diff --git a/lib/examples/file-utils.nix b/lib/examples/file-utils.nix index c3005c2..7d63c0d 100644 --- a/lib/examples/file-utils.nix +++ b/lib/examples/file-utils.nix @@ -1,6 +1,6 @@ -{ lib, ... }: +{ lib, namespace, ... }: let - inherit (lib.mjallen.file) + inherit (lib.${namespace}.file) readFile pathExists safeImport diff --git a/lib/examples/home-sops.nix b/lib/examples/home-sops.nix index 58b71b8..44fa892 100644 --- a/lib/examples/home-sops.nix +++ b/lib/examples/home-sops.nix @@ -2,10 +2,11 @@ config, lib, pkgs, + namespace, ... }: let - inherit (lib.mjallen.module) mkModule mkOpt; + inherit (lib.${namespace}.module) mkModule mkOpt; in mkModule { name = "sops"; @@ -23,13 +24,13 @@ mkModule { ]; sops = { - inherit (config.mjallen.sops) defaultSopsFile; + inherit (config.${namespace}.sops) defaultSopsFile; defaultSopsFormat = "yaml"; age = { generateKey = true; keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt"; - sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ] ++ config.mjallen.sops.sshKeyPaths; + sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ] ++ config.${namespace}.sops.sshKeyPaths; }; }; }; diff --git a/lib/examples/reverseproxy.nix b/lib/examples/reverseproxy.nix index d38d6d9..823ce85 100644 --- a/lib/examples/reverseproxy.nix +++ b/lib/examples/reverseproxy.nix @@ -1,7 +1,7 @@ # Example usage of the reverse proxy utilities -{ lib, ... }: +{ lib, namespace, ... }: let - inherit (lib.mjallen-lib.reverseproxy) + inherit (lib.${namespace}-lib.reverseproxy) mkReverseProxy mkReverseProxies templates diff --git a/lib/examples/sops.nix b/lib/examples/sops.nix index f2169e5..c56f6b4 100644 --- a/lib/examples/sops.nix +++ b/lib/examples/sops.nix @@ -1,6 +1,6 @@ -{ config, lib, ... }: +{ config, lib, namespace, ... }: let - inherit (lib.mjallen.module) mkModule mkOpt mkBoolOpt; + inherit (lib.${namespace}.module) mkModule mkOpt mkBoolOpt; in mkModule { name = "sops"; @@ -22,18 +22,18 @@ mkModule { }; config = { sops = { - inherit (config.mjallen.sops) defaultSopsFile validateSopsFiles; + inherit (config.${namespace}.sops) defaultSopsFile validateSopsFiles; age = { - inherit (config.mjallen.sops) generateAgeKey; + inherit (config.${namespace}.sops) generateAgeKey; keyFile = - if config.mjallen.sops.ageKeyPath != null then - config.mjallen.sops.ageKeyPath + if config.${namespace}.sops.ageKeyPath != null then + config.${namespace}.sops.ageKeyPath else - "${config.users.users.${config.mjallen.user.name}.home}/.config/sops/age/keys.txt"; + "${config.users.users.${config.${namespace}.user.name}.home}/.config/sops/age/keys.txt"; - sshKeyPaths = config.mjallen.sops.sshKeyPaths; + sshKeyPaths = config.${namespace}.sops.sshKeyPaths; }; }; }; diff --git a/lib/examples/system-utils.nix b/lib/examples/system-utils.nix index 9bd668b..c5a4d34 100644 --- a/lib/examples/system-utils.nix +++ b/lib/examples/system-utils.nix @@ -1,6 +1,6 @@ -{ inputs, ... }: +{ inputs, namespace, ... }: let - inherit (inputs.self.mjallen-lib.system.common) + inherit (inputs.self.${namespace}-lib.system.common) mkExtendedLib mkNixpkgsConfig mkHomeConfigs @@ -13,10 +13,10 @@ in nixosConfigurations = let # Get all systems - allSystems = inputs.self.mjallen-lib.file.scanSystems ../systems; + allSystems = inputs.self.${namespace}-lib.file.scanSystems ../systems; # Filter for NixOS systems - nixosSystems = inputs.self.mjallen-lib.file.filterNixOSSystems allSystems; + nixosSystems = inputs.self.