Refactor web services to use a unified web-services namespace

vps-public: Disable stirling-pdf
2026-01-21 15:11:34 +01:00 · 2025-12-28 19:33:56 +01:00 · 2025-12-28 19:12:08 +01:00
22 changed files with 103 additions and 108 deletions
--- a/hosts/vps-monitor/default.nix
+++ b/hosts/vps-monitor/default.nix
@ -20,16 +20,16 @@
    boot.loader.grub.enable = true;
-    services =
+    services.tailscale = {
      let
        tailscaleDomain = config.custom.services.tailscale.domain;
      in
      {
        tailscale = {
      enable = true;
      ssh.enable = true;
    };
    web-services =
      let
        tailscaleDomain = config.custom.services.tailscale.domain;
      in
      {
        gatus = {
          enable = true;
          domain = "status.${tailscaleDomain}";
--- a/hosts/vps-private/default.nix
+++ b/hosts/vps-private/default.nix
@ -13,23 +13,24 @@
    ports.validate = true;
  };
-  custom = {
+  custom =
    let
      tailscaleDomain = config.custom.services.tailscale.domain;
    in
    {
      persistence.enable = true;
      sops.enable = true;
      boot.loader.systemd-boot.enable = true;
-    services =
+      services = {
      let
        tailscaleDomain = config.custom.services.tailscale.domain;
      in
      {
        tailscale = {
          enable = true;
          ssh.enable = true;
          exitNode.enable = true;
        };
        nebula.node = {
          enable = true;
          address = "10.254.250.2";
@ -44,7 +45,9 @@
          deviceId = "5R2MH7T-Q2ZZS2P-ZMSQ2UJ-B6VBHES-XYLNMZ6-7FYC27L-4P7MGJ2-FY4ITQD";
          gui.domain = "syncthing.${tailscaleDomain}";
        };
      };
      web-services = {
        filebrowser = {
          enable = true;
          domain = "files.${tailscaleDomain}";
--- a/hosts/vps-public/default.nix
+++ b/hosts/vps-public/default.nix
@ -20,12 +20,7 @@
    boot.loader.systemd-boot.enable = true;
-    services =
+    services = {
      let
        sstorkDomain = "sstork.dev";
        sproutedDomain = "sprouted.cloud";
      in
      {
      tailscale = {
        enable = true;
        ssh.enable = true;
@ -36,6 +31,14 @@
        bouncers.firewall = true;
      };
    };
    web-services =
      let
        sstorkDomain = "sstork.dev";
        sproutedDomain = "sprouted.cloud";
      in
      {
        personal-blog = {
          enable = true;
          domain = sstorkDomain;
@ -59,15 +62,6 @@
          domain = "tools.${sproutedDomain}";
        };
        stirling-pdf = {
          enable = true;
          domain = "pdf.${sproutedDomain}";
          branding = {
            name = "Sprouted PDF";
            description = "Sprouted's one-stop-shop for all your PDF needs.";
          };
        };
        privatebin = {
          enable = true;
          domain = "pastebin.${sproutedDomain}";
--- a/modules/system/web-services/actualbudget.nix
+++ b/modules/system/web-services/actualbudget.nix
@ -1,11 +1,11 @@
 { config, lib, ... }:
 let
-  cfg = config.custom.services.actualbudget;
+  cfg = config.custom.web-services.actualbudget;
  inherit (config.services.actual.settings) dataDir;
 in
 {
-  options.custom.services.actualbudget = {
+  options.custom.web-services.actualbudget = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/alloy.nix
+++ b/modules/system/web-services/alloy.nix
@ -1,9 +1,9 @@
 { config, lib, ... }:
 let
-  cfg = config.custom.services.alloy;
+  cfg = config.custom.web-services.alloy;
 in
 {
-  options.custom.services.alloy = {
+  options.custom.web-services.alloy = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
@ -121,7 +121,7 @@ in
          text = ''
            prometheus.scrape "victorialogs" {
              targets = [{
-                __address__ = "localhost:${toString config.custom.services.victorialogs.port}",
+                __address__ = "localhost:${toString config.custom.web-services.victorialogs.port}",
                job         = "victorialogs",
                instance    = constants.hostname,
              }]
--- a/modules/system/web-services/filebrowser.nix
+++ b/modules/system/web-services/filebrowser.nix
@ -7,12 +7,12 @@
  ...
