasur.presets.services.openssh.enable = lib.mkDefault true;
# Implement a simple fail2ban service for sshd
services.sshguard.enable = lib.mkDefault true;