${namespace}-lib.file.filterNixOSSystems allSystems; in inputs.nixpkgs.lib.mapAttrs' ( _name: @@ -74,7 +74,7 @@ in # Import all nixos modules recursively ../${system}/${hostname} ] - ++ (extendedLib.mjallen.file.importModulesRecursive ../modules/nixos); + ++ (extendedLib.${namespace}.file.importModulesRecursive ../modules/nixos); }; } ) nixosSystems; @@ -83,7 +83,7 @@ in homeConfigurations = let # Get all homes - allHomes = inputs.self.mjallen-lib.file.scanHomes ../homes; + allHomes = inputs.self.${namespace}-lib.file.scanHomes ../homes; in inputs.nixpkgs.lib.mapAttrs' ( _name: @@ -125,7 +125,7 @@ in # Import the home configuration path ] - ++ (extendedLib.mjallen.file.importModulesRecursive ../modules/home); + ++ (extendedLib.${namespace}.file.importModulesRecursive ../modules/home); }; } ) allHomes; diff --git a/lib/module/default.nix b/lib/module/default.nix index bb39aa2..7043425 100644 --- a/lib/module/default.nix +++ b/lib/module/default.nix @@ -1,4 +1,4 @@ -{ inputs }: +{ inputs, lib, namespace }: let inherit (inputs.nixpkgs.lib) mapAttrs @@ -28,23 +28,69 @@ rec { name, description ? "", options ? { }, - config ? { }, + moduleConfig ? { }, + domain ? "services", + config }: - { lib, ... }: + let + cfg = config.${namespace}.${domain}.${name}; + + # Create reverse proxy configuration using mkReverseProxy + reverseProxyConfig = lib.${namespace}.mkReverseProxy { + inherit name; + subdomain = cfg.reverseProxy.subdomain; + url = "http://${config.${namespace}.network.ipv4.address}:${toString cfg.port}"; # TODO: address + middlewares = cfg.reverseProxy.middlewares; + }; + + defaultConfig = { + ${namespace}.services.traefik = lib.mkIf cfg.reverseProxy.enable { + reverseProxies = [ reverseProxyConfig ]; + }; + + users = lib.mkIf cfg.createUser { + users.${name} = { + isSystemUser = true; + group = name; + home = cfg.configDir; + }; + groups.${name} = { }; + }; + + systemd.tmpfiles.rules = [ + "d ${cfg.configDir} 0700 ${name} ${name} - -" + "d ${cfg.configDir}/server-files 0700 ${name} ${name} - -" + "d ${cfg.configDir}/user-files 0700 ${name} ${name} - -" + ]; + } // moduleConfig; + in + { config, lib, ... }: { - options.mjallen.${name} = lib.mkOption { + options.${namespace}.${domain}.${name} = lib.mkOption { type = lib.types.submodule { options = { enable = lib.mkEnableOption description; + + port = mkOpt types.int 80 "Port for ${name} to be hosted on"; + + configDir = mkOpt types.str "/media/nas/main/nix-app-data/${name}" "Path to the config dir"; + + dataDir = mkOpt types.str "/media/nas/main/${name}" "Path to the data dir"; + + createUser = mkBoolOpt false "create a user for this module/service"; + + reverseProxy = mkReverseProxyOpt; } // options; }; default = { }; }; - config = lib.mkIf config.mjallen.${name}.enable config; + config = lib.mkIf cfg.enable defaultConfig; }; + + # container mkContainer = { name, diff --git a/lib/system/common.nix b/lib/system/common.nix index 8cc3855..88230d4 100644 --- a/lib/system/common.nix +++ b/lib/system/common.nix @@ -1,4 +1,4 @@ -{ inputs }: +{ inputs, namespace }: let inherit (inputs.nixpkgs.lib) filterAttrs mapAttrs'; in @@ -7,7 +7,7 @@ in flake: nixpkgs: nixpkgs.lib.extend ( _final: _prev: { - mjallen = flake.mjallen-lib; + mjallen = flake.