 }:
 let
-  cfg = config.custom.services.filebrowser;
+  cfg = config.custom.web-services.filebrowser;
  dataDir = "/var/lib/filebrowser";
 in
 {
-  options.custom.services.filebrowser = {
+  options.custom.web-services.filebrowser = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/forgejo/default.nix
+++ b/modules/system/web-services/forgejo/default.nix
@ -1,9 +1,9 @@
 { config, lib, ... }:
 let
-  cfg = config.custom.services.forgejo;
+  cfg = config.custom.web-services.forgejo;
 in
 {
-  options.custom.services.forgejo = {
+  options.custom.web-services.forgejo = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/forgejo/ssh.nix
+++ b/modules/system/web-services/forgejo/ssh.nix
@ -1,9 +1,9 @@
 { config, lib, ... }:
 let
-  cfg = config.custom.services.forgejo.ssh;
+  cfg = config.custom.web-services.forgejo.ssh;
 in
 {
-  options.custom.services.forgejo.ssh = {
+  options.custom.web-services.forgejo.ssh = {
    enable = lib.mkEnableOption "";
    port = lib.mkOption {
      type = lib.types.port;
--- a/modules/system/web-services/freshrss.nix
+++ b/modules/system/web-services/freshrss.nix
@ -5,12 +5,12 @@
  ...
 }:
 let
-  cfg = config.custom.services.freshrss;
+  cfg = config.custom.web-services.freshrss;
  inherit (config.services.freshrss) dataDir;
 in
 {
-  options.custom.services.freshrss = {
+  options.custom.web-services.freshrss = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/gatus.nix
+++ b/modules/system/web-services/gatus.nix
@ -6,11 +6,11 @@
  ...
 }:
 let
-  cfg = config.custom.services.gatus;
+  cfg = config.custom.web-services.gatus;
  dataDir = "/var/lib/gatus";
 in
 {
-  options.custom.services.gatus = {
+  options.custom.web-services.gatus = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
@ -169,8 +169,7 @@ in
    systemd.services.gatus.environment.GATUS_DELAY_START_SECONDS = "5";
    custom = {
-      services = {
+      web-services.gatus.endpoints =
        gatus.endpoints =
        let
          defaultEndpoints =
            self.nixosConfigurations
@ -201,8 +200,7 @@ in
          }
        );
-        caddy.virtualHosts.${cfg.domain}.port = cfg.port;
+      services.caddy.virtualHosts.${cfg.domain}.port = cfg.port;
      };
      persistence.directories = [ dataDir ];
    };
--- a/modules/system/web-services/grafana.nix
+++ b/modules/system/web-services/grafana.nix
@ -5,10 +5,10 @@
  ...
 }:
 let
-  cfg = config.custom.services.grafana;
+  cfg = config.custom.web-services.grafana;
 in
 {
-  options.custom.services.grafana = {
+  options.custom.web-services.grafana = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/it-tools.nix
+++ b/modules/system/web-services/it-tools.nix
@ -5,10 +5,10 @@
  ...
 }:
 let
-  cfg = config.custom.services.it-tools;
+  cfg = config.custom.web-services.it-tools;
 in
 {
-  options.custom.services.it-tools = {
+  options.custom.web-services.it-tools = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/memos.nix
+++ b/modules/system/web-services/memos.nix
@ -5,12 +5,12 @@
  ...
