will-holdsworth/dots
1
1
Fork 0
Code Issues 22 Pull requests Projects 1 Releases Packages Wiki Activity Actions 1

reduce reliance on feature variable

Browse source
This commit is contained in:
wi11-holdsworth 2025-07-29 15:03:00 +10:00
parent 924d87e1c0
commit f99185cd13
24 changed files with 82 additions and 82 deletions
Download patch file Download diff file Expand all files Collapse all files

19
modules/nixos/features/copyparty.nix
View file

@ -13,17 +13,9 @@ in
imports = [ inputs.copyparty.nixosModules.default ]; imports = [ inputs.copyparty.nixosModules.default ];
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
environment.systemPackages = [ pkgs.copyparty ];
nixpkgs.overlays = [ inputs.copyparty.overlays.default ];
age.secrets."copyparty-will" = {
file = ../../../secrets/copyparty-will.age;
owner = "copyparty";
};
services = { services = {
# service # service
${feature} = { copyparty = {
enable = true; enable = true;
settings = { settings = {
z = true; z = true;
@ -62,6 +54,15 @@ in
}; };
}; };
}; };
# secrets
age.secrets."copyparty-will" = {
file = ../../../secrets/copyparty-will.age;
owner = "copyparty";
};
environment.systemPackages = [ pkgs.copyparty ];
nixpkgs.overlays = [ inputs.copyparty.overlays.default ];
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";

2
modules/nixos/features/couchdb.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services = { services = {
# service # service
${feature} = { couchdb = {
enable = true; enable = true;
databaseDir = "/srv/couchdb"; databaseDir = "/srv/couchdb";
viewIndexDir = "/srv/couchdb"; viewIndexDir = "/srv/couchdb";

2
modules/nixos/features/direnv.nix
View file

@ -7,7 +7,7 @@ let
feature = "direnv"; feature = "direnv";
in in
{ {
config = lib.mkIf config.${feature}.enable { programs.${feature}.enable = true; }; config = lib.mkIf config.${feature}.enable { programs.direnv.enable = true; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

2
modules/nixos/features/flaresolverr.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services = { services = {
# service # service
${feature} = { flaresolverr = {
enable = true; enable = true;
port = lib.toInt port; port = lib.toInt port;
}; };

11
modules/nixos/features/homepage-dashboard.nix
View file

@ -33,15 +33,12 @@ let
in in
{ {
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
system.activationScripts = insertSecrets secrets;
age.secrets = genSecrets secrets;
services = { services = {
# service # service
${feature} = { homepage-dashboard = {
enable = true; enable = true;
listenPort = lib.toInt port; listenPort = lib.toInt port;
allowedHosts = "${feature}.fi33.buzz"; allowedHosts = "homepage-dashboard.fi33.buzz";
services = [ services = [
{ {
"Media Management" = [ "Media Management" = [
@ -275,6 +272,10 @@ in
}; };
}; };
}; };
# secrets
age.secrets = genSecrets secrets;
system.activationScripts = insertSecrets secrets;
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";

10
modules/nixos/features/immich.nix
View file

@ -9,16 +9,15 @@ let
in in
{ {
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services.${feature} = { services = {
immich = {
enable = true; enable = true;
port = builtins.fromJSON "${port}"; port = builtins.fromJSON "${port}";
mediaLocation = "/srv/${feature}"; mediaLocation = "/srv/immich";
}; };
# reverse proxy nginx = {
services.nginx = {
clientMaxBodySize = "50000M"; clientMaxBodySize = "50000M";
virtualHosts."${feature}.fi33.buzz" = { virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true; forceSSL = true;
useACMEHost = "fi33.buzz"; useACMEHost = "fi33.buzz";
@ -29,6 +28,7 @@ in
}; };
}; };
}; };
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

2
modules/nixos/features/jellyfin.nix
View file

@ -12,7 +12,7 @@ in
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services = { services = {
# service # service
${feature} = { jellyfin = {
enable = true; enable = true;
dataDir = "/srv/jellyfin"; dataDir = "/srv/jellyfin";
group = "media"; group = "media";

2
modules/nixos/features/lidarr.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services = { services = {
# service # service
${feature} = { lidarr = {
enable = true; enable = true;
dataDir = "/srv/lidarr"; dataDir = "/srv/lidarr";
settings.server.port = lib.toInt port; settings.server.port = lib.toInt port;

8
modules/nixos/features/miniflux.nix
View file

@ -9,11 +9,9 @@ let
in in
{ {
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
age.secrets.miniflux-creds.file = ../../../secrets/miniflux-creds.age;
services = { services = {
# service # service
${feature} = { miniflux = {
enable = true; enable = true;
adminCredentialsFile = config.age.secrets.miniflux-creds.path; adminCredentialsFile = config.age.secrets.miniflux-creds.path;
config = { config = {
@ -34,6 +32,10 @@ in
}; };
}; };
}; };
# secrets
age.secrets."miniflux-creds".file = ../../../secrets/miniflux-creds.age;
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";

15
modules/nixos/features/nginx.nix
View file

@ -8,11 +8,7 @@ let
in in
{ {
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
age.secrets."porkbun-api" = { services.nginx = {
file = ../../../secrets/porkbun-api.age;
};
services.${feature} = {
enable = true; enable = true;
recommendedProxySettings = true; recommendedProxySettings = true;
@ -33,14 +29,19 @@ in
certs."fi33.buzz" = { certs."fi33.buzz" = {
domain = "fi33.buzz"; domain = "fi33.buzz";
extraDomainNames = [ "*.fi33.buzz" ]; extraDomainNames = [ "*.fi33.buzz" ];
group = "${feature}"; group = "nginx";
dnsProvider = "porkbun"; dnsProvider = "porkbun";
dnsPropagationCheck = true; dnsPropagationCheck = true;
credentialsFile = config.age.secrets."porkbun-api".path; credentialsFile = config.age.secrets."porkbun-api".path;
}; };
}; };
users.users.${feature}.extraGroups = [ "acme" ]; # secrets
age.secrets."porkbun-api" = {
file = ../../../secrets/porkbun-api.age;
};
users.users.nginx.extraGroups = [ "acme" ];
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";