${namespace}-lib; } ); @@ -30,7 +30,7 @@ in hostname, }: let - inherit (flake.mjallen-lib.file) scanHomes; + inherit (flake.${namespace}-lib.file) scanHomes; homesPath = ../../homes; allHomes = scanHomes homesPath; in @@ -59,7 +59,7 @@ in sharedModules = [ { _module.args.lib = extendedLib; } ] - ++ (extendedLib.mjallen.file.importModulesRecursive ../../modules/home); + ++ (extendedLib.${namespace}.file.importModulesRecursive ../../modules/home); users = mapAttrs' (_name: homeConfig: { name = homeConfig.username; value = { diff --git a/modules/home/desktop/gnome/default.nix b/modules/home/desktop/gnome/default.nix index 659c63b..8f15ba4 100644 --- a/modules/home/desktop/gnome/default.nix +++ b/modules/home/desktop/gnome/default.nix @@ -2,10 +2,11 @@ config, lib, pkgs, + namespace, ... }: let - cfg = config.mjallen.desktop.gnome; + cfg = config.${namespace}.desktop.gnome; in { imports = [ ./options.nix ]; diff --git a/modules/home/desktop/gnome/options.nix b/modules/home/desktop/gnome/options.nix index ac20cfd..b19b240 100644 --- a/modules/home/desktop/gnome/options.nix +++ b/modules/home/desktop/gnome/options.nix @@ -1,7 +1,7 @@ -{ lib, ... }: +{ lib, namespace, ... }: with lib; { - options.mjallen.desktop.gnome = { + options.${namespace}.desktop.gnome = { enable = mkEnableOption "enable gnome settings"; }; } diff --git a/modules/home/programs/btop/default.nix b/modules/home/programs/btop/default.nix index 6f95ef8..2618add 100755 --- a/modules/home/programs/btop/default.nix +++ b/modules/home/programs/btop/default.nix @@ -1,7 +1,7 @@ -{ config, lib, ... }: +{ config, lib, namespace, ... }: with lib; let - cfg = config.mjallen.programs.btop; + cfg = config.${namespace}.programs.btop; in { imports = [ ./options.nix ]; diff --git a/modules/home/programs/btop/options.nix b/modules/home/programs/btop/options.nix index c85c2e9..3cf098d 100644 --- a/modules/home/programs/btop/options.nix +++ b/modules/home/programs/btop/options.nix @@ -1,7 +1,7 @@ -{ lib, ... }: +{ lib, namespace, ... }: with lib; { - options.mjallen.programs.btop = { + options.${namespace}.programs.btop = { enable = mkEnableOption "enable btop"; }; } diff --git a/modules/home/programs/hyprland/default.nix b/modules/home/programs/hyprland/default.nix index 39fbbea..f54dd07 100644 --- a/modules/home/programs/hyprland/default.nix +++ b/modules/home/programs/hyprland/default.nix @@ -2,11 +2,12 @@ config, lib, pkgs, + namespace, ... }: with lib; let - cfg = config.mjallen.programs.hyprland; + cfg = config.${namespace}.programs.hyprland; drawer = "nwg-drawer -fm nautilus -term kitty -mb 10 -mt 10 -ml 10 -mr 10 -pbuseicontheme -i ${config.stylix.icons.dark}"; in { @@ -66,7 +67,7 @@ in xsettingsd xwayland - pkgs.mjallen.pipewire-python + pkgs.${namespace}.pipewire-python ] ++ (if cfg.notificationDaemon == "mako" then [ mako ] else [ dunst ]) ++ (if cfg.launcher == "wofi" then [ wofi ] else [ rofi ]) diff --git a/modules/home/programs/hyprland/options.nix b/modules/home/programs/hyprland/options.nix index 1f242a6..6b715cb 100644 --- a/modules/home/programs/hyprland/options.nix +++ b/modules/home/programs/hyprland/options.nix @@ -1,7 +1,7 @@ -{ lib, pkgs, ... }: +{ lib, pkgs, namespace, ... }: with lib; { - options.mjallen.programs.hyprland = { + options.