SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 12:51:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: SebastianStork:312036e7a7011888b0ba9cff685ea8ad6d511a1e
Branches Tags
SebastianStork:main
SebastianStork:develop
...
compare: SebastianStork:02846ab16fadafafeb64b30686e80e1d22e16b7d
Branches Tags
SebastianStork:main
SebastianStork:develop

2 commits
312036e7a7 ... 02846ab16f

Author SHA1 Message Date
SebastianStork
02846ab16f
Refactor web services to use a unified web-services namespace 2025-12-28 19:33:56 +01:00
SebastianStork
308ee43ec4
vps-public: Disable stirling-pdf 2025-12-28 19:12:08 +01:00
22 changed files with 103 additions and 108 deletions
Download patch file Download diff file Expand all files Collapse all files

12
hosts/vps-monitor/default.nix
View file

@ -20,16 +20,16 @@
boot.loader.grub.enable = true;
services =
services.tailscale = {
enable = true;
ssh.enable = true;
};
web-services =
let
tailscaleDomain = config.custom.services.tailscale.domain;
in
{
tailscale = {
enable = true;
ssh.enable = true;
};
gatus = {
enable = true;
domain = "status.${tailscaleDomain}";

23
hosts/vps-private/default.nix
View file

@ -13,23 +13,24 @@
ports.validate = true;
};
custom = {
persistence.enable = true;
custom =
let
tailscaleDomain = config.custom.services.tailscale.domain;
in
{
persistence.enable = true;
sops.enable = true;
sops.enable = true;
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.enable = true;
services =
let
tailscaleDomain = config.custom.services.tailscale.domain;
in
{
services = {
tailscale = {
enable = true;
ssh.enable = true;
exitNode.enable = true;
};
nebula.node = {
enable = true;
address = "10.254.250.2";
@ -44,7 +45,9 @@
deviceId = "5R2MH7T-Q2ZZS2P-ZMSQ2UJ-B6VBHES-XYLNMZ6-7FYC27L-4P7MGJ2-FY4ITQD";
gui.domain = "syncthing.${tailscaleDomain}";
};
};
web-services = {
filebrowser = {
enable = true;
domain = "files.${tailscaleDomain}";
@ -80,5 +83,5 @@
domain = "alloy-${config.networking.hostName}.${tailscaleDomain}";
};
};
};
};
}

34
hosts/vps-public/default.nix
View file

@ -20,22 +20,25 @@
boot.loader.systemd-boot.enable = true;
services =
services = {
tailscale = {
enable = true;
ssh.enable = true;
};
crowdsec = {
enable = true;
bouncers.firewall = true;
};
};
web-services =
let
sstorkDomain = "sstork.dev";
sproutedDomain = "sprouted.cloud";
in
{
tailscale = {
enable = true;
ssh.enable = true;
};
crowdsec = {
enable = true;
bouncers.firewall = true;
};
personal-blog = {
enable = true;
domain = sstorkDomain;
@ -59,15 +62,6 @@
domain = "tools.${sproutedDomain}";
};
stirling-pdf = {
enable = true;
domain = "pdf.${sproutedDomain}";
branding = {
name = "Sprouted PDF";
description = "Sprouted's one-stop-shop for all your PDF needs.";
};
};
privatebin = {
enable = true;
domain = "pastebin.${sproutedDomain}";

4
modules/system/web-services/actualbudget.nix
View file

@ -1,11 +1,11 @@
{ config, lib, ... }:
let
cfg = config.custom.services.actualbudget;
cfg = config.custom.web-services.actualbudget;
inherit (config.services.actual.settings) dataDir;
in
{
options.custom.services.actualbudget = {
options.custom.web-services.actualbudget = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

6
modules/system/web-services/alloy.nix
View file

@ -1,9 +1,9 @@
{ config, lib, ... }:
let
cfg = config.custom.services.alloy;
cfg = config.custom.web-services.alloy;
in
{
options.custom.services.alloy = {
options.custom.web-services.alloy = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;
@ -121,7 +121,7 @@ in
text = ''
prometheus.scrape "victorialogs" {
targets = [{
__address__ = "localhost:${toString config.custom.services.victorialogs.port}",
__address__ = "localhost:${toString config.custom.web-services.victorialogs.port}",
job = "victorialogs",
instance = constants.hostname,
}]

4
modules/system/web-services/filebrowser.nix
View file

@ -7,12 +7,12 @@
...
}:
let
cfg = config.custom.services.filebrowser;
cfg = config.custom.web-services.filebrowser;
dataDir = "/var/lib/filebrowser";
in
{
options.custom.services.filebrowser = {
options.custom.web-services.filebrowser = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/forgejo/default.nix
View file

@ -1,9 +1,9 @@
{ config, lib, ... }:
let
cfg = config.custom.services.forgejo;
cfg = config.custom.web-services.forgejo;
in
{
options.custom.services.forgejo = {
options.custom.web-services.forgejo = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/forgejo/ssh.nix
View file

@ -1,9 +1,9 @@
{ config, lib, ... }:
let
cfg = config.custom.services.forgejo.ssh;
cfg = config.custom.web-services.forgejo.ssh;
in
{
options.custom.services.forgejo.ssh = {
options.custom.web-services.forgejo.ssh = {
enable = lib.mkEnableOption "";
port = lib.mkOption {
type = lib.types.port;

4
modules/system/web-services/freshrss.nix
View file

@ -5,12 +5,12 @@
...
}:
let
cfg = config.custom.services.freshrss;
cfg = config.custom.web-services.freshrss;
inherit (config.services.freshrss) dataDir;
in
{
options.custom.services.freshrss = {
options.custom.web-services.freshrss = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