2
modules/nixos/features/nh.nix
View file

@ -9,7 +9,7 @@ let
in in
{ {
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
programs.${feature} = { programs.nh = {
enable = true; enable = true;
# clean.enable = true; # clean.enable = true;
flake = "/home/${userName}/.dots"; flake = "/home/${userName}/.dots";

2
modules/nixos/features/nixvim.nix
View file

@ -10,7 +10,7 @@ in
{ {
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
environment.variables.EDITOR = "nvim"; environment.variables.EDITOR = "nvim";
programs.${feature} = { programs.nixvim = {
enable = true; enable = true;
opts = { opts = {
shiftwidth = 2; shiftwidth = 2;

4
modules/nixos/features/ntfy-sh.nix
View file

@ -11,10 +11,10 @@ in
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services = { services = {
# service # service
${feature} = { ntfy-sh = {
enable = true; enable = true;
settings = { settings = {
base-url = "https://${feature}.fi33.buzz"; base-url = "https://ntfy-sh.fi33.buzz";
listen-http = ":${port}"; listen-http = ":${port}";
behind-proxy = true; behind-proxy = true;
}; };

7
modules/nixos/features/paperless.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services = { services = {
# service # service
${feature} = { paperless = {
enable = true; enable = true;
dataDir = "/srv/paperless"; dataDir = "/srv/paperless";
database.createLocally = true; database.createLocally = true;
@ -35,7 +35,10 @@ in
}; };
}; };
age.secrets.paperless.file = ../../../secrets/paperless.age; age.secrets."paperless" = {
file = ../../../secrets/paperless.age;
owner = "paperless";
};
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";

2
modules/nixos/features/pipewire.nix
View file

@ -15,7 +15,5 @@ in
}; };
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

2
modules/nixos/features/plasma.nix
View file

@ -13,7 +13,5 @@ in
}; };
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

2
modules/nixos/features/prowlarr.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services = { services = {
# service # service
${feature} = { prowlarr = {
enable = true; enable = true;
dataDir = "/srv/prowlarr"; dataDir = "/srv/prowlarr";
settings.server.port = lib.toInt port; settings.server.port = lib.toInt port;

2
modules/nixos/features/radarr.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services = { services = {
# service # service
${feature} = { radarr = {
enable = true; enable = true;
dataDir = "/srv/radarr"; dataDir = "/srv/radarr";
settings.server.port = lib.toInt port; settings.server.port = lib.toInt port;

2
modules/nixos/features/sonarr.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services = { services = {
# service # service
${feature} = { sonarr = {
enable = true; enable = true;
dataDir = "/srv/sonarr"; dataDir = "/srv/sonarr";
settings.server.port = lib.toInt port; settings.server.port = lib.toInt port;

2
modules/nixos/features/systemd-boot.nix
View file

@ -10,7 +10,5 @@ in
}; };
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

4
modules/nixos/features/tailscale.nix
View file

@ -8,9 +8,7 @@ let
in in
{ {
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services = { services.tailscale.enable = true;
${feature}.enable = true;
};
networking.firewall.trustedInterfaces = [ "tailscale0" ]; networking.firewall.trustedInterfaces = [ "tailscale0" ];
}; };

14
modules/nixos/features/vaultwarden.nix
View file

@ -10,12 +10,13 @@ let
in in
{ {
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services.${feature} = { services = {
vaultwarden = {
enable = true; enable = true;
backupDir = "/srv/${feature}"; backupDir = "/srv/vaultwarden";
config = { config = {
rocketPort = "${port}"; rocketPort = "${port}";
domain = "https://${feature}.fi33.buzz"; domain = "https://vaultwarden.fi33.buzz";
signupsAllowed = false; signupsAllowed = false;
invitationsAllowed = false; invitationsAllowed = false;
showPasswordHint = false; showPasswordHint = false;
@ -24,6 +25,7 @@ in
adminTokenFile = "${config.age.secrets.vaultwarden-admin.path}"; adminTokenFile = "${config.age.secrets.vaultwarden-admin.path}";
}; };
}; };
};
# reverse proxy # reverse proxy
services.nginx.virtualHosts."${feature}.fi33.buzz" = { services.nginx.virtualHosts."${feature}.fi33.buzz" = {
@ -36,11 +38,9 @@ in
}; };
# secrets # secrets
age.secrets = { age.secrets."vaultwarden-admin" = {
"vaultwarden-admin" = {
file = ../../../secrets/vaultwarden-admin.age; file = ../../../secrets/vaultwarden-admin.age;
owner = "${feature}"; owner = "vaultwarden";
};
}; };
}; };

4
modules/nixos/features/vscode-server.nix
View file

@ -8,9 +8,9 @@ let
feature = "vscode-server"; feature = "vscode-server";
in in
{ {
config = lib.mkIf config.${feature}.enable { services.${feature}.enable = true; }; config = lib.mkIf config.${feature}.enable { services.vscode-server.enable = true; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
imports = [ inputs.${feature}.nixosModules.default ]; imports = [ inputs.vscode-server.nixosModules.default ];
} }

2
modules/templates/web-feature.nix
View file

@ -7,7 +7,7 @@ in
config = lib.mkIf config.${feature}.enable { config = lib.mkIf config.${feature}.enable {
services = { services = {
# service # service
${feature} = { feature = {
enable = true; enable = true;
}; };