${namespace}.programs.hyprland = { enable = mkEnableOption "enable hyprland"; primaryDisplay = mkOption { diff --git a/modules/home/programs/kitty/default.nix b/modules/home/programs/kitty/default.nix index 74a6685..414f30d 100755 --- a/modules/home/programs/kitty/default.nix +++ b/modules/home/programs/kitty/default.nix @@ -1,7 +1,7 @@ -{ lib, config, ... }: +{ lib, config, namespace, ... }: with lib; let - cfg = config.mjallen.programs.kitty; + cfg = config.${namespace}.programs.kitty; in { imports = [ ./options.nix ]; diff --git a/modules/home/programs/kitty/options.nix b/modules/home/programs/kitty/options.nix index 0385fe3..453bc78 100644 --- a/modules/home/programs/kitty/options.nix +++ b/modules/home/programs/kitty/options.nix @@ -4,7 +4,7 @@ let inherit (lib.${namespace}) mkOpt; in { - options.mjallen.programs.kitty = { + options.${namespace}.programs.kitty = { enable = mkEnableOption "enable kitty terminal"; }; } diff --git a/modules/home/programs/mako/default.nix b/modules/home/programs/mako/default.nix index d988683..2773c78 100755 --- a/modules/home/programs/mako/default.nix +++ b/modules/home/programs/mako/default.nix @@ -1,7 +1,7 @@ -{ config, lib, ... }: +{ config, lib, namespace, ... }: with lib; let - cfg = config.mjallen.programs.mako; + cfg = config.${namespace}.programs.mako; in { imports = [ ./options.nix ]; diff --git a/modules/home/programs/mako/options.nix b/modules/home/programs/mako/options.nix index a920ab2..6bb8dfe 100644 --- a/modules/home/programs/mako/options.nix +++ b/modules/home/programs/mako/options.nix @@ -1,7 +1,7 @@ -{ lib, ... }: +{ lib, namespace, ... }: with lib; { - options.mjallen.programs.mako = { + options.${namespace}.programs.mako = { enable = mkEnableOption "enable mako"; fontName = mkOption { diff --git a/modules/home/programs/nwg-dock/default.nix b/modules/home/programs/nwg-dock/default.nix index fbdcf04..f8e0021 100644 --- a/modules/home/programs/nwg-dock/default.nix +++ b/modules/home/programs/nwg-dock/default.nix @@ -2,11 +2,12 @@ config, lib, pkgs, + namespace, ... }: with lib; let - cfg = config.mjallen.programs.nwg-dock; + cfg = config.${namespace}.programs.nwg-dock; palette = import cfg.theme.file; in { diff --git a/modules/home/programs/nwg-dock/options.nix b/modules/home/programs/nwg-dock/options.nix index a37808f..e931798 100644 --- a/modules/home/programs/nwg-dock/options.nix +++ b/modules/home/programs/nwg-dock/options.nix @@ -1,7 +1,7 @@ -{ lib, ... }: +{ lib, namespace, ... }: with lib; { - options.mjallen.programs.nwg-dock = { + options.${namespace}.programs.nwg-dock = { enable = mkEnableOption "enable nwg-dock"; }; } diff --git a/modules/home/programs/nwg-drawer/default.nix b/modules/home/programs/nwg-drawer/default.nix index 4bd19d0..e906ea3 100644 --- a/modules/home/programs/nwg-drawer/default.nix +++ b/modules/home/programs/nwg-drawer/default.nix @@ -2,11 +2,12 @@ config, lib, pkgs, + namespace, ... }: with lib; let - cfg = config.mjallen.programs.nwg-drawer; + cfg = config.${namespace}.programs.nwg-drawer; palette = import cfg.theme.file; in { diff --git a/modules/home/programs/nwg-drawer/options.nix b/modules/home/programs/nwg-drawer/options.nix index a837354..6371fd4 100644 --- a/modules/home/programs/nwg-drawer/options.nix +++ b/modules/home/programs/nwg-drawer/options.nix @@ -1,7 +1,7 @@ -{ lib, ... }: +{ lib, namespace, ... }: with lib; { - options.mjallen.programs.nwg-drawer = { + options.