will-holdsworth/dots
1
1
Fork 0
Code Issues 22 Pull requests Projects 1 Releases Packages Wiki Activity Actions 1

reduce reliance on feature variable

Browse source
This commit is contained in:
wi11-holdsworth 2025-07-29 15:03:00 +10:00
parent 924d87e1c0
commit f99185cd13
24 changed files with 82 additions and 82 deletions
Download patch file Download diff file Expand all files Collapse all files

19
modules/nixos/features/copyparty.nix
View file

@ -13,17 +13,9 @@ in
imports = [ inputs.copyparty.nixosModules.default ];
config = lib.mkIf config.${feature}.enable {
environment.systemPackages = [ pkgs.copyparty ];
nixpkgs.overlays = [ inputs.copyparty.overlays.default ];
age.secrets."copyparty-will" = {
file = ../../../secrets/copyparty-will.age;
owner = "copyparty";
};
services = {
# service
${feature} = {
copyparty = {
enable = true;
settings = {
z = true;
@ -62,6 +54,15 @@ in
};
};
};
# secrets
age.secrets."copyparty-will" = {
file = ../../../secrets/copyparty-will.age;
owner = "copyparty";
};
environment.systemPackages = [ pkgs.copyparty ];
nixpkgs.overlays = [ inputs.copyparty.overlays.default ];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";

2
modules/nixos/features/couchdb.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable {
services = {
# service
${feature} = {
couchdb = {
enable = true;
databaseDir = "/srv/couchdb";
viewIndexDir = "/srv/couchdb";

2
modules/nixos/features/direnv.nix
View file

@ -7,7 +7,7 @@ let
feature = "direnv";
in
{
config = lib.mkIf config.${feature}.enable { programs.${feature}.enable = true; };
config = lib.mkIf config.${feature}.enable { programs.direnv.enable = true; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

2
modules/nixos/features/flaresolverr.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable {
services = {
# service
${feature} = {
flaresolverr = {
enable = true;
port = lib.toInt port;
};

11
modules/nixos/features/homepage-dashboard.nix
View file

@ -33,15 +33,12 @@ let
in
{
config = lib.mkIf config.${feature}.enable {
system.activationScripts = insertSecrets secrets;
age.secrets = genSecrets secrets;
services = {
# service
${feature} = {
homepage-dashboard = {
enable = true;
listenPort = lib.toInt port;
allowedHosts = "${feature}.fi33.buzz";
allowedHosts = "homepage-dashboard.fi33.buzz";
services = [
{
"Media Management" = [
@ -275,6 +272,10 @@ in
};
};
};
# secrets
age.secrets = genSecrets secrets;
system.activationScripts = insertSecrets secrets;
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";

30
modules/nixos/features/immich.nix
View file

@ -9,22 +9,22 @@ let
in
{
config = lib.mkIf config.${feature}.enable {
services.${feature} = {
enable = true;
port = builtins.fromJSON "${port}";
mediaLocation = "/srv/${feature}";
};
services = {
immich = {
enable = true;
port = builtins.fromJSON "${port}";
mediaLocation = "/srv/immich";
};
# reverse proxy
services.nginx = {
clientMaxBodySize = "50000M";
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://[::1]:${port}";
proxyWebsockets = true;
nginx = {
clientMaxBodySize = "50000M";
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://[::1]:${port}";
proxyWebsockets = true;
};
};
};
};

2
modules/nixos/features/jellyfin.nix
View file

@ -12,7 +12,7 @@ in
config = lib.mkIf config.${feature}.enable {
services = {
# service
${feature} = {
jellyfin = {
enable = true;
dataDir = "/srv/jellyfin";
group = "media";

2
modules/nixos/features/lidarr.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable {
services = {
# service
${feature} = {
lidarr = {
enable = true;
dataDir = "/srv/lidarr";
settings.server.port = lib.toInt port;

8
modules/nixos/features/miniflux.nix
View file

@ -9,11 +9,9 @@ let
in
{
config = lib.mkIf config.${feature}.enable {
age.secrets.miniflux-creds.file = ../../../secrets/miniflux-creds.age;
services = {
# service
${feature} = {
miniflux = {
enable = true;
adminCredentialsFile = config.age.secrets.miniflux-creds.path;
config = {
@ -34,6 +32,10 @@ in
};
};
};
# secrets
age.secrets."miniflux-creds".file = ../../../secrets/miniflux-creds.age;
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";

15
modules/nixos/features/nginx.nix
View file

@ -8,11 +8,7 @@ let
in
{
config = lib.mkIf config.${feature}.enable {
age.secrets."porkbun-api" = {
file = ../../../secrets/porkbun-api.age;
};
services.${feature} = {
services.nginx = {
enable = true;
recommendedProxySettings = true;
@ -33,14 +29,19 @@ in
certs."fi33.buzz" = {
domain = "fi33.buzz";
extraDomainNames = [ "*.fi33.buzz" ];
group = "${feature}";
group = "nginx";
dnsProvider = "porkbun";
dnsPropagationCheck = true;
credentialsFile = config.age.secrets."porkbun-api".path;
};
};
users.users.${feature}.extraGroups = [ "acme" ];
# secrets
age.secrets."porkbun-api" = {
file = ../../../secrets/porkbun-api.age;
};
users.users.nginx.extraGroups = [ "acme" ];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";

