Add custom isTailscaleDomain lib

2026-01-21 17:31:34 +01:00 · 2025-10-12 20:36:18 +02:00 · 2025-10-12 20:36:18 +02:00 · f3ea2b75e6
commit f3ea2b75e6
parent 589b76d745
6 changed files with 15 additions and 11 deletions
--- a/flake-parts/hosts.nix
+++ b/flake-parts/hosts.nix
@ -1,14 +1,15 @@
 {
  inputs,
  self,
  lib,
  ...
 }:
 let
  lib = inputs.nixpkgs.lib.extend (_: _: { custom = import ../lib inputs.nixpkgs.lib; });
  mkHost =
    hostName:
    inputs.nixpkgs.lib.nixosSystem {
-      specialArgs = { inherit inputs self; };
+      specialArgs = { inherit inputs self lib; };
      modules = [
        { networking = { inherit hostName; }; }
        "${self}/hosts/common.nix"
--- a/flake-parts/modules.nix
+++ b/flake-parts/modules.nix
@ -1,10 +1,11 @@
 { self, lib, ... }:
 let
-  modulesOf = dir: dir |> lib.filesystem.listFilesRecursive |> lib.filter (lib.hasSuffix ".nix");
+  listNixFilesRecursive =
    dir: dir |> lib.filesystem.listFilesRecursive |> lib.filter (lib.hasSuffix ".nix");
 in
 {
  flake = {
-    nixosModules.default.imports = modulesOf "${self}/modules/system";
+    nixosModules.default.imports = listNixFilesRecursive "${self}/modules/system";
-    homeManagerModules.default.imports = modulesOf "${self}/modules/home";
+    homeManagerModules.default.imports = listNixFilesRecursive "${self}/modules/home";
  };
 }
--- a/lib/default.nix
+++ b/lib/default.nix
@ -0,0 +1,3 @@
 lib: {
  isTailscaleDomain = domain: domain |> lib.hasSuffix ".ts.net";
 }
--- a/modules/system/services/caddy.nix
+++ b/modules/system/services/caddy.nix
@ -10,7 +10,7 @@ let
  virtualHosts = cfg.virtualHosts |> lib.attrValues |> lib.filter (value: value.enable);
-  isTailscaleDomain = domain: domain |> lib.hasSuffix config.custom.services.tailscale.domain;
+  isTailscaleDomain = domain: lib.custom.isTailscaleDomain domain;
  tailscaleHosts = virtualHosts |> lib.filter (value: isTailscaleDomain value.domain);
  nonTailscaleHosts = virtualHosts |> lib.filter (value: !isTailscaleDomain value.domain);
--- a/modules/system/services/syncthing.nix
+++ b/modules/system/services/syncthing.nix
@ -6,7 +6,6 @@
 }:
 let
  cfg = config.custom.services.syncthing;
  tailscaleCfg = config.custom.services.tailscale;
  inherit (config.services.syncthing) dataDir;
@ -40,7 +39,7 @@ in
  config = lib.mkIf cfg.enable {
    assertions = [
      {
-        assertion = tailscaleCfg.enable;
+        assertion = config.custom.services.tailscale.enable;
        message = "Syncthing requires tailscale.";
      }
      {
@ -52,7 +51,7 @@ in
        message = "Running syncthing on a server requires `gui.domain` to be set.";
      }
      {
-        assertion = (cfg.gui.domain != null) -> (cfg.gui.domain |> lib.hasSuffix tailscaleCfg.domain);
+        assertion = (cfg.gui.domain != null) -> (lib.custom.isTailscaleDomain cfg.gui.domain);
        message = "The syncthing gui should only be exposed on a private network as it isn't yet configured with access controll.";
      }
    ];
@ -100,7 +99,7 @@ in
          |> lib.mapAttrs (
            name: value: {
              id = value.config.custom.services.syncthing.deviceId;
-              addresses = [ "tcp://${name}.${tailscaleCfg.domain}:${toString cfg.syncPort}" ];
+              addresses = [ "tcp://${name}.${config.custom.services.tailscale.domain}:${toString cfg.syncPort}" ];
            }
          );
--- a/modules/system/web-services/filebrowser.nix
+++ b/modules/system/web-services/filebrowser.nix
@ -29,7 +29,7 @@ in
  config = lib.mkIf cfg.enable {
    assertions = [
      {
-        assertion = cfg.domain |> lib.hasSuffix config.custom.services.tailscale.domain;
+        assertion = lib.custom.isTailscaleDomain cfg.domain;
        message = "Filebrowser isn't yet configured with access controll.";
      }
    ];