${namespace}.programs.nwg-drawer = { enable = mkEnableOption "enable nwg-drawer"; }; } diff --git a/modules/home/programs/nwg-panel/default.nix b/modules/home/programs/nwg-panel/default.nix index 96b4489..7c52c25 100644 --- a/modules/home/programs/nwg-panel/default.nix +++ b/modules/home/programs/nwg-panel/default.nix @@ -1,7 +1,7 @@ -{ config, lib, ... }: +{ config, lib, namespace, ... }: with lib; let - cfg = config.mjallen.programs.nwg-panel; + cfg = config.${namespace}.programs.nwg-panel; in { imports = [ ./options.nix ]; diff --git a/modules/home/programs/nwg-panel/options.nix b/modules/home/programs/nwg-panel/options.nix index bf28003..2dae105 100644 --- a/modules/home/programs/nwg-panel/options.nix +++ b/modules/home/programs/nwg-panel/options.nix @@ -1,7 +1,7 @@ -{ lib, pkgs, ... }: +{ lib, pkgs, namespace, ... }: with lib; { - options.mjallen.programs.nwg-panel = { + options.${namespace}.programs.nwg-panel = { enable = mkEnableOption "enable nwg-panel"; defaultApps = mkOption { diff --git a/modules/home/programs/waybar/default.nix b/modules/home/programs/waybar/default.nix index 8305ce4..3a52a78 100755 --- a/modules/home/programs/waybar/default.nix +++ b/modules/home/programs/waybar/default.nix @@ -1,7 +1,7 @@ -{ config, lib, ... }: +{ config, lib, namespace, ... }: with lib; let - cfg = config.mjallen.programs.waybar; + cfg = config.${namespace}.programs.waybar; baseStyle = if cfg.style.file != null then diff --git a/modules/home/programs/waybar/options.nix b/modules/home/programs/waybar/options.nix index 93d2c91..436586f 100644 --- a/modules/home/programs/waybar/options.nix +++ b/modules/home/programs/waybar/options.nix @@ -1,4 +1,4 @@ -{ lib, ... }: +{ lib, namespace, ... }: with lib; let inherit (types) @@ -13,7 +13,7 @@ let ; in { - options.mjallen.programs.waybar = { + options.${namespace}.programs.waybar = { enable = mkEnableOption "Waybar status bar"; # Legacy/compat options (kept for backwards compatibility) diff --git a/modules/home/programs/waybar/scripts/hass.nix b/modules/home/programs/waybar/scripts/hass.nix index 3e8e053..265cb80 100755 --- a/modules/home/programs/waybar/scripts/hass.nix +++ b/modules/home/programs/waybar/scripts/hass.nix @@ -6,7 +6,7 @@ ... }: let - cfg = config.mjallen.programs.waybar; + cfg = config.${namespace}.programs.waybar; pythonEnv = pkgs.python3.withPackages (_ps: [ pkgs.${namespace}.homeassistant-api diff --git a/modules/home/programs/waybar/scripts/weather.nix b/modules/home/programs/waybar/scripts/weather.nix index c2c426f..042e8b6 100644 --- a/modules/home/programs/waybar/scripts/weather.nix +++ b/modules/home/programs/waybar/scripts/weather.nix @@ -2,10 +2,11 @@ config, lib, pkgs, + namespace, ... }: let - cfg = config.mjallen.programs.waybar; + cfg = config.${namespace}.programs.waybar; waybar-weather = pkgs.writeScriptBin "waybar-weather" '' #!/usr/bin/env nix-shell diff --git a/modules/home/programs/wlogout/default.nix b/modules/home/programs/wlogout/default.nix index 26e394d..296c5ab 100644 --- a/modules/home/programs/wlogout/default.nix +++ b/modules/home/programs/wlogout/default.nix @@ -1,7 +1,7 @@ -{ config, lib, ... }: +{ config, lib, namespace, ... }: with lib; let - cfg = config.mjallen.programs.wlogout; + cfg = config.