Avoid "networking.domain"

2026-01-21 16:21:34 +01:00 · 2025-05-28 21:11:51 +02:00 · 2025-05-28 21:11:51 +02:00 · d5f7e88b59
commit d5f7e88b59
parent 383235ae24
10 changed files with 32 additions and 29 deletions
--- a/hosts/alto/default.nix
+++ b/hosts/alto/default.nix
@ -1,14 +1,14 @@
 { config, ... }:
 let
-  inherit (config.custom) services;
-  inherit (config.custom.services.tailscale) caddyServe;
+  tsDomain = config.custom.services.tailscale.domain;
+  portOf = service: config.custom.services.${service}.port;
 in
 {
  system.stateVersion = "24.11";

  custom = {
-    boot.loader.systemdBoot.enable = true;
    sops.enable = true;
+    boot.loader.systemdBoot.enable = true;

    services = {
      tailscale = {
@ -24,32 +24,32 @@ in
        caddyServe = {
          nextcloud = {
            subdomain = "cloud";
-            inherit (services.nextcloud) port;
+            port = portOf "nextcloud";
          };
          actualbudget = {
            subdomain = "budget";
-            inherit (services.actualbudget) port;
+            port = portOf "actualbudget";
          };
          forgejo = {
            subdomain = "git";
-            inherit (services.forgejo) port;
+            port = portOf "forgejo";
          };
        };
      };

      nextcloud = {
        enable = true;
-        inherit (caddyServe.nextcloud) subdomain;
+        domain = "cloud.${tsDomain}";
        backups.enable = true;
      };
      actualbudget = {
        enable = true;
-        inherit (caddyServe.actualbudget) subdomain;
+        domain = "budget.${tsDomain}";
        backups.enable = true;
      };
      forgejo = {
        enable = true;
-        inherit (caddyServe.forgejo) subdomain;
+        domain = "git.${tsDomain}";
      };

      syncthing = {
--- a/hosts/cirrus/default.nix
+++ b/hosts/cirrus/default.nix
@ -1,11 +1,10 @@
 { config, ... }:
 {
  system.stateVersion = "24.11";
-  networking.domain = "sprouted.cloud";

  custom = {
-    boot.loader.grub.enable = true;
    sops.enable = true;
+    boot.loader.grub.enable = true;

    services = {
      tailscale = {
@ -15,7 +14,7 @@

      hedgedoc = {
        enable = true;
-        subdomain = "docs";
+        domain = "docs.sprouted.cloud";
        backups.enable = true;
      };

@ -32,7 +31,7 @@

  services.caddy = {
    enable = true;
-    virtualHosts."docs.${config.networking.domain}".extraConfig = ''
+    virtualHosts.${config.custom.services.hedgedoc.domain}.extraConfig = ''
      reverse_proxy localhost:${toString config.custom.services.hedgedoc.port}
    '';
  };
--- a/hosts/shared.nix
+++ b/hosts/shared.nix
@ -9,8 +9,6 @@
 {
  imports = [ self.nixosModules.default ];

-  networking.domain = lib.mkDefault "stork-atlas.ts.net";
-
  nix =
    let
      flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs;
--- a/modules/system/services/actualbudget/default.nix
+++ b/modules/system/services/actualbudget/default.nix
@ -9,7 +9,7 @@ in
 {
  options.custom.services.actualbudget = {
    enable = lib.mkEnableOption "";
-    subdomain = lib.mkOption {
+    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
      default = "";
    };
@ -28,7 +28,6 @@ in

    services.actual = {
      enable = true;
-
      settings = {
        hostname = "localhost";
        inherit (cfg) port;
--- a/modules/system/services/forgejo/default.nix
+++ b/modules/system/services/forgejo/default.nix
@ -11,7 +11,7 @@ in
 {
  options.custom.services.forgejo = {
    enable = lib.mkEnableOption "";
-    subdomain = lib.mkOption {
+    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
      default = "";
    };
@ -30,7 +30,7 @@ in

