aboutsummaryrefslogtreecommitdiff
path: root/nixos/serverModules
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/serverModules')
-rw-r--r--nixos/serverModules/directories.nix90
-rw-r--r--nixos/serverModules/gonic.nix95
-rw-r--r--nixos/serverModules/nfs.nix112
-rw-r--r--nixos/serverModules/nginx.nix136
4 files changed, 0 insertions, 433 deletions
diff --git a/nixos/serverModules/directories.nix b/nixos/serverModules/directories.nix
deleted file mode 100644
index f5c769f..0000000
--- a/nixos/serverModules/directories.nix
+++ /dev/null
@@ -1,90 +0,0 @@
-{
- config,
- lib,
- ...
-}:
-with lib; let
- cfg = config.createPaths;
- pathAttrsToListRec = pathsAttrSet: parentPath: parentConfig:
- lib.flatten (lib.mapAttrsToList (path: config: let
- filteredConfig = lib.filterAttrs (n: v: v != null) (builtins.removeAttrs config ["subPaths"]);
- out =
- {
- path =
- if parentPath == ""
- then path
- else parentPath + "/" + path;
- }
- // parentConfig // filteredConfig;
- in
- if config ? subPaths
- then [out] ++ (pathAttrsToListRec config.subPaths path filteredConfig)
- else [out])
- pathsAttrSet);
- pathConfig = {
- options = {
- group = mkOption {
- type = types.nullOr types.str;
- default = null;
- };
- owner = mkOption {
- type = types.nullOr types.str;
- default = null;
- };
- permissions = mkOption {
- type = types.nullOr types.str;
- default = null;
- };
- subPaths = mkOption {
- type = types.attrsOf (types.submodule pathConfig);
- default = {};
- };
- };
- };
- pathList = pathAttrsToListRec cfg "" {};
-in rec {
- options = {
- createPaths = mkOption {
- type = types.attrsOf (types.submodule {
- options = {
- group = mkOption {
- type = types.nullOr types.str;
- default = null;
- };
- owner = mkOption {
- type = types.nullOr types.str;
- default = null;
- };
- permissions = mkOption {
- type = types.nullOr types.str;
- default = null;
- };
- subPaths = mkOption {
- type = types.attrsOf (types.submodule pathConfig);
- default = {};
- description = ''
- SubPaths to create using systemd tmpfiles.
- '';
- };
- };
- });
- default = {};
- description = ''
- Paths to create using systemd tmpfiles.
- '';
- };
- };
-
- config = mkIf (cfg != {}) {
- systemd.tmpfiles.rules =
- map
- (dir: "d ${dir.path} ${dir.permissions} ${dir.owner} ${dir.group}")
- pathList;
-
- users = let
- extraGroups = map (path: path.group) pathList;
- in {
- groups = genAttrs extraGroups (group: {});
- };
- };
-}
diff --git a/nixos/serverModules/gonic.nix b/nixos/serverModules/gonic.nix
deleted file mode 100644
index 6bdf984..0000000
--- a/nixos/serverModules/gonic.nix
+++ /dev/null
@@ -1,95 +0,0 @@
-{ config, lib, pkgs, ... }:
-with lib;
-let
- cfg = config.gonic;
-in
-{
- options = {
- gonic = {
- enable = mkEnableOption "enable gonic configuration";
-
- listenAddr = mkOption {
- type = types.str;
- default = "127.0.0.1:4747";
- description = ''
- Address that gonic will listen on.
- '';
- };
-
- extraGroups = mkOption {
- type = types.listOf (types.str);
- default = [];
- description = ''
- Additional groups for gonic.
- '';
- };
-
- musicPaths = mkOption {
- type = types.listOf (types.str);
- description = ''
- Directories with music in it.
- '';
- };
-
- podcastsPath = mkOption {
- type = types.str;
- default = "${cfg.stateDir}/podcasts";
- description = ''
- Directory for podcasts.
- '';
- };
-
- playlistsPath = mkOption {
- type = types.str;
- default = "${cfg.stateDir}/playlists";
- description = ''
- Directory for playlists.
- '';
- };
-
- stateDir = mkOption {
- type = types.str;
- default = "/var/lib/gonic";
- description = ''
- A directory where gonic will keep their files.
