add syncthing.nix, add drivePaths.nix for mounting drive_paths
diff --git a/flake.lock b/flake.lock
index 4932c73..2bdf002 100644
--- a/flake.lock
+++ b/flake.lock
@@ -107,22 +107,6 @@
"type": "github"
}
},
- "nixpkgs-unstable": {
- "locked": {
- "lastModified": 1686089707,
- "narHash": "sha256-LTNlJcru2qJ0XhlhG9Acp5KyjB774Pza3tRH0pKIb3o=",
- "owner": "nixos",
- "repo": "nixpkgs",
- "rev": "af21c31b2a1ec5d361ed8050edd0303c31306397",
- "type": "github"
- },
- "original": {
- "owner": "nixos",
- "ref": "nixpkgs-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
"nixpkgs_2": {
"locked": {
"lastModified": 1686059680,
@@ -145,7 +129,6 @@
"flake-utils": "flake-utils",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs_2",
- "nixpkgs-unstable": "nixpkgs-unstable",
"scalpel": "scalpel",
"sops-nix": "sops-nix"
}
diff --git a/modules/caddy.nix b/modules/caddy.nix
index e3309fe..eddcf80 100644
--- a/modules/caddy.nix
+++ b/modules/caddy.nix
@@ -1,4 +1,5 @@
-{ base, config, pkgs, lib, ... }: lib.recursiveUpdate {
+{ base, config, pkgs, lib, ... }: lib.recursiveUpdate
+{
services.caddy.enable = true;
services.caddy.configFile = lib.pipe ./caddy/caddyfile.nix [
import
@@ -17,28 +18,29 @@
sopsFile = ../secrets/caddy.json;
format = "json";
};
-} (
- let
- isDerived = base != null;
- in
- if isDerived
- then
+}
+ (
let
- caddy_json = base.config.services.caddy.configFile;
+ isDerived = base != null;
in
- {
- scalpel.trafos."caddy.json" = {
- source = toString caddy_json;
- matchers."cloudflare_token".secret =
- config.sops.secrets.cloudflare_token.path;
- owner = config.users.users.root.name;
- group = config.users.users.nobody.group;
- mode = "0400";
- };
+ if isDerived
+ then
+ let
+ caddy_json = base.config.services.caddy.configFile;
+ in
+ {
+ scalpel.trafos."caddy.json" = {
+ source = toString caddy_json;
+ matchers."cloudflare_token".secret =
+ config.sops.secrets.cloudflare_token.path;
+ owner = config.users.users.root.name;
+ group = config.users.users.nobody.group;
+ mode = "0400";
+ };
- services.caddy.configFile = lib.mkForce config.scalpel.trafos."caddy.json".destination;
+ services.caddy.configFile = lib.mkForce config.scalpel.trafos."caddy.json".destination;
- systemd.services.caddy.reloadTriggers = [ caddy_json ];
- }
- else { }
-)
+ systemd.services.caddy.reloadTriggers = [ caddy_json ];
+ }
+ else { }
+ )
diff --git a/modules/caddy/caddyfile.nix b/modules/caddy/caddyfile.nix
index 4dee336..f3c8b20 100644
--- a/modules/caddy/caddyfile.nix
+++ b/modules/caddy/caddyfile.nix
@@ -280,6 +280,12 @@
}
))
(HTTPReverseProxyRoute [ "passwords.clicks.codes" ] [ "localhost:8452" ])
+ (HTTPReverseProxyRoute [
+ "syncthing.clicks.codes"
+ "syncthing.coded.codes"
+ "syncthing.thecoded.prof"
+ "syncthing.hopescaramels.com"
+ ] [ "localhost:8384" ])
];
};
srv1 = {
diff --git a/modules/drivePaths.nix b/modules/drivePaths.nix
new file mode 100644
index 0000000..addd64b
--- /dev/null
+++ b/modules/drivePaths.nix
@@ -0,0 +1,8 @@
+{ drive_paths, lib, ... }: {
+ fileSystems = lib.mapAttrs'
+ (name: value: {
+ name = value.path;
+ value.device = "/dev/disk/by-uuid/${value.uuid}";
+ })
+ drive_paths;
+}
diff --git a/modules/home-manager-users.nix b/modules/home-manager-users.nix
index 9189240..0e1dbd6 100644
--- a/modules/home-manager-users.nix
+++ b/modules/home-manager-users.nix
@@ -26,7 +26,7 @@
} // (
if (base != null)
then {
-/* users.groups = lib.mapAttrs'
