SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 16:21:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Implement global custom libs as a flake output

Browse source
This commit is contained in:
SebastianStork 2025-10-17 10:57:32 +02:00
parent f276848b18
commit 671a13239a
Signed by: SebastianStork
SSH key fingerprint: SHA256:iEM011ogNMG1q8+U500adGu/9rpPuZ2KnFtbdLeqTiI
10 changed files with 40 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

15
flake-parts/hosts.nix
View file

@ -1,11 +1,16 @@
{ inputs, self, ... }: {
inputs,
self,
lib,
...
}:
let let
lib = inputs.nixpkgs.lib.extend (_: _: { custom = import "${self}/lib" inputs.nixpkgs.lib; }); inherit (self) lib';
mkHost = mkHost =
hostName: hostName:
inputs.nixpkgs.lib.nixosSystem { inputs.nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs self lib; }; specialArgs = { inherit inputs self lib'; };
modules = [ modules = [
{ networking = { inherit hostName; }; } { networking = { inherit hostName; }; }
"${self}/hosts/common.nix" "${self}/hosts/common.nix"
@ -25,9 +30,9 @@ let
in in
{ {
flake = { flake = {
nixosConfigurations = "${self}/hosts" |> lib.custom.listDirectories |> lib.custom.genAttrs mkHost; nixosConfigurations = "${self}/hosts" |> lib'.listDirectories |> lib'.genAttrs mkHost;
deploy.nodes = "${self}/hosts" |> lib.custom.listDirectories |> lib.custom.genAttrs mkDeployNode; deploy.nodes = "${self}/hosts" |> lib'.listDirectories |> lib'.genAttrs mkDeployNode;
checks = inputs.deploy-rs.lib |> lib.mapAttrs (_: deployLib: deployLib.deployChecks self.deploy); checks = inputs.deploy-rs.lib |> lib.mapAttrs (_: deployLib: deployLib.deployChecks self.deploy);
}; };

4
flake-parts/lib.nix Normal file
View file

@ -0,0 +1,4 @@
{ self, inputs, ... }:
{
flake.lib' = import "${self}/lib" inputs.nixpkgs.lib;
}

9
flake-parts/modules.nix
View file

@ -1,10 +1,7 @@
{ self, inputs, ... }: { self, ... }:
let
lib = inputs.nixpkgs.lib.extend (_: _: { custom = import "${self}/lib" inputs.nixpkgs.lib; });
in
{ {
flake = { flake = {
nixosModules.default.imports = lib.custom.listNixFilesRecursive "${self}/modules/system"; nixosModules.default.imports = self.lib'.listNixFilesRecursive "${self}/modules/system";
homeManagerModules.default.imports = lib.custom.listNixFilesRecursive "${self}/modules/home"; homeManagerModules.default.imports = self.lib'.listNixFilesRecursive "${self}/modules/home";
}; };
} }

13
flake.nix
View file

@ -71,13 +71,10 @@
flake-parts.lib.mkFlake { inherit inputs; } { flake-parts.lib.mkFlake { inherit inputs; } {
systems = [ "x86_64-linux" ]; systems = [ "x86_64-linux" ];
imports = [ imports =
./flake-parts/dev-shell.nix ./flake-parts
./flake-parts/formatter.nix |> builtins.readDir
./flake-parts/hosts.nix |> builtins.attrNames
./flake-parts/install-anywhere.nix |> builtins.map (name: ./flake-parts + "/${name}");
./flake-parts/modules.nix
./flake-parts/sops.nix
];
}; };
} }

