From 49c918f7471e2fa24c3b77060c716cafa04b180e Mon Sep 17 00:00:00 2001 From: SebastianStork Date: Sat, 17 Jan 2026 13:21:16 +0100 Subject: [PATCH] Refactor --- flake-parts/hosts.nix | 8 ++++---- flake-parts/sops.nix | 11 ++++++---- modules/system/meta/domains.nix | 4 ++-- modules/system/networking.nix | 4 ++-- modules/system/services/caddy.nix | 6 +++--- modules/system/services/dns.nix | 2 +- modules/system/services/nebula/default.nix | 6 +++--- modules/system/services/restic/backups.nix | 20 +++++++++---------- .../system/services/restic/healthchecks.nix | 3 +-- modules/system/services/restic/restore.nix | 9 ++++----- modules/system/services/sshd.nix | 4 ++-- modules/system/services/syncthing.nix | 11 +++++----- modules/system/web-services/gatus.nix | 18 ++++++++--------- 13 files changed, 53 insertions(+), 53 deletions(-) diff --git a/flake-parts/hosts.nix b/flake-parts/hosts.nix index 94abcd8..e104cea 100644 --- a/flake-parts/hosts.nix +++ b/flake-parts/hosts.nix @@ -18,15 +18,15 @@ let ++ lib.optional (lib.pathExists "${self}/users/seb/@${hostName}") "${self}/users/seb/@${hostName}"; }; - mkDeployNode = hostname: { - hostname = "${hostname}.${ - self.nixosConfigurations.${hostname}.config.custom.networking.overlay.domain + mkDeployNode = hostName: { + hostname = "${hostName}.${ + self.nixosConfigurations.${hostName}.config.custom.networking.overlay.domain }"; user = "root"; interactiveSudo = true; profiles.system.path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.${hostname}; + self.nixosConfigurations.${hostName}; }; hostNames = "${self}/hosts" |> self.lib.listDirectoryNames; diff --git a/flake-parts/sops.nix b/flake-parts/sops.nix index 96474d4..3326342 100644 --- a/flake-parts/sops.nix +++ b/flake-parts/sops.nix @@ -25,14 +25,17 @@ hostCreationRules = self.nixosConfigurations |> lib.attrValues - |> lib.filter (value: value.config.custom.sops.enable or false) - |> lib.map (value: mkCreationRule value.config.custom.sops); + |> lib.map (host: host.config.custom.sops) + |> lib.filter (sops: sops.enable) + |> lib.map (sops: mkCreationRule sops); userCreationRules = self.nixosConfigurations |> lib.attrValues - |> lib.filter (value: value.config.home-manager.users.seb.custom.sops.enable or false) - |> lib.map (value: mkCreationRule value.config.home-manager.users.seb.custom.sops); + |> lib.filter (host: host.config |> lib.hasAttr "home-manager") + |> lib.map (host: host.config.home-manager.users.seb.custom.sops) + |> lib.filter (sops: sops.enable) + |> lib.map (sops: mkCreationRule sops); jsonConfig = { creation_rules = hostCreationRules ++ userCreationRules; } |> lib.strings.toJSON; in diff --git a/modules/system/meta/domains.nix b/modules/system/meta/domains.nix index 0d786fc..a2001e3 100644 --- a/modules/system/meta/domains.nix +++ b/modules/system/meta/domains.nix @@ -18,7 +18,7 @@ in default = self.nixosConfigurations |> lib.attrValues - |> lib.map (value: value.config.meta.domains.local) + |> lib.map (host: host.config.meta.domains.local) |> lib.concatLists; readOnly = true; }; @@ -31,7 +31,7 @@ in duplicateDomains = self.nixosConfigurations |> lib.attrValues - |> lib.map (value: value.options.meta.domains.local.definitionsWithLocations) + |> lib.map (host: host.options.meta.domains.local.definitionsWithLocations) |> lib.concatLists |> lib.concatMap ( { file, value }: diff --git a/modules/system/networking.nix b/modules/system/networking.nix index 2284e56..f89a61e 100644 --- a/modules/system/networking.nix +++ b/modules/system/networking.nix @@ -9,7 +9,7 @@ let in { options.custom.networking = { - hostname = lib.mkOption { + hostName = lib.mkOption { type = lib.types.nonEmptyStr; default = config.networking.hostName; readOnly = true; @@ -89,7 +89,7 @@ in }; peers = lib.mkOption { type = lib.types.anything; - default = cfg.nodes |> lib.filter (node: node.hostname != cfg.hostname); + default = cfg.nodes |> lib.filter (node: node.hostName != cfg.hostName); readOnly = true; }; }; diff --git a/modules/system/services/caddy.nix b/modules/system/services/caddy.nix index 4e87dfb..2323d11 100644 --- a/modules/system/services/caddy.nix +++ b/modules/system/services/caddy.nix @@ -8,10 +8,10 @@ let cfg = config.custom.services.caddy; netCfg = config.custom.networking; - virtualHosts = cfg.virtualHosts |> lib.attrValues |> lib.filter (value: value.enable); + virtualHosts = cfg.virtualHosts |> lib.attrValues |> lib.filter (vHost: vHost.enable); - publicHostsExist = virtualHosts |> lib.any (value: (!self.lib.isPrivateDomain value.domain)); - privateHostsExist = virtualHosts |> lib.any (value: self.lib.isPrivateDomain value.domain); + publicHostsExist = virtualHosts |> lib.any (vHost: (!self.lib.isPrivateDomain vHost.domain)); + privateHostsExist = virtualHosts |> lib.any (vHost: self.lib.isPrivateDomain vHost.domain); webPorts = [ 80 diff --git a/modules/system/services/dns.nix b/modules/system/services/dns.nix index f36873c..754c84a 100644 --- a/modules/system/services/dns.nix +++ b/modules/system/services/dns.nix @@ -33,7 +33,7 @@ in let nodeRecords = netCfg.nodes - |> lib.map (node: "\"${node.hostname}.${node.overlay.domain}. A ${node.overlay.address}\""); + |> lib.map (node: "\"${node.hostName}.${node.overlay.domain}. A ${node.overlay.address}\""); serviceRecords = self.nixosConfigurations |> lib.attrValues diff --git a/modules/system/services/nebula/default.nix b/modules/system/services/nebula/default.nix index fcd4e5e..e362ab3 100644 --- a/modules/system/services/nebula/default.nix +++ b/modules/system/services/nebula/default.nix @@ -16,18 +16,18 @@ in publicKeyPath = lib.mkOption { type = lib.types.path; - default = "${self}/hosts/${netCfg.hostname}/keys/nebula.pub"; + default = "${self}/hosts/${netCfg.hostName}/keys/nebula.pub"; }; certificatePath = lib.mkOption { type = lib.types.path; - default = "${self}/hosts/${netCfg.hostname}/keys/nebula.crt"; + default = "${self}/hosts/${netCfg.hostName}/keys/nebula.crt"; }; }; config = lib.mkIf cfg.enable { assertions = lib.singleton { assertion = netCfg.isLighthouse -> netCfg.underlay.isPublic; - message = "'${netCfg.hostname}' is a Nebula lighthouse, but underlay.isPublic is not set. Lighthouses must be publicly reachable."; + message = "'${netCfg.hostName}' is a Nebula lighthouse, but underlay.isPublic is not set. Lighthouses must be publicly reachable."; }; custom.networking.overlay = { diff --git a/modules/system/services/restic/backups.nix b/modules/system/services/restic/backups.nix index 3ed0af8..b640160 100644 --- a/modules/system/services/restic/backups.nix +++ b/modules/system/services/restic/backups.nix @@ -1,6 +1,6 @@ { config, lib, ... }: let - backups = config.custom.services.restic.backups |> lib.filterAttrs (_: value: value.enable); + backups = config.custom.services.restic.backups |> lib.filterAttrs (_: backup: backup.enable); in { options.custom.services.restic.backups = lib.mkOption { @@ -48,10 +48,10 @@ in services.restic.backups = backups |> lib.mapAttrs ( - name: value: + name: backup: lib.mkMerge [ { - inherit (value) paths; + inherit (backup) paths; initialize = true; repository = "s3:https://s3.eu-central-003.backblazeb2.com/stork-atlas/${name}"; environmentFile = config.sops.templates."restic/environment".path; @@ -66,20 +66,20 @@ in RandomizedDelaySec = "1h"; }; } - value.extraConfig + backup.extraConfig ] ); systemd.services = backups |> lib.mapAttrs' ( - name: value: + name: backup: lib.nameValuePair "restic-backups-${name}" ( - lib.mkIf (value.conflictingService != null) { - unitConfig.Conflicts = [ value.conflictingService ]; - after = [ value.conflictingService ]; - onSuccess = [ value.conflictingService ]; - onFailure = [ value.conflictingService ]; + lib.mkIf (backup.conflictingService != null) { + unitConfig.Conflicts = [ backup.conflictingService ]; + after = [ backup.conflictingService ]; + onSuccess = [ backup.conflictingService ]; + onFailure = [ backup.conflictingService ]; } ) ); diff --git a/modules/system/services/restic/healthchecks.nix b/modules/system/services/restic/healthchecks.nix index 043f403..b732847 100644 --- a/modules/system/services/restic/healthchecks.nix +++ b/modules/system/services/restic/healthchecks.nix @@ -7,8 +7,7 @@ let backupsWithHealthchecks = config.custom.services.restic.backups - |> lib.filterAttrs (_: value: value.enable) - |> lib.filterAttrs (_: value: value.doHealthchecks); + |> lib.filterAttrs (_: backup: backup.enable && backup.doHealthchecks); in { options.custom.services.restic.backups = lib.mkOption { diff --git a/modules/system/services/restic/restore.nix b/modules/system/services/restic/restore.nix index 2d06e9f..6d86081 100644 --- a/modules/system/services/restic/restore.nix +++ b/modules/system/services/restic/restore.nix @@ -7,8 +7,7 @@ let backupsWithRestoreCommand = config.custom.services.restic.backups - |> lib.filterAttrs (_: value: value.enable) - |> lib.filterAttrs (_: value: value.restoreCommand.enable); + |> lib.filterAttrs (_: backup: backup.enable && backup.restoreCommand.enable); in { options.custom.services.restic.backups = lib.mkOption { @@ -35,13 +34,13 @@ in environment.systemPackages = backupsWithRestoreCommand |> lib.mapAttrsToList ( - name: value: + name: backup: pkgs.writeShellApplication { name = "restic-restore-${name}"; text = let - inherit (value) conflictingService; - inherit (value.restoreCommand) preRestore postRestore; + inherit (backup) conflictingService; + inherit (backup.restoreCommand) preRestore postRestore; hasConflictingService = conflictingService != null; in '' diff --git a/modules/system/services/sshd.nix b/modules/system/services/sshd.nix index 527b944..2aea658 100644 --- a/modules/system/services/sshd.nix +++ b/modules/system/services/sshd.nix @@ -36,7 +36,7 @@ in |> lib.map (client: { port = 22; proto = "tcp"; - host = client.hostname; + host = client.hostName; }); }; @@ -48,7 +48,7 @@ in users.users.seb.openssh.authorizedKeys.keyFiles = self.nixosConfigurations |> lib.attrValues - |> lib.filter (host: host.config.custom.networking.hostname != netCfg.hostname) + |> lib.filter (host: host.config.custom.networking.hostName != netCfg.hostName) |> lib.filter (host: host.config |> lib.hasAttr "home-manager") |> lib.map (host: host.config.home-manager.users.seb.custom.programs.ssh) |> lib.filter (ssh: ssh.enable) diff --git a/modules/system/services/syncthing.nix b/modules/system/services/syncthing.nix index ec62533..f9e41ba 100644 --- a/modules/system/services/syncthing.nix +++ b/modules/system/services/syncthing.nix @@ -96,16 +96,15 @@ in key = lib.mkIf useSopsSecrets config.sops.secrets."syncthing/key".path; settings = { - # Get the devices and their ids from the configs of the other hosts devices = self.nixosConfigurations - |> lib.filterAttrs (name: _: name != config.networking.hostName) - |> lib.filterAttrs (_: value: value.config.custom.services.syncthing.enable) + |> lib.filterAttrs (_: host: host.config.networking.hostName != config.networking.hostName) + |> lib.filterAttrs (_: host: host.config.custom.services.syncthing.enable) |> lib.mapAttrs ( - _: value: { - id = value.config.custom.services.syncthing.deviceId; + _: host: { + id = host.config.custom.services.syncthing.deviceId; addresses = [ - "tcp://${value.config.custom.networking.overlay.address}:${toString cfg.syncPort}" + "tcp://${host.config.custom.networking.overlay.address}:${toString host.config.custom.services.syncthing.syncPort}" ]; } ); diff --git a/modules/system/web-services/gatus.nix b/modules/system/web-services/gatus.nix index d62fcdf..35c5430 100644 --- a/modules/system/web-services/gatus.nix +++ b/modules/system/web-services/gatus.nix @@ -143,21 +143,21 @@ in endpoints = let - mkEndpoint = value: { - inherit (value) name group interval; - url = "${value.protocol}://${value.domain}${value.path}"; - alerts = lib.mkIf value.enableAlerts [ { type = "ntfy"; } ]; - ssh = lib.mkIf (value.protocol == "ssh") { + mkEndpoint = endpoint: { + inherit (endpoint) name group interval; + url = "${endpoint.protocol}://${endpoint.domain}${endpoint.path}"; + alerts = lib.mkIf endpoint.enableAlerts [ { type = "ntfy"; } ]; + ssh = lib.mkIf (endpoint.protocol == "ssh") { username = ""; password = ""; }; conditions = lib.concatLists [ - value.extraConditions - (lib.optional (lib.elem value.protocol [ + endpoint.extraConditions + (lib.optional (lib.elem endpoint.protocol [ "http" "https" ]) "[STATUS] == 200") - (lib.optional (lib.elem value.protocol [ + (lib.optional (lib.elem endpoint.protocol [ "tcp" "ssh" "icmp" @@ -176,7 +176,7 @@ in let defaultEndpoints = self.nixosConfigurations - |> lib.mapAttrs (_: value: value.config.meta.domains.local) + |> lib.mapAttrs (_: host: host.config.meta.domains.local) |> lib.concatMapAttrs ( hostName: domains: domains