${namespace}.programs.wlogout; palette = import cfg.theme.file; in { diff --git a/modules/home/programs/wlogout/options.nix b/modules/home/programs/wlogout/options.nix index 292f6b2..3646ebb 100644 --- a/modules/home/programs/wlogout/options.nix +++ b/modules/home/programs/wlogout/options.nix @@ -1,7 +1,7 @@ -{ lib, ... }: +{ lib, namespace, ... }: with lib; { - options.mjallen.programs.wlogout = { + options.${namespace}.programs.wlogout = { enable = mkEnableOption "enable wlogout"; }; } diff --git a/modules/home/programs/wofi/default.nix b/modules/home/programs/wofi/default.nix index 5f61d74..77fb6c2 100755 --- a/modules/home/programs/wofi/default.nix +++ b/modules/home/programs/wofi/default.nix @@ -1,7 +1,7 @@ -{ config, lib, ... }: +{ config, lib, namespace, ... }: with lib; let - cfg = config.mjallen.programs.wofi; + cfg = config.${namespace}.programs.wofi; palette = import cfg.theme.file; in { diff --git a/modules/home/programs/wofi/options.nix b/modules/home/programs/wofi/options.nix index 8389599..deba779 100644 --- a/modules/home/programs/wofi/options.nix +++ b/modules/home/programs/wofi/options.nix @@ -1,7 +1,7 @@ -{ lib, ... }: +{ lib, namespace, ... }: with lib; { - options.mjallen.programs.wofi = { + options.${namespace}.programs.wofi = { enable = mkEnableOption "enable wofi"; fontName = mkOption { diff --git a/modules/home/shell-aliases/default.nix b/modules/home/shell-aliases/default.nix index 8d51a92..f226b01 100644 --- a/modules/home/shell-aliases/default.nix +++ b/modules/home/shell-aliases/default.nix @@ -1,13 +1,14 @@ { config, lib, + namespace, ... }: let - cfg = config.mjallen.shell-aliases; + cfg = config.${namespace}.shell-aliases; in { - options.mjallen.shell-aliases = { + options.${namespace}.shell-aliases = { enable = lib.mkEnableOption "Common shell aliases"; buildHost = lib.mkOption { diff --git a/modules/nixos/desktop/hyprland/options.nix b/modules/nixos/desktop/hyprland/options.nix index 619594b..db684f2 100644 --- a/modules/nixos/desktop/hyprland/options.nix +++ b/modules/nixos/desktop/hyprland/options.nix @@ -15,7 +15,7 @@ let ''; in { - options.mjallen.desktop.hyprland = { + options.${namespace}.desktop.hyprland = { enable = mkEnableOption "enable hyprland desktop environment"; wallpaperSource = mkOpt (types.enum [ diff --git a/modules/nixos/network/default.nix b/modules/nixos/network/default.nix index 9a5ca4a..a835069 100644 --- a/modules/nixos/network/default.nix +++ b/modules/nixos/network/default.nix @@ -29,7 +29,7 @@ let { } else { - address = cfg.ipv4.address; + address = "${cfg.ipv4.address}\\24"; gateway = cfg.ipv4.gateway; dns = cfg.ipv4.dns; } diff --git a/modules/nixos/services/actual/default.nix b/modules/nixos/services/actual/default.nix index c201b1f..7268165 100644 --- a/modules/nixos/services/actual/default.nix +++ b/modules/nixos/services/actual/default.nix @@ -7,59 +7,42 @@ }: with lib; let - cfg = config.${namespace}.services.actual; + name = "actual"; + cfg = config.${namespace}.services.${name}; - actualConfig = { - services.actual = { - enable = true; - openFirewall = true; - settings = { - trustedProxies = [ "10.0.1.3" ]; - port = cfg.port; - dataDir = cfg.dataDir; - serverFiles = "${cfg.dataDir}/server-files"; - userFiles = "${cfg.dataDir}/user-files"; + actualConfig = lib.${namespace}.mkModule rec { + inherit name; + description = "Actual Personal Finance Planner"; + options = { }; + moduleConfig = { + services.actual = { + enable = true; + openFirewall = true; + settings = { + trustedProxies = [ config.