      settings = {
        server = {
-          DOMAIN = "${cfg.subdomain}.${config.networking.domain}";
+          DOMAIN = cfg.domain;
          ROOT_URL = "https://${config.services.forgejo.settings.server.DOMAIN}/";
          HTTP_PORT = cfg.port;
        };
--- a/modules/system/services/hedgedoc/default.nix
+++ b/modules/system/services/hedgedoc/default.nix
@ -14,7 +14,7 @@ in
 {
  options.custom.services.hedgedoc = {
    enable = lib.mkEnableOption "";
-    subdomain = lib.mkOption {
+    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
      default = "";
    };
@ -42,7 +42,7 @@ in

      environmentFile = config.sops.templates."hedgedoc/environment".path;
      settings = {
-        domain = "${cfg.subdomain}.${config.networking.domain}";
+        domain = cfg.domain;
        inherit (cfg) port;
        protocolUseSSL = true;
        allowAnonymous = false;
--- a/modules/system/services/nextcloud/default.nix
+++ b/modules/system/services/nextcloud/default.nix
@ -13,7 +13,7 @@ in
 {
  options.custom.services.nextcloud = {
    enable = lib.mkEnableOption "";
-    subdomain = lib.mkOption {
+    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
      default = "";
    };
@ -30,7 +30,7 @@ in
    services.nextcloud = {
      enable = true;
      package = pkgs.nextcloud31;
-      hostName = "${cfg.subdomain}.${config.networking.domain}";
+      hostName = cfg.domain;

      database.createLocally = true;
      config = {
--- a/modules/system/services/syncthing/default.nix
+++ b/modules/system/services/syncthing/default.nix
@ -6,6 +6,7 @@
 }:
 let
  cfg = config.custom.services.syncthing;
+  tsCfg = config.custom.services.tailscale;
 in
 {
  options.custom.services.syncthing = {
@ -18,6 +19,13 @@ in
  };

  config = lib.mkIf cfg.enable {
+    assertions = [
+      {
+        assertion = tsCfg.enable;
+        message = "syncthing requires tailscale";
+      }
+    ];
+
    services.syncthing = {
      enable = true;

@ -36,7 +44,7 @@ in
          |> lib.mapAttrs (
            name: value: {
              id = value.config.custom.services.syncthing.deviceId;
-              addresses = [ "tcp://${name}.${value.config.networking.domain}:22000" ];
+              addresses = [ "tcp://${name}.${tsCfg.domain}:22000" ];
            }
          );

--- a/modules/system/services/tailscale/caddy-serve.nix
+++ b/modules/system/services/tailscale/caddy-serve.nix
@ -53,7 +53,7 @@ in

      virtualHosts = lib.mapAttrs' (
        _: value:
-        lib.nameValuePair "https://${value.subdomain}.${config.networking.domain}" {
+        lib.nameValuePair "https://${value.subdomain}.${config.custom.services.tailscale.domain}" {
          extraConfig = ''
            bind tailscale/${value.subdomain}
            tailscale_auth
--- a/modules/system/services/tailscale/default.nix
+++ b/modules/system/services/tailscale/default.nix
@ -10,9 +10,9 @@ in
 {
  options.custom.services.tailscale = {
    enable = lib.mkEnableOption "";
-    subdomain = lib.mkOption {
+    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
-      default = config.networking.hostName;
+      default = "stork-atlas.ts.net";
    };
    ssh.enable = lib.mkEnableOption "";
    exitNode.enable = lib.mkEnableOption "";
@ -36,7 +36,6 @@ in
        if (cfg.exitNode.enable || (cfg.serve.target != null)) then "server" else "client";
      extraUpFlags = [ "--reset=true" ];
      extraSetFlags = [
-        "--hostname=${cfg.subdomain}"
        "--ssh=${lib.boolToString cfg.ssh.enable}"
        "--advertise-exit-node=${lib.boolToString cfg.exitNode.enable}"
      ];
@ -57,7 +56,7 @@ in
          serviceConfig = {
            Type = "oneshot";
            RemainAfterExit = true;
-            ExecStartPre = "${lib.getExe pkgs.tailscale} cert --min-validity 120h ${cfg.subdomain}.${config.networking.domain}";
+            ExecStartPre = "${lib.getExe pkgs.tailscale} cert --min-validity 120h ${config.networking.hostName}.${cfg.domain}";
            ExecStart = "${lib.getExe pkgs.tailscale} ${mode} --bg ${cfg.serve.target}";
            ExecStop = "${lib.getExe pkgs.tailscale} ${mode} reset";
            Restart = "on-failure";