13
modules/system/services/caddy.nix
View file

@ -2,6 +2,7 @@
config, config,
pkgs, pkgs,
lib, lib,
lib',
... ...
}: }:
let let
@ -10,8 +11,8 @@ let
virtualHosts = cfg.virtualHosts |> lib.attrValues |> lib.filter (value: value.enable); virtualHosts = cfg.virtualHosts |> lib.attrValues |> lib.filter (value: value.enable);
tailscaleHosts = virtualHosts |> lib.filter (value: lib.custom.isTailscaleDomain value.domain); tailscaleHosts = virtualHosts |> lib.filter (value: lib'.isTailscaleDomain value.domain);
nonTailscaleHosts = virtualHosts |> lib.filter (value: !lib.custom.isTailscaleDomain value.domain); nonTailscaleHosts = virtualHosts |> lib.filter (value: !lib'.isTailscaleDomain value.domain);
webPorts = [ webPorts = [
80 80
@ -28,8 +29,8 @@ let
{ domain, port, ... }: { domain, port, ... }:
'' ''
import subdomain-log ${domain} import subdomain-log ${domain}
@${lib.custom.subdomainOf domain} host ${domain} @${lib'.subdomainOf domain} host ${domain}
handle @${lib.custom.subdomainOf domain} { handle @${lib'.subdomainOf domain} {
reverse_proxy localhost:${toString port} reverse_proxy localhost:${toString port}
} }
''; '';
@ -42,7 +43,7 @@ let
lib.nameValuePair domain { lib.nameValuePair domain {
logFormat = "output file ${config.services.caddy.logDir}/${domain}.log { mode 640 }"; logFormat = "output file ${config.services.caddy.logDir}/${domain}.log { mode 640 }";
extraConfig = '' extraConfig = ''
bind tailscale/${lib.custom.subdomainOf domain} bind tailscale/${lib'.subdomainOf domain}
reverse_proxy localhost:${toString port} reverse_proxy localhost:${toString port}
''; '';
}; };
@ -141,7 +142,7 @@ in
''; '';
virtualHosts = virtualHosts =
nonTailscaleHosts nonTailscaleHosts
|> lib.groupBy (value: lib.custom.rootDomainOf value.domain) |> lib.groupBy (value: lib'.rootDomainOf value.domain)
|> lib.mapAttrs' mkWildCardDomain; |> lib.mapAttrs' mkWildCardDomain;
}; };
}) })

5
modules/system/services/syncthing.nix
View file

@ -2,6 +2,7 @@
config, config,
self, self,
lib, lib,
lib',
... ...
}: }:
let let
@ -51,7 +52,7 @@ in
message = "Running syncthing on a server requires `gui.domain` to be set."; message = "Running syncthing on a server requires `gui.domain` to be set.";
} }
{ {
assertion = (cfg.gui.domain != null) -> (lib.custom.isTailscaleDomain cfg.gui.domain); assertion = (cfg.gui.domain != null) -> (lib'.isTailscaleDomain cfg.gui.domain);
message = "The syncthing gui should only be exposed on a private network as it isn't yet configured with access controll."; message = "The syncthing gui should only be exposed on a private network as it isn't yet configured with access controll.";
} }
]; ];
@ -108,7 +109,7 @@ in
genFolders = genFolders =
folders: folders:
folders folders
|> lib.custom.genAttrs (name: { |> lib'.genAttrs (name: {
path = "${dataDir}/${name}"; path = "${dataDir}/${name}";
ignorePerms = false; ignorePerms = false;
devices = config.services.syncthing.settings.devices |> lib.attrNames; devices = config.services.syncthing.settings.devices |> lib.attrNames;

3
modules/system/services/wlan.nix
View file

@ -2,6 +2,7 @@
config, config,
pkgs, pkgs,
lib, lib,
lib',
... ...
}: }:
let let
@ -30,7 +31,7 @@ in
sops.secrets = sops.secrets =
cfg.networks cfg.networks
|> lib.map (name: "iwd/${name}") |> lib.map (name: "iwd/${name}")
|> lib.custom.genAttrs (_: { |> lib'.genAttrs (_: {
restartUnits = [ "iwd.service" ]; restartUnits = [ "iwd.service" ];
}); });

3
modules/system/web-services/filebrowser.nix
View file

@ -3,6 +3,7 @@
modulesPath, modulesPath,
inputs, inputs,
lib, lib,
lib',
... ...
}: }:
let let
@ -29,7 +30,7 @@ in
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
assertions = [ assertions = [
{ {
assertion = lib.custom.isTailscaleDomain cfg.domain; assertion = lib'.isTailscaleDomain cfg.domain;
message = "Filebrowser isn't yet configured with access controll."; message = "Filebrowser isn't yet configured with access controll.";
} }
]; ];

3
modules/system/web-services/freshrss.nix
View file

@ -1,6 +1,7 @@
{ {
config, config,
lib, lib,
lib',
... ...
}: }:
let let
@ -24,7 +25,7 @@ in
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
assertions = [ assertions = [
{ {
assertion = lib.custom.isTailscaleDomain cfg.domain; assertion = lib'.isTailscaleDomain cfg.domain;
message = "FreshRSS isn't configured with access controll."; message = "FreshRSS isn't configured with access controll.";
} }
]; ];

3
modules/system/web-services/gatus.nix
View file

@ -3,6 +3,7 @@
self, self,
pkgs-unstable, pkgs-unstable,
lib, lib,
lib',
... ...
}: }:
let let
@ -110,7 +111,7 @@ in
|> lib.filter (domain: domain != cfg.domain) |> lib.filter (domain: domain != cfg.domain)
|> lib.map ( |> lib.map (
domain: domain:
lib.nameValuePair (lib.custom.subdomainOf domain) { lib.nameValuePair (lib'.subdomainOf domain) {
inherit domain; inherit domain;
group = hostName; group = hostName;
} }