diff --git a/hosts/vps-monitor/default.nix b/hosts/vps-monitor/default.nix index 0ffdcb4..03bbcca 100644 --- a/hosts/vps-monitor/default.nix +++ b/hosts/vps-monitor/default.nix @@ -20,16 +20,16 @@ boot.loader.grub.enable = true; - services.tailscale = { - enable = true; - ssh.enable = true; - }; - - web-services = + services = let tailscaleDomain = config.custom.services.tailscale.domain; in { + tailscale = { + enable = true; + ssh.enable = true; + }; + gatus = { enable = true; domain = "status.${tailscaleDomain}"; diff --git a/hosts/vps-private/default.nix b/hosts/vps-private/default.nix index e63db19..95e52d6 100644 --- a/hosts/vps-private/default.nix +++ b/hosts/vps-private/default.nix @@ -13,24 +13,23 @@ ports.validate = true; }; - custom = - let - tailscaleDomain = config.custom.services.tailscale.domain; - in - { - persistence.enable = true; + custom = { + persistence.enable = true; - sops.enable = true; + sops.enable = true; - boot.loader.systemd-boot.enable = true; + boot.loader.systemd-boot.enable = true; - services = { + services = + let + tailscaleDomain = config.custom.services.tailscale.domain; + in + { tailscale = { enable = true; ssh.enable = true; exitNode.enable = true; }; - nebula.node = { enable = true; address = "10.254.250.2"; @@ -45,9 +44,7 @@ deviceId = "5R2MH7T-Q2ZZS2P-ZMSQ2UJ-B6VBHES-XYLNMZ6-7FYC27L-4P7MGJ2-FY4ITQD"; gui.domain = "syncthing.${tailscaleDomain}"; }; - }; - web-services = { filebrowser = { enable = true; domain = "files.${tailscaleDomain}"; @@ -83,5 +80,5 @@ domain = "alloy-${config.networking.hostName}.${tailscaleDomain}"; }; }; - }; + }; } diff --git a/hosts/vps-public/default.nix b/hosts/vps-public/default.nix index a5f77d3..c13ed39 100644 --- a/hosts/vps-public/default.nix +++ b/hosts/vps-public/default.nix @@ -20,25 +20,22 @@ boot.loader.systemd-boot.enable = true; - services = { - tailscale = { - enable = true; - ssh.enable = true; - }; - - crowdsec = { - enable = true; - bouncers.firewall = true; - }; - - }; - - web-services = + services = let sstorkDomain = "sstork.dev"; sproutedDomain = "sprouted.cloud"; in { + tailscale = { + enable = true; + ssh.enable = true; + }; + + crowdsec = { + enable = true; + bouncers.firewall = true; + }; + personal-blog = { enable = true; domain = sstorkDomain; @@ -62,6 +59,15 @@ domain = "tools.${sproutedDomain}"; }; + stirling-pdf = { + enable = true; + domain = "pdf.${sproutedDomain}"; + branding = { + name = "Sprouted PDF"; + description = "Sprouted's one-stop-shop for all your PDF needs."; + }; + }; + privatebin = { enable = true; domain = "pastebin.${sproutedDomain}"; diff --git a/modules/system/web-services/actualbudget.nix b/modules/system/web-services/actualbudget.nix index 126726f..8cf0ff7 100644 --- a/modules/system/web-services/actualbudget.nix +++ b/modules/system/web-services/actualbudget.nix @@ -1,11 +1,11 @@ { config, lib, ... }: let - cfg = config.custom.web-services.actualbudget; + cfg = config.custom.services.actualbudget; inherit (config.services.actual.settings) dataDir; in { - options.custom.web-services.actualbudget = { + options.custom.services.actualbudget = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/alloy.nix b/modules/system/web-services/alloy.nix index 854077a..e8709e0 100644 --- a/modules/system/web-services/alloy.nix +++ b/modules/system/web-services/alloy.nix @@ -1,9 +1,9 @@ { config, lib, ... }: let - cfg = config.custom.web-services.alloy; + cfg = config.custom.services.alloy; in { - options.custom.web-services.alloy = { + options.custom.services.alloy = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; @@ -121,7 +121,7 @@ in text = '' prometheus.scrape "victorialogs" { targets = [{ - __address__ = "localhost:${toString config.custom.web-services.victorialogs.port}", + __address__ = "localhost:${toString config.custom.services.victorialogs.port}", job = "victorialogs", instance = constants.hostname, }] diff --git a/modules/system/web-services/filebrowser.nix b/modules/system/web-services/filebrowser.nix index 09423ce..50175b4 100644 --- a/modules/system/web-services/filebrowser.nix +++ b/modules/system/web-services/filebrowser.nix @@ -7,12 +7,12 @@ ... }: let - cfg = config.custom.web-services.filebrowser; + cfg = config.custom.services.filebrowser; dataDir = "/var/lib/filebrowser"; in { - options.custom.web-services.filebrowser = { + options.custom.services.filebrowser = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/forgejo/default.nix b/modules/system/web-services/forgejo/default.nix index 6888e07..86b506f 100644 --- a/modules/system/web-services/forgejo/default.nix +++ b/modules/system/web-services/forgejo/default.nix @@ -1,9 +1,9 @@ { config, lib, ... }: let - cfg = config.custom.web-services.forgejo; + cfg = config.custom.services.forgejo; in { - options.custom.web-services.forgejo = { + options.custom.services.forgejo = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/forgejo/ssh.nix b/modules/system/web-services/forgejo/ssh.nix index b54c908..3670208 100644 --- a/modules/system/web-services/forgejo/ssh.nix +++ b/modules/system/web-services/forgejo/ssh.nix @@ -1,9 +1,9 @@ { config, lib, ... }: let - cfg = config.custom.web-services.forgejo.ssh; + cfg = config.custom.services.forgejo.ssh; in { - options.custom.web-services.forgejo.ssh = { + options.custom.services.forgejo.ssh = { enable = lib.mkEnableOption ""; port = lib.mkOption { type = lib.types.port; diff --git a/modules/system/web-services/freshrss.nix b/modules/system/web-services/freshrss.nix index d47f1be..58d0dfc 100644 --- a/modules/system/web-services/freshrss.nix +++ b/modules/system/web-services/freshrss.nix @@ -5,12 +5,12 @@ ... }: let - cfg = config.custom.web-services.freshrss; + cfg = config.custom.services.freshrss; inherit (config.services.freshrss) dataDir; in { - options.custom.web-services.freshrss = { + options.custom.services.freshrss = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/gatus.nix b/modules/system/web-services/gatus.nix index 6dff1f0..ef2a16e 100644 --- a/modules/system/web-services/gatus.nix +++ b/modules/system/web-services/gatus.nix @@ -6,11 +6,11 @@ ... }: let - cfg = config.custom.web-services.gatus; + cfg = config.custom.services.gatus; dataDir = "/var/lib/gatus"; in { - options.custom.web-services.gatus = { + options.custom.services.gatus = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; @@ -169,38 +169,40 @@ in systemd.services.gatus.environment.GATUS_DELAY_START_SECONDS = "5"; custom = { - web-services.gatus.endpoints = - let - defaultEndpoints = - self.nixosConfigurations - |> lib.mapAttrs (_: value: value.config.meta.domains.local) - |> lib.concatMapAttrs ( - hostName: domains: - domains - |> lib.filter (domain: domain != cfg.domain) - |> lib.map ( - domain: - lib.nameValuePair (lib'.subdomainOf domain) { - inherit domain; - group = hostName; - } - ) - |> lib.listToAttrs - ); - in - lib.mkIf cfg.generateDefaultEndpoints ( - defaultEndpoints - // { - "healthchecks.io" = { - group = "external"; - domain = "hc-ping.com"; - path = "/\${HEALTHCHECKS_PING_KEY}/${config.networking.hostName}-gatus-uptime?create=1"; - interval = "2h"; - }; - } - ); + services = { + gatus.endpoints = + let + defaultEndpoints = + self.nixosConfigurations + |> lib.mapAttrs (_: value: value.config.meta.domains.local) + |> lib.concatMapAttrs ( + hostName: domains: + domains + |> lib.filter (domain: domain != cfg.domain) + |> lib.map ( + domain: + lib.nameValuePair (lib'.subdomainOf domain) { + inherit domain; + group = hostName; + } + ) + |> lib.listToAttrs + ); + in + lib.mkIf cfg.generateDefaultEndpoints ( + defaultEndpoints + // { + "healthchecks.io" = { + group = "external"; + domain = "hc-ping.com"; + path = "/\${HEALTHCHECKS_PING_KEY}/${config.networking.hostName}-gatus-uptime?create=1"; + interval = "2h"; + }; + } + ); - services.caddy.virtualHosts.${cfg.domain}.port = cfg.port; + caddy.virtualHosts.${cfg.domain}.port = cfg.port; + }; persistence.directories = [ dataDir ]; }; diff --git a/modules/system/web-services/grafana.nix b/modules/system/web-services/grafana.nix index 3e2bcd9..ff63267 100644 --- a/modules/system/web-services/grafana.nix +++ b/modules/system/web-services/grafana.nix @@ -5,10 +5,10 @@ ... }: let - cfg = config.custom.web-services.grafana; + cfg = config.custom.services.grafana; in { - options.custom.web-services.grafana = { + options.custom.services.grafana = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/it-tools.nix b/modules/system/web-services/it-tools.nix index 728bea7..3ec376c 100644 --- a/modules/system/web-services/it-tools.nix +++ b/modules/system/web-services/it-tools.nix @@ -5,10 +5,10 @@ ... }: let - cfg = config.custom.web-services.it-tools; + cfg = config.custom.services.it-tools; in { - options.custom.web-services.it-tools = { + options.custom.services.it-tools = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/memos.nix b/modules/system/web-services/memos.nix index 8704e67..25c856d 100644 --- a/modules/system/web-services/memos.nix +++ b/modules/system/web-services/memos.nix @@ -5,12 +5,12 @@ ... }: let - cfg = config.custom.web-services.memos; + cfg = config.custom.services.memos; dataDir = config.services.memos.settings.MEMOS_DATA; in { - options.custom.web-services.memos = { + options.custom.services.memos = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/ntfy.nix b/modules/system/web-services/ntfy.nix index a8f6eec..da24247 100644 --- a/modules/system/web-services/ntfy.nix +++ b/modules/system/web-services/ntfy.nix @@ -1,9 +1,9 @@ { config, lib, ... }: let - cfg = config.custom.web-services.ntfy; + cfg = config.custom.services.ntfy; in { - options.custom.web-services.ntfy = { + options.custom.services.ntfy = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/outline.nix b/modules/system/web-services/outline.nix index 3f7179a..7620ec3 100644 --- a/modules/system/web-services/outline.nix +++ b/modules/system/web-services/outline.nix @@ -5,10 +5,10 @@ ... }: let - cfg = config.custom.web-services.outline; + cfg = config.custom.services.outline; in { - options.custom.web-services.outline = { + options.custom.services.outline = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/personal-blog.nix b/modules/system/web-services/personal-blog.nix index a4ff641..0acb4c6 100644 --- a/modules/system/web-services/personal-blog.nix +++ b/modules/system/web-services/personal-blog.nix @@ -5,12 +5,12 @@ ... }: let - cfg = config.custom.web-services.personal-blog; + cfg = config.custom.services.personal-blog; dataDir = "/var/lib/personal-blog"; in { - options.custom.web-services.personal-blog = { + options.custom.services.personal-blog = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/privatebin.nix b/modules/system/web-services/privatebin.nix index 3751b52..75cc0bc 100644 --- a/modules/system/web-services/privatebin.nix +++ b/modules/system/web-services/privatebin.nix @@ -1,9 +1,9 @@ { config, lib, ... }: let - cfg = config.custom.web-services.privatebin; + cfg = config.custom.services.privatebin; in { - options.custom.web-services.privatebin = { + options.custom.services.privatebin = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/radicale.nix b/modules/system/web-services/radicale.nix index ce371b9..375288d 100644 --- a/modules/system/web-services/radicale.nix +++ b/modules/system/web-services/radicale.nix @@ -6,12 +6,12 @@ ... }: let - cfg = config.custom.web-services.radicale; + cfg = config.custom.services.radicale; dataDir = config.services.radicale.settings.storage.filesystem_folder; in { - options.custom.web-services.radicale = { + options.custom.services.radicale = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/stirling-pdf.nix b/modules/system/web-services/stirling-pdf.nix index 4212ac6..ba4d094 100644 --- a/modules/system/web-services/stirling-pdf.nix +++ b/modules/system/web-services/stirling-pdf.nix @@ -1,9 +1,9 @@ { config, lib, ... }: let - cfg = config.custom.web-services.stirling-pdf; + cfg = config.custom.services.stirling-pdf; in { - options.custom.web-services.stirling-pdf = { + options.custom.services.stirling-pdf = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/uptime-kuma.nix b/modules/system/web-services/uptime-kuma.nix index 13f6763..01f008b 100644 --- a/modules/system/web-services/uptime-kuma.nix +++ b/modules/system/web-services/uptime-kuma.nix @@ -1,9 +1,9 @@ { config, lib, ... }: let - cfg = config.custom.web-services.uptime-kuma; + cfg = config.custom.services.uptime-kuma; in { - options.custom.web-services.uptime-kuma = { + options.custom.services.uptime-kuma = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/victorialogs.nix b/modules/system/web-services/victorialogs.nix index 40f3090..b8550c8 100644 --- a/modules/system/web-services/victorialogs.nix +++ b/modules/system/web-services/victorialogs.nix @@ -5,10 +5,10 @@ ... }: let - cfg = config.custom.web-services.victorialogs; + cfg = config.custom.services.victorialogs; in { - options.custom.web-services.victorialogs = { + options.custom.services.victorialogs = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr; diff --git a/modules/system/web-services/victoriametrics.nix b/modules/system/web-services/victoriametrics.nix index b88d524..9cf27f6 100644 --- a/modules/system/web-services/victoriametrics.nix +++ b/modules/system/web-services/victoriametrics.nix @@ -5,10 +5,10 @@ ... }: let - cfg = config.custom.web-services.victoriametrics; + cfg = config.custom.services.victoriametrics; in { - options.custom.web-services.victoriametrics = { + options.custom.services.victoriametrics = { enable = lib.mkEnableOption ""; domain = lib.mkOption { type = lib.types.nonEmptyStr;