diff options
| author | spl3g <notspl3g@duck.com> | 2026-03-18 18:01:41 +0300 |
|---|---|---|
| committer | spl3g <notspl3g@duck.com> | 2026-03-18 18:01:59 +0300 |
| commit | 03648b3d9f177227df40129bed22558f6924b91c (patch) | |
| tree | 8a22eda142beeafd9002a8d5901ba9428a77ad52 /nixos/serverModules | |
| parent | dc19a2b583b3ab50d8e36ff0a90ca633495f675f (diff) | |
so.. v2 i guess
Diffstat (limited to 'nixos/serverModules')
| -rw-r--r-- | nixos/serverModules/directories.nix | 90 | ||||
| -rw-r--r-- | nixos/serverModules/gonic.nix | 95 | ||||
| -rw-r--r-- | nixos/serverModules/nfs.nix | 112 | ||||
| -rw-r--r-- | nixos/serverModules/nginx.nix | 136 |
4 files changed, 0 insertions, 433 deletions
diff --git a/nixos/serverModules/directories.nix b/nixos/serverModules/directories.nix deleted file mode 100644 index f5c769f..0000000 --- a/nixos/serverModules/directories.nix +++ /dev/null @@ -1,90 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.createPaths; - pathAttrsToListRec = pathsAttrSet: parentPath: parentConfig: - lib.flatten (lib.mapAttrsToList (path: config: let - filteredConfig = lib.filterAttrs (n: v: v != null) (builtins.removeAttrs config ["subPaths"]); - out = - { - path = - if parentPath == "" - then path - else parentPath + "/" + path; - } - // parentConfig // filteredConfig; - in - if config ? subPaths - then [out] ++ (pathAttrsToListRec config.subPaths path filteredConfig) - else [out]) - pathsAttrSet); - pathConfig = { - options = { - group = mkOption { - type = types.nullOr types.str; - default = null; - }; - owner = mkOption { - type = types.nullOr types.str; - default = null; - }; - permissions = mkOption { - type = types.nullOr types.str; - default = null; - }; - subPaths = mkOption { - type = types.attrsOf (types.submodule pathConfig); - default = {}; - }; - }; - }; - pathList = pathAttrsToListRec cfg "" {}; -in rec { - options = { - createPaths = mkOption { - type = types.attrsOf (types.submodule { - options = { - group = mkOption { - type = types.nullOr types.str; - default = null; - }; - owner = mkOption { - type = types.nullOr types.str; - default = null; - }; - permissions = mkOption { - type = types.nullOr types.str; - default = null; - }; - subPaths = mkOption { - type = types.attrsOf (types.submodule pathConfig); - default = {}; - description = '' - SubPaths to create using systemd tmpfiles. - ''; - }; - }; - }); - default = {}; - description = '' - Paths to create using systemd tmpfiles. - ''; - }; - }; - - config = mkIf (cfg != {}) { - systemd.tmpfiles.rules = - map - (dir: "d ${dir.path} ${dir.permissions} ${dir.owner} ${dir.group}") - pathList; - - users = let - extraGroups = map (path: path.group) pathList; - in { - groups = genAttrs extraGroups (group: {}); - }; - }; -} diff --git a/nixos/serverModules/gonic.nix b/nixos/serverModules/gonic.nix deleted file mode 100644 index 6bdf984..0000000 --- a/nixos/serverModules/gonic.nix +++ /dev/null @@ -1,95 +0,0 @@ -{ config, lib, pkgs, ... }: -with lib; -let - cfg = config.gonic; -in -{ - options = { - gonic = { - enable = mkEnableOption "enable gonic configuration"; - - listenAddr = mkOption { - type = types.str; - default = "127.0.0.1:4747"; - description = '' - Address that gonic will listen on. - ''; - }; - - extraGroups = mkOption { - type = types.listOf (types.str); - default = []; - description = '' - Additional groups for gonic. - ''; - }; - - musicPaths = mkOption { - type = types.listOf (types.str); - description = '' - Directories with music in it. - ''; - }; - - podcastsPath = mkOption { - type = types.str; - default = "${cfg.stateDir}/podcasts"; - description = '' - Directory for podcasts. - ''; - }; - - playlistsPath = mkOption { - type = types.str; - default = "${cfg.stateDir}/playlists"; - description = '' - Directory for playlists. - ''; - }; - - stateDir = mkOption { - type = types.str; - default = "/var/lib/gonic"; - description = '' - A directory where gonic will keep their files. - ''; - }; - - settings = mkOption { - default = {}; - description = '' - Additional gonic settings - ''; - }; - }; - }; - - config = mkIf cfg.enable { - nixpkgs.overlays = [ - (final: prev: { - ffmpeg = prev.ffmpeg-headless; - }) - ]; - - systemd.services.gonic.serviceConfig = { - SupplementaryGroups = cfg.extraGroups; - }; - - systemd.tmpfiles.rules = [ - "d ${cfg.stateDir} 0755 nobody nogroup" - "d ${cfg.podcastsPath} 0755 nobody nogroup" - "d ${cfg.playlistsPath} 0755 nobody nogroup" - ]; - - services.gonic = { - enable = true; - settings = { - listen-addr = cfg.listenAddr; - music-path = cfg.musicPaths; - playlists-path = [cfg.podcastsPath]; - podcast-path = [cfg.playlistsPath]; - db-path = ["${cfg.stateDir}/gonic.db"]; - } // cfg.settings; - }; - }; -} diff --git a/nixos/serverModules/nfs.nix b/nixos/serverModules/nfs.nix deleted file mode 100644 index f8186b6..0000000 --- a/nixos/serverModules/nfs.nix +++ /dev/null @@ -1,112 +0,0 @@ -{ config, lib, ... }: -with lib; -let - cfg = config.nfs; -in -{ - options = { - nfs.server = mkOption { - description = '' - NFS server configuration. - ''; - default = { enable = false; }; - type = types.submodule { - options = { - enable = mkEnableOption "Enable nfs server"; - exportsPath = mkOption { - type = types.str; - default = "/export"; - description = '' - A path to the dir, where exports will be binded. - ''; - }; - - defaultExportIps = mkOption { - type = types.listOf (types.str); - description = '' - A list of ip addresses, that will be used as default in exportDirs - ''; - }; - - defaultExportParams = mkOption { - type = types.str; - default = "rw,nohide,insecure,no_subtree_check"; - description = '' - Params, that will be used as default in exportDirs - ''; - }; - - exportDirs = mkOption { - description = '' - A list of directories to export. - ''; - type = types.listOf (types.submodule { - options = { - path = mkOption { - type = types.str; - description = '' - A path to the directory to export. - ''; - }; - exportPath = mkOption { - type = types.str; - default = ""; - description = '' - A path that will be binded to the export directory in the exportsPath. - ''; - }; - ips = mkOption { - type = types.listOf (types.str); - default = cfg.server.defaultExportIps; - description = '' - A list of ip addresses to export the dir to. - ''; - }; - params = mkOption { - type = types.str; - default = cfg.server.defaultExportParams; - description = '' - Params for the ip addresses. - ''; - }; - }; - }); - }; - }; - }; - }; - }; - - config = mkIf cfg.server.enable { - services.nfs.server = { - enable = true; - exports = "${cfg.server.exportsPath} ${concatMapStrings (ip: "${ip}(rw,fsid=0,no_subtree_check) ") cfg.server.defaultExportIps}\n" - + concatMapStrings - (dir: - let - ips = concatMapStrings (ip: "${ip}(${dir.params}) ") dir.ips; - exportPath = if dir.exportPath != "" then dir.exportPath else - baseNameOf dir.path; - in "${cfg.server.exportsPath}/${exportPath} ${ips}\n") - cfg.server.exportDirs; - }; - - systemd.tmpfiles.rules = [ - "d ${cfg.server.exportsPath} 0744 nobody nogroup" - ]; - - fileSystems = listToAttrs (map (exportDir: - let - exportPath = if exportDir.exportPath != "" then exportDir.exportPath else - baseNameOf exportDir.path; - fullExportPath = "${cfg.server.exportsPath}/${exportPath}"; - in - { - name = fullExportPath; - value = { - device = exportDir.path; - options = ["bind"]; - }; - }) cfg.server.exportDirs); - }; -} diff --git a/nixos/serverModules/nginx.nix b/nixos/serverModules/nginx.nix deleted file mode 100644 index 9e249d9..0000000 --- a/nixos/serverModules/nginx.nix +++ /dev/null @@ -1,136 +0,0 @@ -{ pkgs, config, lib, ... }: -with lib; -let - vhostOptions = import (pkgs.path + "/nixos/modules/services/web-servers/nginx/vhost-options.nix"); - locationOptions = import (pkgs.path + "/nixos/modules/services/web-servers/nginx/location-options.nix"); - nginxOptions = import (pkgs.path + "/nixos/modules/services/web-servers/nginx/default.nix"); - cfg = config.nginx; -in -{ - options.nginx = { - enable = mkEnableOption "Enable nginx"; - - domain = mkOption { - type = types.str; - description = '' - Domain to use with subdomains - ''; - }; - - recommendedProxySettings = mkOption { - type = types.bool; - default = true; - description = '' - Enables global recommended proxy settings - ''; - }; - - subdomains = mkOption { - type = types.attrsOf (types.submodule (locationOptions { inherit config lib; })); - description = '' - Subdomains with nginx virtualHosts configuration - ''; - }; - - extraVirtualHosts = mkOption { - type = types.attrsOf (types.submodule (vhostOptions { inherit config lib; })); - default = {}; - }; - - home = { - virtualHosts = mkOption { - type = types.attrsOf (types.submodule (vhostOptions { inherit config lib; })); - default = {}; - description = '' - Virtual hosts from another nginx configuration, that will be used to decrypt ssl and forward traffic to another server. - Make sure that the connection between the two is secure. - ''; - }; - - subdomains = mkOption { - type = types.attrsOf (types.submodule (locationOptions { inherit config lib; })); - default = {}; - description = '' - Subdomains from another nginx configuration, that will be used to decrypt ssl and forward traffic to another server. - Make sure that the connection between the two is secure. - ''; - }; - - domain = mkOption { - type = types.str; - default = cfg.domain; - description = '' - Home domain, if no domain provided, the current will be used; - ''; - }; - - url = mkOption { - type = types.str; - default = ""; - description = '' - Url that requests would be passed to; - ''; - }; - }; - - acme = { - enable = mkEnableOption "enable acme certs"; - email = mkOption { - type = types.str; - default = "notspl3g+acme@duck.com"; - }; - }; - - extraConfig = mkOption { - type = types.attrsOf (types.submodule nginxOptions); - default = {}; - description = '' - Extra nginx config. - ''; - }; - }; - - config = mkIf cfg.enable { - security.acme = mkIf cfg.acme.enable { - acceptTerms = true; - defaults.email = cfg.acme.email; - }; - - users.groups.nginx = mkIf cfg.acme.enable {}; - users.users.nginx = mkIf cfg.acme.enable { - group = "nginx"; - extraGroups = [ "acme" ]; - isSystemUser = true; - }; - services.nginx = - let - ssl = { - forceSSL = cfg.acme.enable; - enableACME = cfg.acme.enable; - }; - - makeVhosts = (domain: subdomains: - lib.concatMapAttrs - (name: value: { ${name + "." + domain} = { locations."/" = value; } // ssl; }) - subdomains); - - homeRoutes = (homeVirtualHosts: homeUrl: - builtins.mapAttrs - (name: value: { - locations."/" = value.locations."/" // { - proxyPass = homeUrl; - recommendedProxySettings = true; - }; - } // ssl) - homeVirtualHosts); - - vhosts = (makeVhosts cfg.domain cfg.subdomains); - homeVhosts = (homeRoutes ((makeVhosts (cfg.home.domain) cfg.home.subdomains) // cfg.home.virtualHosts) cfg.home.url); - in { - enable = true; - recommendedProxySettings = cfg.recommendedProxySettings; - - virtualHosts = vhosts // homeVhosts // cfg.extraVirtualHosts; - } // cfg.extraConfig; - }; -} |