2
modules/nixos/features/nh.nix
View file

@ -9,7 +9,7 @@ let
in
{
config = lib.mkIf config.${feature}.enable {
programs.${feature} = {
programs.nh = {
enable = true;
# clean.enable = true;
flake = "/home/${userName}/.dots";

2
modules/nixos/features/nixvim.nix
View file

@ -10,7 +10,7 @@ in
{
config = lib.mkIf config.${feature}.enable {
environment.variables.EDITOR = "nvim";
programs.${feature} = {
programs.nixvim = {
enable = true;
opts = {
shiftwidth = 2;

4
modules/nixos/features/ntfy-sh.nix
View file

@ -11,10 +11,10 @@ in
config = lib.mkIf config.${feature}.enable {
services = {
# service
${feature} = {
ntfy-sh = {
enable = true;
settings = {
base-url = "https://${feature}.fi33.buzz";
base-url = "https://ntfy-sh.fi33.buzz";
listen-http = ":${port}";
behind-proxy = true;
};

7
modules/nixos/features/paperless.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable {
services = {
# service
${feature} = {
paperless = {
enable = true;
dataDir = "/srv/paperless";
database.createLocally = true;
@ -35,7 +35,10 @@ in
};
};
age.secrets.paperless.file = ../../../secrets/paperless.age;
age.secrets."paperless" = {
file = ../../../secrets/paperless.age;
owner = "paperless";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";

2
modules/nixos/features/pipewire.nix
View file

@ -15,7 +15,5 @@ in
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

2
modules/nixos/features/plasma.nix
View file

@ -13,7 +13,5 @@ in
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

2
modules/nixos/features/prowlarr.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable {
services = {
# service
${feature} = {
prowlarr = {
enable = true;
dataDir = "/srv/prowlarr";
settings.server.port = lib.toInt port;

2
modules/nixos/features/radarr.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable {
services = {
# service
${feature} = {
radarr = {
enable = true;
dataDir = "/srv/radarr";
settings.server.port = lib.toInt port;

2
modules/nixos/features/sonarr.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable {
services = {
# service
${feature} = {
sonarr = {
enable = true;
dataDir = "/srv/sonarr";
settings.server.port = lib.toInt port;

2
modules/nixos/features/systemd-boot.nix
View file

@ -10,7 +10,5 @@ in
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

4
modules/nixos/features/tailscale.nix
View file

@ -8,9 +8,7 @@ let
in
{
config = lib.mkIf config.${feature}.enable {
services = {
${feature}.enable = true;
};
services.tailscale.enable = true;
networking.firewall.trustedInterfaces = [ "tailscale0" ];
};

34
modules/nixos/features/vaultwarden.nix
View file

@ -10,18 +10,20 @@ let
in
{
config = lib.mkIf config.${feature}.enable {
services.${feature} = {
enable = true;
backupDir = "/srv/${feature}";
config = {
rocketPort = "${port}";
domain = "https://${feature}.fi33.buzz";
signupsAllowed = false;
invitationsAllowed = false;
showPasswordHint = false;
useSyslog = true;
extendedLogging = true;
adminTokenFile = "${config.age.secrets.vaultwarden-admin.path}";
services = {
vaultwarden = {
enable = true;
backupDir = "/srv/vaultwarden";
config = {
rocketPort = "${port}";
domain = "https://vaultwarden.fi33.buzz";
signupsAllowed = false;
invitationsAllowed = false;
showPasswordHint = false;
useSyslog = true;
extendedLogging = true;
adminTokenFile = "${config.age.secrets.vaultwarden-admin.path}";
};
};
};
@ -36,11 +38,9 @@ in
};
# secrets
age.secrets = {
"vaultwarden-admin" = {
file = ../../../secrets/vaultwarden-admin.age;
owner = "${feature}";
};
age.secrets."vaultwarden-admin" = {
file = ../../../secrets/vaultwarden-admin.age;
owner = "vaultwarden";
};
};

4
modules/nixos/features/vscode-server.nix
View file

@ -8,9 +8,9 @@ let
feature = "vscode-server";
in
{
config = lib.mkIf config.${feature}.enable { services.${feature}.enable = true; };
config = lib.mkIf config.${feature}.enable { services.vscode-server.enable = true; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
imports = [ inputs.${feature}.nixosModules.default ];
imports = [ inputs.vscode-server.nixosModules.default ];
}

2
modules/templates/web-feature.nix
View file

@ -7,7 +7,7 @@ in
config = lib.mkIf config.${feature}.enable {
services = {
# service
${feature} = {
feature = {
enable = true;
};