SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 18:41:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Avoid "networking.domain"

Browse source
This commit is contained in:
SebastianStork 2025-05-28 21:11:51 +02:00
parent 383235ae24
commit d5f7e88b59
10 changed files with 32 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

18
hosts/alto/default.nix
View file

@ -1,14 +1,14 @@
{ config, ... }: { config, ... }:
let let
inherit (config.custom) services; tsDomain = config.custom.services.tailscale.domain;
inherit (config.custom.services.tailscale) caddyServe; portOf = service: config.custom.services.${service}.port;
in in
{ {
system.stateVersion = "24.11"; system.stateVersion = "24.11";
custom = { custom = {
boot.loader.systemdBoot.enable = true;
sops.enable = true; sops.enable = true;
boot.loader.systemdBoot.enable = true;
services = { services = {
tailscale = { tailscale = {
@ -24,32 +24,32 @@ in
caddyServe = { caddyServe = {
nextcloud = { nextcloud = {
subdomain = "cloud"; subdomain = "cloud";
inherit (services.nextcloud) port; port = portOf "nextcloud";
}; };
actualbudget = { actualbudget = {
subdomain = "budget"; subdomain = "budget";
inherit (services.actualbudget) port; port = portOf "actualbudget";
}; };
forgejo = { forgejo = {
subdomain = "git"; subdomain = "git";
inherit (services.forgejo) port; port = portOf "forgejo";
}; };
}; };
}; };
nextcloud = { nextcloud = {
enable = true; enable = true;
inherit (caddyServe.nextcloud) subdomain; domain = "cloud.${tsDomain}";
backups.enable = true; backups.enable = true;
}; };
actualbudget = { actualbudget = {
enable = true; enable = true;
inherit (caddyServe.actualbudget) subdomain; domain = "budget.${tsDomain}";
backups.enable = true; backups.enable = true;
}; };
forgejo = { forgejo = {
enable = true; enable = true;
inherit (caddyServe.forgejo) subdomain; domain = "git.${tsDomain}";
}; };
syncthing = { syncthing = {

7
hosts/cirrus/default.nix
View file

@ -1,11 +1,10 @@
{ config, ... }: { config, ... }:
{ {
system.stateVersion = "24.11"; system.stateVersion = "24.11";
networking.domain = "sprouted.cloud";
custom = { custom = {
boot.loader.grub.enable = true;
sops.enable = true; sops.enable = true;
boot.loader.grub.enable = true;
services = { services = {
tailscale = { tailscale = {
@ -15,7 +14,7 @@
hedgedoc = { hedgedoc = {
enable = true; enable = true;
subdomain = "docs"; domain = "docs.sprouted.cloud";
backups.enable = true; backups.enable = true;
}; };
@ -32,7 +31,7 @@
services.caddy = { services.caddy = {
enable = true; enable = true;
virtualHosts."docs.${config.networking.domain}".extraConfig = '' virtualHosts.${config.custom.services.hedgedoc.domain}.extraConfig = ''
reverse_proxy localhost:${toString config.custom.services.hedgedoc.port} reverse_proxy localhost:${toString config.custom.services.hedgedoc.port}
''; '';
}; };

2
hosts/shared.nix
View file

@ -9,8 +9,6 @@
{ {
imports = [ self.nixosModules.default ]; imports = [ self.nixosModules.default ];
networking.domain = lib.mkDefault "stork-atlas.ts.net";
nix = nix =
let let
flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs; flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs;

3
modules/system/services/actualbudget/default.nix
View file

@ -9,7 +9,7 @@ in
{ {
options.custom.services.actualbudget = { options.custom.services.actualbudget = {
enable = lib.mkEnableOption ""; enable = lib.mkEnableOption "";
subdomain = lib.mkOption { domain = lib.mkOption {
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
default = ""; default = "";
}; };
@ -28,7 +28,6 @@ in
services.actual = { services.actual = {
enable = true; enable = true;
settings = { settings = {
hostname = "localhost"; hostname = "localhost";
inherit (cfg) port; inherit (cfg) port;

4
modules/system/services/forgejo/default.nix
View file

@ -11,7 +11,7 @@ in
{ {
options.custom.services.forgejo = { options.custom.services.forgejo = {
enable = lib.mkEnableOption ""; enable = lib.mkEnableOption "";
subdomain = lib.mkOption { domain = lib.mkOption {
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
default = ""; default = "";
}; };
@ -30,7 +30,7 @@ in
settings = { settings = {
server = { server = {
DOMAIN = "${cfg.subdomain}.${config.networking.domain}"; DOMAIN = cfg.domain;
ROOT_URL = "https://${config.services.forgejo.settings.server.DOMAIN}/"; ROOT_URL = "https://${config.services.forgejo.settings.server.DOMAIN}/";
HTTP_PORT = cfg.port; HTTP_PORT = cfg.port;
}; };