${namespace}.network.ipv4.address ]; + port = cfg.port; + configDir = cfg.configDir; + serverFiles = "${cfg.configDir}/server-files"; + userFiles = "${cfg.configDir}/user-files"; + }; }; - }; - systemd.services = { - actual = { - environment.ACTUAL_CONFIG_PATH = lib.mkForce "${cfg.dataDir}/config.json"; - serviceConfig = { - ExecStart = lib.mkForce "${lib.getExe pkgs.actual-server} --config ${cfg.dataDir}/config.json"; - WorkingDirectory = lib.mkForce cfg.dataDir; - StateDirectoryMode = lib.mkForce 700; - DynamicUser = lib.mkForce false; - ProtectSystem = lib.mkForce "full"; + systemd.services = lib.mkIf cfg.createUser { + actual = { + environment.ACTUAL_CONFIG_PATH = lib.mkForce "${cfg.configDir}/config.json"; + serviceConfig = { + ExecStart = lib.mkForce "${lib.getExe pkgs.actual-server} --config ${cfg.configDir}/config.json"; + WorkingDirectory = lib.mkForce cfg.configDir; + StateDirectoryMode = lib.mkForce 700; + DynamicUser = lib.mkForce false; + ProtectSystem = lib.mkForce "full"; + }; }; }; }; - - users.users.actual = { - isSystemUser = true; - group = "actual"; - home = cfg.dataDir; - }; - users.groups.actual = { }; + inherit config; }; - - # Create reverse proxy configuration using mkReverseProxy - reverseProxyConfig = lib.${namespace}.mkReverseProxy { - name = "actual"; - subdomain = cfg.reverseProxy.subdomain; - url = "http://${cfg.localAddress}:${toString cfg.port}"; - middlewares = cfg.reverseProxy.middlewares; - }; - - fullConfig = { - "${namespace}".services.traefik = lib.mkIf cfg.reverseProxy.enable { - reverseProxies = [ reverseProxyConfig ]; - }; - } - // actualConfig; in { - imports = [ ./options.nix ]; - - config = mkIf cfg.enable fullConfig; + imports = [ actualConfig ]; } diff --git a/modules/nixos/services/actual/default.nix.container b/modules/nixos/services/actual/default.nix.container deleted file mode 100644 index e291c81..0000000 --- a/modules/nixos/services/actual/default.nix.container +++ /dev/null @@ -1,104 +0,0 @@ -{ - config, - pkgs, - lib, - namespace, - ... -}: -with lib; -let - cfg = config.${namespace}.services.actual; - dataDir = "/data"; - hostAddress = "10.0.1.3"; - actualUserId = config.users.users.nix-apps.uid; - actualGroupId = config.users.groups.jallen-nas.gid; - - actualConfig = { - services.actual = { - enable = true; - openFirewall = true; - settings = { - trustedProxies = [ hostAddress ]; - port = cfg.port; - dataDir = dataDir; - serverFiles = "${dataDir}/server-files"; - userFiles = "${dataDir}/user-files"; - }; - }; - - users.users.actual = { - isSystemUser = true; - uid = lib.mkForce actualUserId; - group = "actual"; - }; - - users.groups = { - actual = { - gid = lib.mkForce actualGroupId; - }; - }; - - # System packages - environment.systemPackages = with pkgs; [ - sqlite - ]; - - # Create and set permissions for required directories - system.activationScripts.actual-dirs = '' - mkdir -p ${dataDir} - chown -R actual:actual ${dataDir} - chmod -R 0700 ${dataDir} - ''; - - systemd.services = { - actual = { - environment.ACTUAL_CONFIG_PATH = lib.mkForce "${dataDir}/config.json"; - serviceConfig = { - ExecStart = lib.mkForce "${lib.getExe pkgs.actual-server} --config ${dataDir}/config.json"; - WorkingDirectory = lib.mkForce dataDir; - StateDirectory = lib.mkForce dataDir; - StateDirectoryMode = lib.mkForce 700; - DynamicUser = lib.mkForce false; - ProtectSystem = lib.mkForce null; - }; - }; - }; - }; - - bindMounts = { - "${dataDir}" = { - hostPath = cfg.dataDir; - isReadOnly = false; - }; - }; - - # Create reverse proxy configuration using mkReverseProxy - reverseProxyConfig = lib.