SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 15:11:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Implement global custom libs as a flake output

Browse source
This commit is contained in:
SebastianStork 2025-10-17 10:57:32 +02:00
parent f276848b18
commit 671a13239a
Signed by: SebastianStork
SSH key fingerprint: SHA256:iEM011ogNMG1q8+U500adGu/9rpPuZ2KnFtbdLeqTiI
10 changed files with 40 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

15
flake-parts/hosts.nix
View file

@ -1,11 +1,16 @@
{ inputs, self, ... }:
{
inputs,
self,
lib,
...
}:
let
lib = inputs.nixpkgs.lib.extend (_: _: { custom = import "${self}/lib" inputs.nixpkgs.lib; });
inherit (self) lib';
mkHost =
hostName:
inputs.nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs self lib; };
specialArgs = { inherit inputs self lib'; };
modules = [
{ networking = { inherit hostName; }; }
"${self}/hosts/common.nix"
@ -25,9 +30,9 @@ let
in
{
flake = {
nixosConfigurations = "${self}/hosts" |> lib.custom.listDirectories |> lib.custom.genAttrs mkHost;
nixosConfigurations = "${self}/hosts" |> lib'.listDirectories |> lib'.genAttrs mkHost;
deploy.nodes = "${self}/hosts" |> lib.custom.listDirectories |> lib.custom.genAttrs mkDeployNode;
deploy.nodes = "${self}/hosts" |> lib'.listDirectories |> lib'.genAttrs mkDeployNode;
checks = inputs.deploy-rs.lib |> lib.mapAttrs (_: deployLib: deployLib.deployChecks self.deploy);
};

4
flake-parts/lib.nix Normal file
View file

@ -0,0 +1,4 @@
{ self, inputs, ... }:
{
flake.lib' = import "${self}/lib" inputs.nixpkgs.lib;
}

9
flake-parts/modules.nix
View file

@ -1,10 +1,7 @@
{ self, inputs, ... }:
let
lib = inputs.nixpkgs.lib.extend (_: _: { custom = import "${self}/lib" inputs.nixpkgs.lib; });
in
{ self, ... }:
{
flake = {
nixosModules.default.imports = lib.custom.listNixFilesRecursive "${self}/modules/system";
homeManagerModules.default.imports = lib.custom.listNixFilesRecursive "${self}/modules/home";
nixosModules.default.imports = self.lib'.listNixFilesRecursive "${self}/modules/system";
homeManagerModules.default.imports = self.lib'.listNixFilesRecursive "${self}/modules/home";
};
}

13
flake.nix
View file

@ -71,13 +71,10 @@
flake-parts.lib.mkFlake { inherit inputs; } {
systems = [ "x86_64-linux" ];
imports = [
./flake-parts/dev-shell.nix
./flake-parts/formatter.nix
./flake-parts/hosts.nix
./flake-parts/install-anywhere.nix
./flake-parts/modules.nix
./flake-parts/sops.nix
];
imports =
./flake-parts
|> builtins.readDir
|> builtins.attrNames
|> builtins.map (name: ./flake-parts + "/${name}");
};
}

13
modules/system/services/caddy.nix
View file

@ -2,6 +2,7 @@
config,
pkgs,
lib,
lib',
...
}:
let
@ -10,8 +11,8 @@ let
virtualHosts = cfg.virtualHosts |> lib.attrValues |> lib.filter (value: value.enable);
tailscaleHosts = virtualHosts |> lib.filter (value: lib.custom.isTailscaleDomain value.domain);
nonTailscaleHosts = virtualHosts |> lib.filter (value: !lib.custom.isTailscaleDomain value.domain);
tailscaleHosts = virtualHosts |> lib.filter (value: lib'.isTailscaleDomain value.domain);
nonTailscaleHosts = virtualHosts |> lib.filter (value: !lib'.isTailscaleDomain value.domain);
webPorts = [
80
@ -28,8 +29,8 @@ let
{ domain, port, ... }:
''
import subdomain-log ${domain}
@${lib.custom.subdomainOf domain} host ${domain}
handle @${lib.custom.subdomainOf domain} {
@${lib'.subdomainOf domain} host ${domain}
handle @${lib'.subdomainOf domain} {
reverse_proxy localhost:${toString port}
}
'';
@ -42,7 +43,7 @@ let
lib.nameValuePair domain {
logFormat = "output file ${config.services.caddy.logDir}/${domain}.log { mode 640 }";
extraConfig = ''
bind tailscale/${lib.custom.subdomainOf domain}
bind tailscale/${lib'.subdomainOf domain}
reverse_proxy localhost:${toString port}
'';
};
@ -141,7 +142,7 @@ in
'';
virtualHosts =
nonTailscaleHosts
|> lib.groupBy (value: lib.custom.rootDomainOf value.domain)
|> lib.groupBy (value: lib'.rootDomainOf value.domain)
|> lib.mapAttrs' mkWildCardDomain;
};
})

5
modules/system/services/syncthing.nix
View file

@ -2,6 +2,7 @@
config,
self,
lib,
lib',
...
}:
let
@ -51,7 +52,7 @@ in
message = "Running syncthing on a server requires `gui.domain` to be set.";
}
{
assertion = (cfg.gui.domain != null) -> (lib.custom.isTailscaleDomain cfg.gui.domain);
assertion = (cfg.gui.domain != null) -> (lib'.isTailscaleDomain cfg.gui.domain);
message = "The syncthing gui should only be exposed on a private network as it isn't yet configured with access controll.";
}
];
@ -108,7 +109,7 @@ in
genFolders =
folders:
folders
|> lib.custom.genAttrs (name: {
|> lib'.genAttrs (name: {
path = "${dataDir}/${name}";
ignorePerms = false;
devices = config.services.syncthing.settings.devices |> lib.attrNames;

3
modules/system/services/wlan.nix
View file

@ -2,6 +2,7 @@
config,
pkgs,
lib,
lib',
...
}:
let
@ -30,7 +31,7 @@ in
sops.secrets =
cfg.networks
|> lib.map (name: "iwd/${name}")
|> lib.custom.genAttrs (_: {
|> lib'.genAttrs (_: {
restartUnits = [ "iwd.service" ];
});

3
modules/system/web-services/filebrowser.nix
View file

@ -3,6 +3,7 @@
modulesPath,
inputs,
lib,
lib',
...
}:
let
@ -29,7 +30,7 @@ in
config = lib.mkIf cfg.enable {
assertions = [
{
assertion = lib.custom.isTailscaleDomain cfg.domain;
assertion = lib'.isTailscaleDomain cfg.domain;
message = "Filebrowser isn't yet configured with access controll.";
}
];

3
modules/system/web-services/freshrss.nix
View file

@ -1,6 +1,7 @@
{
config,
lib,
lib',
...
}:
let
@ -24,7 +25,7 @@ in
config = lib.mkIf cfg.enable {
assertions = [
{
assertion = lib.custom.isTailscaleDomain cfg.domain;
assertion = lib'.isTailscaleDomain cfg.domain;
message = "FreshRSS isn't configured with access controll.";
}
];

3
modules/system/web-services/gatus.nix
View file

@ -3,6 +3,7 @@
self,
pkgs-unstable,
lib,
lib',
...
}:
let
@ -110,7 +111,7 @@ in
|> lib.filter (domain: domain != cfg.domain)
|> lib.map (
domain:
lib.nameValuePair (lib.custom.subdomainOf domain) {
lib.nameValuePair (lib'.subdomainOf domain) {
inherit domain;
group = hostName;
}