 }:
 let
-  cfg = config.custom.services.memos;
+  cfg = config.custom.web-services.memos;
  dataDir = config.services.memos.settings.MEMOS_DATA;
 in
 {
-  options.custom.services.memos = {
+  options.custom.web-services.memos = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/ntfy.nix
+++ b/modules/system/web-services/ntfy.nix
@ -1,9 +1,9 @@
 { config, lib, ... }:
 let
-  cfg = config.custom.services.ntfy;
+  cfg = config.custom.web-services.ntfy;
 in
 {
-  options.custom.services.ntfy = {
+  options.custom.web-services.ntfy = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/outline.nix
+++ b/modules/system/web-services/outline.nix
@ -5,10 +5,10 @@
  ...
 }:
 let
-  cfg = config.custom.services.outline;
+  cfg = config.custom.web-services.outline;
 in
 {
-  options.custom.services.outline = {
+  options.custom.web-services.outline = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/personal-blog.nix
+++ b/modules/system/web-services/personal-blog.nix
@ -5,12 +5,12 @@
  ...
 }:
 let
-  cfg = config.custom.services.personal-blog;
+  cfg = config.custom.web-services.personal-blog;
  dataDir = "/var/lib/personal-blog";
 in
 {
-  options.custom.services.personal-blog = {
+  options.custom.web-services.personal-blog = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/privatebin.nix
+++ b/modules/system/web-services/privatebin.nix
@ -1,9 +1,9 @@
 { config, lib, ... }:
 let
-  cfg = config.custom.services.privatebin;
+  cfg = config.custom.web-services.privatebin;
 in
 {
-  options.custom.services.privatebin = {
+  options.custom.web-services.privatebin = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/radicale.nix
+++ b/modules/system/web-services/radicale.nix
@ -6,12 +6,12 @@
  ...
 }:
 let
-  cfg = config.custom.services.radicale;
+  cfg = config.custom.web-services.radicale;
  dataDir = config.services.radicale.settings.storage.filesystem_folder;
 in
 {
-  options.custom.services.radicale = {
+  options.custom.web-services.radicale = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/stirling-pdf.nix
+++ b/modules/system/web-services/stirling-pdf.nix
@ -1,9 +1,9 @@
 { config, lib, ... }:
 let
-  cfg = config.custom.services.stirling-pdf;
+  cfg = config.custom.web-services.stirling-pdf;
 in
 {
-  options.custom.services.stirling-pdf = {
+  options.custom.web-services.stirling-pdf = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/uptime-kuma.nix
+++ b/modules/system/web-services/uptime-kuma.nix
@ -1,9 +1,9 @@
 { config, lib, ... }:
 let
-  cfg = config.custom.services.uptime-kuma;
+  cfg = config.custom.web-services.uptime-kuma;
 in
 {
-  options.custom.services.uptime-kuma = {
+  options.custom.web-services.uptime-kuma = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/victorialogs.nix
+++ b/modules/system/web-services/victorialogs.nix
@ -5,10 +5,10 @@
  ...
 }:
 let
-  cfg = config.custom.services.victorialogs;
+  cfg = config.custom.web-services.victorialogs;
 in
 {
-  options.custom.services.victorialogs = {
+  options.custom.web-services.victorialogs = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
--- a/modules/system/web-services/victoriametrics.nix
+++ b/modules/system/web-services/victoriametrics.nix
@ -5,10 +5,10 @@
  ...
 }:
 let
-  cfg = config.custom.services.victoriametrics;
+  cfg = config.custom.web-services.victoriametrics;
 in
 {
-  options.custom.services.victoriametrics = {
+  options.custom.web-services.victoriametrics = {
    enable = lib.mkEnableOption "";
    domain = lib.mkOption {
      type = lib.types.nonEmptyStr;
Author	SHA1	Message	Date
SebastianStork	02846ab16f	Refactor web services to use a unified `web-services` namespace	2025-12-28 19:33:56 +01:00
SebastianStork	308ee43ec4	vps-public: Disable stirling-pdf	2025-12-28 19:12:08 +01:00