4
modules/system/services/hedgedoc/default.nix
View file

@ -14,7 +14,7 @@ in
{ {
options.custom.services.hedgedoc = { options.custom.services.hedgedoc = {
enable = lib.mkEnableOption ""; enable = lib.mkEnableOption "";
subdomain = lib.mkOption { domain = lib.mkOption {
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
default = ""; default = "";
}; };
@ -42,7 +42,7 @@ in
environmentFile = config.sops.templates."hedgedoc/environment".path; environmentFile = config.sops.templates."hedgedoc/environment".path;
settings = { settings = {
domain = "${cfg.subdomain}.${config.networking.domain}"; domain = cfg.domain;
inherit (cfg) port; inherit (cfg) port;
protocolUseSSL = true; protocolUseSSL = true;
allowAnonymous = false; allowAnonymous = false;

4
modules/system/services/nextcloud/default.nix
View file

@ -13,7 +13,7 @@ in
{ {
options.custom.services.nextcloud = { options.custom.services.nextcloud = {
enable = lib.mkEnableOption ""; enable = lib.mkEnableOption "";
subdomain = lib.mkOption { domain = lib.mkOption {
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
default = ""; default = "";
}; };
@ -30,7 +30,7 @@ in
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
package = pkgs.nextcloud31; package = pkgs.nextcloud31;
hostName = "${cfg.subdomain}.${config.networking.domain}"; hostName = cfg.domain;
database.createLocally = true; database.createLocally = true;
config = { config = {

10
modules/system/services/syncthing/default.nix
View file

@ -6,6 +6,7 @@
}: }:
let let
cfg = config.custom.services.syncthing; cfg = config.custom.services.syncthing;
tsCfg = config.custom.services.tailscale;
in in
{ {
options.custom.services.syncthing = { options.custom.services.syncthing = {
@ -18,6 +19,13 @@ in
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
assertions = [
{
assertion = tsCfg.enable;
message = "syncthing requires tailscale";
}
];
services.syncthing = { services.syncthing = {
enable = true; enable = true;
@ -36,7 +44,7 @@ in
|> lib.mapAttrs ( |> lib.mapAttrs (
name: value: { name: value: {
id = value.config.custom.services.syncthing.deviceId; id = value.config.custom.services.syncthing.deviceId;
addresses = [ "tcp://${name}.${value.config.networking.domain}:22000" ]; addresses = [ "tcp://${name}.${tsCfg.domain}:22000" ];
} }
); );

2
modules/system/services/tailscale/caddy-serve.nix
View file

@ -53,7 +53,7 @@ in
virtualHosts = lib.mapAttrs' ( virtualHosts = lib.mapAttrs' (
_: value: _: value:
lib.nameValuePair "https://${value.subdomain}.${config.networking.domain}" { lib.nameValuePair "https://${value.subdomain}.${config.custom.services.tailscale.domain}" {
extraConfig = '' extraConfig = ''
bind tailscale/${value.subdomain} bind tailscale/${value.subdomain}
tailscale_auth tailscale_auth

7
modules/system/services/tailscale/default.nix
View file

@ -10,9 +10,9 @@ in
{ {
options.custom.services.tailscale = { options.custom.services.tailscale = {
enable = lib.mkEnableOption ""; enable = lib.mkEnableOption "";
subdomain = lib.mkOption { domain = lib.mkOption {
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
default = config.networking.hostName; default = "stork-atlas.ts.net";
}; };
ssh.enable = lib.mkEnableOption ""; ssh.enable = lib.mkEnableOption "";
exitNode.enable = lib.mkEnableOption ""; exitNode.enable = lib.mkEnableOption "";
@ -36,7 +36,6 @@ in
if (cfg.exitNode.enable || (cfg.serve.target != null)) then "server" else "client"; if (cfg.exitNode.enable || (cfg.serve.target != null)) then "server" else "client";
extraUpFlags = [ "--reset=true" ]; extraUpFlags = [ "--reset=true" ];
extraSetFlags = [ extraSetFlags = [
"--hostname=${cfg.subdomain}"
"--ssh=${lib.boolToString cfg.ssh.enable}" "--ssh=${lib.boolToString cfg.ssh.enable}"
"--advertise-exit-node=${lib.boolToString cfg.exitNode.enable}" "--advertise-exit-node=${lib.boolToString cfg.exitNode.enable}"
]; ];
@ -57,7 +56,7 @@ in
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
RemainAfterExit = true; RemainAfterExit = true;
ExecStartPre = "${lib.getExe pkgs.tailscale} cert --min-validity 120h ${cfg.subdomain}.${config.networking.domain}"; ExecStartPre = "${lib.getExe pkgs.tailscale} cert --min-validity 120h ${config.networking.hostName}.${cfg.domain}";
ExecStart = "${lib.getExe pkgs.tailscale} ${mode} --bg ${cfg.serve.target}"; ExecStart = "${lib.getExe pkgs.tailscale} ${mode} --bg ${cfg.serve.target}";
ExecStop = "${lib.getExe pkgs.tailscale} ${mode} reset"; ExecStop = "${lib.getExe pkgs.tailscale} ${mode} reset";
Restart = "on-failure"; Restart = "on-failure";