68
modules/system/web-services/gatus.nix
View file

@ -6,11 +6,11 @@
...
}:
let
cfg = config.custom.services.gatus;
cfg = config.custom.web-services.gatus;
dataDir = "/var/lib/gatus";
in
{
options.custom.services.gatus = {
options.custom.web-services.gatus = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;
@ -169,40 +169,38 @@ in
systemd.services.gatus.environment.GATUS_DELAY_START_SECONDS = "5";
custom = {
services = {
gatus.endpoints =
let
defaultEndpoints =
self.nixosConfigurations
|> lib.mapAttrs (_: value: value.config.meta.domains.local)
|> lib.concatMapAttrs (
hostName: domains:
domains
|> lib.filter (domain: domain != cfg.domain)
|> lib.map (
domain:
lib.nameValuePair (lib'.subdomainOf domain) {
inherit domain;
group = hostName;
}
)
|> lib.listToAttrs
);
in
lib.mkIf cfg.generateDefaultEndpoints (
defaultEndpoints
// {
"healthchecks.io" = {
group = "external";
domain = "hc-ping.com";
path = "/\${HEALTHCHECKS_PING_KEY}/${config.networking.hostName}-gatus-uptime?create=1";
interval = "2h";
};
}
);
web-services.gatus.endpoints =
let
defaultEndpoints =
self.nixosConfigurations
|> lib.mapAttrs (_: value: value.config.meta.domains.local)
|> lib.concatMapAttrs (
hostName: domains:
domains
|> lib.filter (domain: domain != cfg.domain)
|> lib.map (
domain:
lib.nameValuePair (lib'.subdomainOf domain) {
inherit domain;
group = hostName;
}
)
|> lib.listToAttrs
);
in
lib.mkIf cfg.generateDefaultEndpoints (
defaultEndpoints
// {
"healthchecks.io" = {
group = "external";
domain = "hc-ping.com";
path = "/\${HEALTHCHECKS_PING_KEY}/${config.networking.hostName}-gatus-uptime?create=1";
interval = "2h";
};
}
);
caddy.virtualHosts.${cfg.domain}.port = cfg.port;
};
services.caddy.virtualHosts.${cfg.domain}.port = cfg.port;
persistence.directories = [ dataDir ];
};

4
modules/system/web-services/grafana.nix
View file

@ -5,10 +5,10 @@
...
}:
let
cfg = config.custom.services.grafana;
cfg = config.custom.web-services.grafana;
in
{
options.custom.services.grafana = {
options.custom.web-services.grafana = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/it-tools.nix
View file

@ -5,10 +5,10 @@
...
}:
let
cfg = config.custom.services.it-tools;
cfg = config.custom.web-services.it-tools;
in
{
options.custom.services.it-tools = {
options.custom.web-services.it-tools = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/memos.nix
View file

@ -5,12 +5,12 @@
...
}:
let
cfg = config.custom.services.memos;
cfg = config.custom.web-services.memos;
dataDir = config.services.memos.settings.MEMOS_DATA;
in
{
options.custom.services.memos = {
options.custom.web-services.memos = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/ntfy.nix
View file

@ -1,9 +1,9 @@
{ config, lib, ... }:
let
cfg = config.custom.services.ntfy;
cfg = config.custom.web-services.ntfy;
in
{
options.custom.services.ntfy = {
options.custom.web-services.ntfy = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/outline.nix
View file

@ -5,10 +5,10 @@
...
}:
let
cfg = config.custom.services.outline;
cfg = config.custom.web-services.outline;
in
{
options.custom.services.outline = {
options.custom.web-services.outline = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/personal-blog.nix
View file

@ -5,12 +5,12 @@
...
}:
let
cfg = config.custom.services.personal-blog;
cfg = config.custom.web-services.personal-blog;
dataDir = "/var/lib/personal-blog";
in
{
options.custom.services.personal-blog = {
options.custom.web-services.personal-blog = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/privatebin.nix
View file

@ -1,9 +1,9 @@
{ config, lib, ... }:
let
cfg = config.custom.services.privatebin;
cfg = config.custom.web-services.privatebin;
in
{
options.custom.services.privatebin = {
options.custom.web-services.privatebin = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/radicale.nix
View file

@ -6,12 +6,12 @@
...
}:
let
cfg = config.custom.services.radicale;
cfg = config.custom.web-services.radicale;
dataDir = config.services.radicale.settings.storage.filesystem_folder;
in
{
options.custom.services.radicale = {
options.custom.web-services.radicale = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/stirling-pdf.nix
View file

@ -1,9 +1,9 @@
{ config, lib, ... }:
let
cfg = config.custom.services.stirling-pdf;
cfg = config.custom.web-services.stirling-pdf;
in
{
options.custom.services.stirling-pdf = {
options.custom.web-services.stirling-pdf = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/uptime-kuma.nix
View file

@ -1,9 +1,9 @@
{ config, lib, ... }:
let
cfg = config.custom.services.uptime-kuma;
cfg = config.custom.web-services.uptime-kuma;
in
{
options.custom.services.uptime-kuma = {
options.custom.web-services.uptime-kuma = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/victorialogs.nix
View file

@ -5,10 +5,10 @@
...
}:
let
cfg = config.custom.services.victorialogs;
cfg = config.custom.web-services.victorialogs;
in
{
options.custom.services.victorialogs = {
options.custom.web-services.victorialogs = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;

4
modules/system/web-services/victoriametrics.nix
View file

@ -5,10 +5,10 @@
...
}:
let
cfg = config.custom.services.victoriametrics;
cfg = config.custom.web-services.victoriametrics;
in
{
options.custom.services.victoriametrics = {
options.custom.web-services.victoriametrics = {
enable = lib.mkEnableOption "";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;