${namespace}.mkReverseProxy { - name = "actual"; - subdomain = cfg.reverseProxy.subdomain; - url = "http://${cfg.localAddress}:${toString cfg.port}"; - middlewares = cfg.reverseProxy.middlewares; - }; - - actualContainer = - (lib.${namespace}.mkContainer { - name = "actual"; - localAddress = cfg.localAddress; - ports = [ cfg.port ]; - bindMounts = bindMounts; - config = actualConfig; - }) - { inherit lib; }; - - fullConfig = { - "${namespace}".services.traefik = lib.mkIf cfg.reverseProxy.enable { - reverseProxies = [ reverseProxyConfig ]; - }; - } - // actualContainer; -in -{ - imports = [ ./options.nix ]; - - config = mkIf cfg.enable fullConfig; -} diff --git a/modules/nixos/services/actual/options.nix b/modules/nixos/services/actual/options.nix deleted file mode 100644 index 3d1c30e..0000000 --- a/modules/nixos/services/actual/options.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ lib, namespace, ... }: -let - inherit (lib.${namespace}) mkOpt mkReverseProxyOpt; -in -with lib; -{ - options.${namespace}.services.actual = { - enable = mkEnableOption "actual service"; - - port = mkOpt types.int 80 "Port for Actual to be hosted on"; - - localAddress = mkOpt types.str "127.0.0.1" "local address of the service"; - - dataDir = mkOpt types.str "" "Path to the data dir"; - - reverseProxy = mkReverseProxyOpt; - }; -} diff --git a/modules/nixos/services/gitea/default.nix b/modules/nixos/services/gitea/default.nix index 39e3919..e9ab455 100644 --- a/modules/nixos/services/gitea/default.nix +++ b/modules/nixos/services/gitea/default.nix @@ -7,7 +7,7 @@ with lib; let cfg = config.${namespace}.services.gitea; - rootUrl = "https://gitea.mjallen.dev/"; + rootUrl = "https://gitea.${namespace}.dev/"; mailerPasswordFile = config.sops.secrets."jallen-nas/gitea/mail-key".path; metricsTokenFile = config.sops.secrets."jallen-nas/gitea/metrics-key".path; diff --git a/modules/nixos/sops/options.nix b/modules/nixos/sops/options.nix index 35d926e..96a73c2 100644 --- a/modules/nixos/sops/options.nix +++ b/modules/nixos/sops/options.nix @@ -1,7 +1,7 @@ -{ lib, ... }: +{ lib, namespace, ... }: with lib; { - options.mjallen.sops = { + options.${namespace}.sops = { enable = mkEnableOption "enable sops"; defaultSopsFile = mkOption { diff --git a/systems/x86_64-linux/jallen-nas/apps.nix b/systems/x86_64-linux/jallen-nas/apps.nix index a5b466b..ce6f4a0 100755 --- a/systems/x86_64-linux/jallen-nas/apps.nix +++ b/systems/x86_64-linux/jallen-nas/apps.nix @@ -27,8 +27,7 @@ actual = { enable = true; port = 3333; - localAddress = "10.0.1.3"; - dataDir = "/media/nas/main/nix-app-data/actual"; + createUser = true; reverseProxy = { enable = true; subdomain = "actual"; diff --git a/systems/x86_64-linux/jallen-nas/default.nix b/systems/x86_64-linux/jallen-nas/default.nix index 1347a57..d802a0a 100755 --- a/systems/x86_64-linux/jallen-nas/default.nix +++ b/systems/x86_64-linux/jallen-nas/default.nix @@ -110,7 +110,7 @@ in network = { hostName = "jallen-nas"; ipv4 = { - address = "10.0.1.3/24"; + address = "10.0.1.3"; method = "manual"; gateway = "10.0.1.1"; interface = "enp197s0";