- '';
- };
-
- settings = mkOption {
- default = {};
- description = ''
- Additional gonic settings
- '';
- };
- };
- };
-
- config = mkIf cfg.enable {
- nixpkgs.overlays = [
- (final: prev: {
- ffmpeg = prev.ffmpeg-headless;
- })
- ];
-
- systemd.services.gonic.serviceConfig = {
- SupplementaryGroups = cfg.extraGroups;
- };
-
- systemd.tmpfiles.rules = [
- "d ${cfg.stateDir} 0755 nobody nogroup"
- "d ${cfg.podcastsPath} 0755 nobody nogroup"
- "d ${cfg.playlistsPath} 0755 nobody nogroup"
- ];
-
- services.gonic = {
- enable = true;
- settings = {
- listen-addr = cfg.listenAddr;
- music-path = cfg.musicPaths;
- playlists-path = [cfg.podcastsPath];
- podcast-path = [cfg.playlistsPath];
- db-path = ["${cfg.stateDir}/gonic.db"];
- } // cfg.settings;
- };
- };
-}
diff --git a/nixos/serverModules/nfs.nix b/nixos/serverModules/nfs.nix
deleted file mode 100644
index f8186b6..0000000
--- a/nixos/serverModules/nfs.nix
+++ /dev/null
@@ -1,112 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
- cfg = config.nfs;
-in
-{
- options = {
- nfs.server = mkOption {
- description = ''
- NFS server configuration.
- '';
- default = { enable = false; };
- type = types.submodule {
- options = {
- enable = mkEnableOption "Enable nfs server";
- exportsPath = mkOption {
- type = types.str;
- default = "/export";
- description = ''
- A path to the dir, where exports will be binded.
- '';
- };
-
- defaultExportIps = mkOption {
- type = types.listOf (types.str);
- description = ''
- A list of ip addresses, that will be used as default in exportDirs
- '';
- };
-
- defaultExportParams = mkOption {
- type = types.str;
- default = "rw,nohide,insecure,no_subtree_check";
- description = ''
- Params, that will be used as default in exportDirs
- '';
- };
-
- exportDirs = mkOption {
- description = ''
- A list of directories to export.
- '';
- type = types.listOf (types.submodule {
- options = {
- path = mkOption {
- type = types.str;
- description = ''
- A path to the directory to export.
- '';
- };
- exportPath = mkOption {
- type = types.str;
- default = "";
- description = ''
- A path that will be binded to the export directory in the exportsPath.
- '';
- };
- ips = mkOption {
- type = types.listOf (types.str);
- default = cfg.server.defaultExportIps;
- description = ''
- A list of ip addresses to export the dir to.
- '';
- };
- params = mkOption {
- type = types.str;
- default = cfg.server.defaultExportParams;
- description = ''
- Params for the ip addresses.
- '';
- };
- };
- });
- };
- };
- };
- };
- };
-
- config = mkIf cfg.server.enable {
- services.nfs.server = {
- enable = true;
- exports = "${cfg.server.exportsPath} ${concatMapStrings (ip: "${ip}(rw,fsid=0,no_subtree_check) ") cfg.server.defaultExportIps}\n"
- + concatMapStrings
- (dir:
- let
- ips = concatMapStrings (ip: "${ip}(${dir.params}) ") dir.ips;
- exportPath = if dir.exportPath != "" then dir.exportPath else
- baseNameOf dir.path;
- in "${cfg.server.exportsPath}/${exportPath} ${ips}\n")
- cfg.server.exportDirs;
- };
-
- systemd.tmpfiles.rules = [
- "d ${cfg.server.exportsPath} 0744 nobody nogroup"
- ];
-
- fileSystems = listToAttrs (map (exportDir:
- let
- exportPath = if exportDir.exportPath != "" then exportDir.exportPath else
- baseNameOf exportDir.path;
- fullExportPath = "${cfg.server.exportsPath}/${exportPath}";
- in
- {
- name = fullExportPath;
- value = {
- device = exportDir.path;
- options = ["bind"];
- };
- }) cfg.server.exportDirs);
- };
-}
diff --git a/nixos/serverModules/nginx.nix b/nixos/serverModules/nginx.nix
deleted file mode 100644
index 9e249d9..0000000