+ /* users.groups = lib.mapAttrs'
(_: user: {
name = user.group;
value = { };
diff --git a/modules/scalpel.nix b/modules/scalpel.nix
index 569d2b4..0e0e257 100644
--- a/modules/scalpel.nix
+++ b/modules/scalpel.nix
@@ -1,6 +1,8 @@
-{ lib, config, ... }: let
+{ lib, config, ... }:
+let
cfg = config.scalpel;
-in {
+in
+{
system.activationScripts.scalpelCreateStore.text = lib.mkForce ''
echo "[scalpel] Ensuring existance of ${cfg.secretsDir}"
mkdir -p ${cfg.secretsDir}
diff --git a/modules/syncthing.nix b/modules/syncthing.nix
new file mode 100644
index 0000000..77e98df
--- /dev/null
+++ b/modules/syncthing.nix
@@ -0,0 +1,11 @@
+{ pkgs, ... }: {
+ environment.systemPackages = with pkgs; [ syncthing ];
+
+ services.syncthing.enable = true;
+ services.syncthing.openDefaultPorts = true;
+
+ services.syncthing.extraOptions.gui = {
+ user = "admin";
+ password = "password";
+ };
+}
diff --git a/modules/vaultwarden.nix b/modules/vaultwarden.nix
index dd06d27..091ef50 100644
--- a/modules/vaultwarden.nix
+++ b/modules/vaultwarden.nix
@@ -64,15 +64,15 @@
SMTP_SECURITY = "starttls";
SMTP_PORT = 587;
- SMTP_USERNAME="FILL_ME_IN";
- SMTP_PASSWORD="!!SMTP_PASSWORD!!";
+ SMTP_USERNAME = "FILL_ME_IN";
+ SMTP_PASSWORD = "!!SMTP_PASSWORD!!";
- REQUIRE_DEVICE_EMAIL=true;
+ REQUIRE_DEVICE_EMAIL = true;
# YubiKey Settings
- YUBICO_CLIENT_ID="89788";
- YUBICO_SECRET_KEY="!!YUBICO_SECRET_KEY!!";
+ YUBICO_CLIENT_ID = "89788";
+ YUBICO_SECRET_KEY = "!!YUBICO_SECRET_KEY!!";
# TODO: Buy a license
@@ -106,7 +106,7 @@
in
{ DATA_FOLDER = "/var/lib/bitwarden_rs"; } // optionalAttrs (!(configEnv ? WEB_VAULT_ENABLED) || configEnv.WEB_VAULT_ENABLED == "true") {
WEB_VAULT_FOLDER = "${cfg.webVaultPackage}/share/vaultwarden/vault";
- } // configEnv;
+ } // configEnv;
configFile = pkgs.writeText "vaultwarden.env" (concatStrings (mapAttrsToList (name: value: "${name}=${value}\n") configEnv));
in
diff --git a/services/kavita/default.nix b/services/kavita/default.nix
index c724ad7..4691474 100644
--- a/services/kavita/default.nix
+++ b/services/kavita/default.nix
@@ -1 +1 @@
-{ pkgs, config, lib, ... }: {}
+{ pkgs, config, lib, ... }: { }
diff --git a/services/mailu/default.nix b/services/mailu/default.nix
index 0967ef4..ffcd441 100644
--- a/services/mailu/default.nix
+++ b/services/mailu/default.nix
@@ -1 +1 @@
-{}
+{ }
diff --git a/variables/drive_paths.nix b/variables/drive_paths.nix
index e75cdd9..3ae3c73 100644
--- a/variables/drive_paths.nix
+++ b/variables/drive_paths.nix
@@ -1,7 +1,19 @@
{
root = "/";
- Internal120SSD = "/mnt/120InternalSSD"; # /dev/disk/by-uuid/3051c23d-143a-4344-8ad9-e0a8cf3b8a3d
- External1000SSD = "/mnt/1000ExternalSSD"; # /dev/disk/by-uuid/24d30ffe-91ed-4e41-b40d-f42b02e144a9
- External2000HDD = "/mnt/2000ExternalHDD"; # /dev/disk/by-uuid/77866be0-869c-44f7-b375-0edb76fb1895
- External4000HDD = "/mnt/4000ExternalHDD"; # /dev/disk/by-uuid/dda57e4d-81b7-4f52-b3ac-f14544b3aaf4
-}
\ No newline at end of file
+ Internal120SSD = {
+ path = "/mnt/120InternalSSD";
+ uuid = "3051c23d-143a-4344-8ad9-e0a8cf3b8a3d";
+ };
+ External1000SSD = {
+ path = "/mnt/1000ExternalSSD";
+ uuid = "24d30ffe-91ed-4e41-b40d-f42b02e144a9";
+ };
+ External2000HDD = {
+ path = "/mnt/2000ExternalHDD";
+ uuid = "77866be0-869c-44f7-b375-0edb76fb1895";
+ };
+ External4000HDD = {
+ path = "/mnt/4000ExternalHDD";
+ uuid = "dda57e4d-81b7-4f52-b3ac-f14544b3aaf4";
+ };
+}