Add custom isTailscaleDomain lib

flake-parts/hosts.nix

@@ -1,14 +1,15 @@
 {
   inputs,
   self,
-  lib,
   ...
 }:
 let
+  lib = inputs.nixpkgs.lib.extend (_: _: { custom = import ../lib inputs.nixpkgs.lib; });
+
   mkHost =
     hostName:
     inputs.nixpkgs.lib.nixosSystem {
-      specialArgs = { inherit inputs self; };
+      specialArgs = { inherit inputs self lib; };
       modules = [
         { networking = { inherit hostName; }; }
         "${self}/hosts/common.nix"

flake-parts/modules.nix

@@ -1,10 +1,11 @@
 { self, lib, ... }:
 let
-  modulesOf = dir: dir |> lib.filesystem.listFilesRecursive |> lib.filter (lib.hasSuffix ".nix");
+  listNixFilesRecursive =
+    dir: dir |> lib.filesystem.listFilesRecursive |> lib.filter (lib.hasSuffix ".nix");
 in
 {
   flake = {
-    nixosModules.default.imports = modulesOf "${self}/modules/system";
-    homeManagerModules.default.imports = modulesOf "${self}/modules/home";
+    nixosModules.default.imports = listNixFilesRecursive "${self}/modules/system";
+    homeManagerModules.default.imports = listNixFilesRecursive "${self}/modules/home";
   };
 }

lib/default.nix

@@ -0,0 +1,3 @@
+lib: {
+  isTailscaleDomain = domain: domain |> lib.hasSuffix ".ts.net";
+}

modules/system/services/caddy.nix

@@ -10,7 +10,7 @@ let
 
   virtualHosts = cfg.virtualHosts |> lib.attrValues |> lib.filter (value: value.enable);
 
-  isTailscaleDomain = domain: domain |> lib.hasSuffix config.custom.services.tailscale.domain;
+  isTailscaleDomain = domain: lib.custom.isTailscaleDomain domain;
 
   tailscaleHosts = virtualHosts |> lib.filter (value: isTailscaleDomain value.domain);
   nonTailscaleHosts = virtualHosts |> lib.filter (value: !isTailscaleDomain value.domain);

modules/system/services/syncthing.nix

@@ -6,7 +6,6 @@
 }:
 let
   cfg = config.custom.services.syncthing;
-  tailscaleCfg = config.custom.services.tailscale;
 
   inherit (config.services.syncthing) dataDir;
 
@@ -40,7 +39,7 @@ in
   config = lib.mkIf cfg.enable {
     assertions = [
       {
-        assertion = tailscaleCfg.enable;
+        assertion = config.custom.services.tailscale.enable;
         message = "Syncthing requires tailscale.";
       }
       {
@@ -52,7 +51,7 @@ in
         message = "Running syncthing on a server requires `gui.domain` to be set.";
       }
       {
-        assertion = (cfg.gui.domain != null) -> (cfg.gui.domain |> lib.hasSuffix tailscaleCfg.domain);
+        assertion = (cfg.gui.domain != null) -> (lib.custom.isTailscaleDomain cfg.gui.domain);
         message = "The syncthing gui should only be exposed on a private network as it isn't yet configured with access controll.";
       }
     ];
@@ -100,7 +99,7 @@ in
           |> lib.mapAttrs (
             name: value: {
               id = value.config.custom.services.syncthing.deviceId;
-              addresses = [ "tcp://${name}.${tailscaleCfg.domain}:${toString cfg.syncPort}" ];
+              addresses = [ "tcp://${name}.${config.custom.services.tailscale.domain}:${toString cfg.syncPort}" ];
             }
           );
 

modules/system/web-services/filebrowser.nix

@@ -29,7 +29,7 @@ in
   config = lib.mkIf cfg.enable {
     assertions = [
       {
-        assertion = cfg.domain |> lib.hasSuffix config.custom.services.tailscale.domain;
+        assertion = lib.custom.isTailscaleDomain cfg.domain;
         message = "Filebrowser isn't yet configured with access controll.";
       }
     ];