--- a/nixos/serverModules/nginx.nix
+++ /dev/null
@@ -1,136 +0,0 @@
-{ pkgs, config, lib, ... }:
-with lib;
-let
- vhostOptions = import (pkgs.path + "/nixos/modules/services/web-servers/nginx/vhost-options.nix");
- locationOptions = import (pkgs.path + "/nixos/modules/services/web-servers/nginx/location-options.nix");
- nginxOptions = import (pkgs.path + "/nixos/modules/services/web-servers/nginx/default.nix");
- cfg = config.nginx;
-in
-{
- options.nginx = {
- enable = mkEnableOption "Enable nginx";
-
- domain = mkOption {
- type = types.str;
- description = ''
- Domain to use with subdomains
- '';
- };
-
- recommendedProxySettings = mkOption {
- type = types.bool;
- default = true;
- description = ''
- Enables global recommended proxy settings
- '';
- };
-
- subdomains = mkOption {
- type = types.attrsOf (types.submodule (locationOptions { inherit config lib; }));
- description = ''
- Subdomains with nginx virtualHosts configuration
- '';
- };
-
- extraVirtualHosts = mkOption {
- type = types.attrsOf (types.submodule (vhostOptions { inherit config lib; }));
- default = {};
- };
-
- home = {
- virtualHosts = mkOption {
- type = types.attrsOf (types.submodule (vhostOptions { inherit config lib; }));
- default = {};
- description = ''
- Virtual hosts from another nginx configuration, that will be used to decrypt ssl and forward traffic to another server.
- Make sure that the connection between the two is secure.
- '';
- };
-
- subdomains = mkOption {
- type = types.attrsOf (types.submodule (locationOptions { inherit config lib; }));
- default = {};
- description = ''
- Subdomains from another nginx configuration, that will be used to decrypt ssl and forward traffic to another server.
- Make sure that the connection between the two is secure.
- '';
- };
-
- domain = mkOption {
- type = types.str;
- default = cfg.domain;
- description = ''
- Home domain, if no domain provided, the current will be used;
- '';
- };
-
- url = mkOption {
- type = types.str;
- default = "";
- description = ''
- Url that requests would be passed to;
- '';
- };
- };
-
- acme = {
- enable = mkEnableOption "enable acme certs";
- email = mkOption {
- type = types.str;
- default = "notspl3g+acme@duck.com";
- };
- };
-
- extraConfig = mkOption {
- type = types.attrsOf (types.submodule nginxOptions);
- default = {};
- description = ''
- Extra nginx config.
- '';
- };
- };
-
- config = mkIf cfg.enable {
- security.acme = mkIf cfg.acme.enable {
- acceptTerms = true;
- defaults.email = cfg.acme.email;
- };
-
- users.groups.nginx = mkIf cfg.acme.enable {};
- users.users.nginx = mkIf cfg.acme.enable {
- group = "nginx";
- extraGroups = [ "acme" ];
- isSystemUser = true;
- };
- services.nginx =
- let
- ssl = {
- forceSSL = cfg.acme.enable;
- enableACME = cfg.acme.enable;
- };
-
- makeVhosts = (domain: subdomains:
- lib.concatMapAttrs
- (name: value: { ${name + "." + domain} = { locations."/" = value; } // ssl; })
- subdomains);
-
- homeRoutes = (homeVirtualHosts: homeUrl:
- builtins.mapAttrs
- (name: value: {
- locations."/" = value.locations."/" // {
- proxyPass = homeUrl;
- recommendedProxySettings = true;
- };
- } // ssl)
- homeVirtualHosts);
-
- vhosts = (makeVhosts cfg.domain cfg.subdomains);
- homeVhosts = (homeRoutes ((makeVhosts (cfg.home.domain) cfg.home.subdomains) // cfg.home.virtualHosts) cfg.home.url);
- in {
- enable = true;
- recommendedProxySettings = cfg.recommendedProxySettings;
-
- virtualHosts = vhosts // homeVhosts // cfg.extraVirtualHosts;
- } // cfg.extraConfig;
- };
-}
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-24 10:12:22 +0000