lib

2025-08-23 19:54:05 -05:00
parent c90bd0cd07
commit 36010a4230
8 changed files with 206 additions and 28 deletions
--- a/lib/base64/ascii
+++ b/lib/base64/ascii
@@ -0,0 +1,3 @@
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~ ¡¢£¤¥¦§¨©ª«¬®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ
--- a/lib/base64/default.nix
+++ b/lib/base64/default.nix
@@ -0,0 +1,62 @@
 { inputs }:
 let
  inherit (inputs.nixpkgs.lib)
    concatLists
    concatMapStrings
    foldl'
    genList
    hasSuffix
    imap0
    length
    mod
    nameValuePair
    stringToCharacters
    sublist
    substring
    take
    ;
 in
 rec {
  base64Table = builtins.listToAttrs (
    imap0 (i: c: nameValuePair c i) (
      # The '=' is included so the main algorithm doesn't fail before we can trim the result
      stringToCharacters "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
    )
  );
  # Generated using python3:
  # print(''.join([ chr(n) for n in range(1, 256) ]), file=open('ascii', 'w'))
  ascii = builtins.readFile ./ascii;
  decode =
    str:
    let
      paddingCount =
        if hasSuffix "==" str then
          2
        else if hasSuffix "=" str then
          1
        else
          0;
      numbers64 = map (c: base64Table.${c}) (stringToCharacters str);
      allBytes = concatLists (
        genList (
          i:
          let
            v = foldl' (acc: el: acc * 64 + el) 0 (sublist (i * 4) 4 numbers64);
          in
          [
            (mod (v / 256 / 256) 256)
            (mod (v / 256) 256)
            (mod v 256)
          ]
        ) (length numbers64 / 4)
      );
      finalBytes = take (length allBytes - paddingCount) allBytes;
    in
    concatMapStrings (n: substring (n - 1) 1 ascii) finalBytes;
 }
--- a/lib/module/default.nix
+++ b/lib/module/default.nix
@@ -0,0 +1,122 @@
 { inputs }:
 let
  inherit (inputs.nixpkgs.lib)
    mapAttrs
    mkOption
    types
    toUpper
    substring
    stringLength
    mkDefault
    mkForce
    ;
  base64Lib = import ../base64 { inherit inputs; };
 in
 rec {
  # Conditionally enable modules based on system
  enableForSystem =
    system: modules:
    builtins.filter (
      mod: mod.systems or [ ] == [ ] || builtins.elem system (mod.systems or [ ])
    ) modules;
  # Create a module with common options
  mkModule =
    {
      name,
      description ? "",
      options ? { },
      config ? { },
    }:
    { lib, ... }:
    {
      options.mjallen.${name} = lib.mkOption {
        type = lib.types.submodule {
          options = {
            enable = lib.mkEnableOption description;
          }
          // options;
        };
        default = { };
      };
      config = lib.mkIf config.mjallen.${name}.enable config;
    };
  mkContainer = 
    {
      name,
      localAddress ? "127.0.0.1",
      port ? "80",
      bindMounts ? { },
      config ? { }
    }:
    { lib, ... }:
    {
      containers.${name} = {
        inherit localAddress bindMounts config;
        autoStart = lib.mkDefault true;
        privateNetwork = lib.mkDefault true;
        hostAddress = lib.mkDefault "10.0.1.3";
      };
      networking = {
        nat = {
          forwardPorts = [
            {
              destination = lib.mkDefault "${localAddress}:${toString port}";
              sourcePort = lib.mkDefault port;
            }
          ];
        };
        firewall = {
          allowedTCPPorts = [ port ];
          allowedUDPPorts = [ port ];
        };
      };
    };
  # Migrated mjallen utilities
  # Option creation helpers
  mkOpt =
    type: default: description:
    mkOption { inherit type default description; };
  mkOpt' = type: default: mkOpt type default null;
  mkBoolOpt = mkOpt types.bool;
  mkBoolOpt' = mkOpt' types.bool;
  # Standard enable/disable patterns
  enabled = {
    enable = true;
  };
  disabled = {
    enable = false;
  };
  # String utilities
  capitalize =
    s:
    let
      len = stringLength s;
    in
    if len == 0 then "" else (toUpper (substring 0 1 s)) + (substring 1 len s);
  # Boolean utilities
  boolToNum = bool: if bool then 1 else 0;
  # Attribute manipulation utilities
  default-attrs = mapAttrs (_key: mkDefault);
  force-attrs = mapAttrs (_key: mkForce);
  nested-default-attrs = mapAttrs (_key: default-attrs);
  nested-force-attrs = mapAttrs (_key: force-attrs);
 }
 // base64Lib
--- a/modules/nixos/actual/options.nix
+++ b/modules/nixos/actual/options.nix
@@ -1,37 +1,25 @@
 { lib, namespace, ... }:
 let
  inherit (lib.mjallen) mkOpt mkBoolOpt;
 in 
 with lib;
 {
  options.${namespace}.services.actual = {
    enable = mkEnableOption "actual service";
-    port = mkOption {
+    port = mkOpt types.int 80 "Port for Actual to be hosted on";
      type = types.int;
      default = 80;
    };
-    localAddress = mkOption {
+    localAddress = mkOpt types.str "127.0.0.1" "local address of the service";
      type = types.str;
      default = "127.0.0.1";
    };
-    dataDir = mkOption {
+    dataDir = mkOpt types.str "" "Path to the data dir";
      type = types.str;
      default = "";
    };
    reverseProxy = {
-      enable = mkOption {
+      enable = mkBoolOpt false "Enable reverse proxy support";
-        type = types.bool;
+
-        default = false;
+      host = mkOpt types.str "" "Address of the proxy";
-      };
+
-      host = mkOption {
+      middlewares = with types; mkOpt (listOf str) [ ] "List of middlewares to use";
-        type = types.str;
+
        default = "";
      };
      middlewares = mkOption {
        type = with types; listOf str;
        default = [ ];
      };
    };
  };
 }
--- a/modules/nixos/hardware/btrfs/default.nix
+++ b/modules/nixos/hardware/btrfs/default.nix
@@ -1,7 +1,7 @@
 { lib, ... }:
 {
  services.btrfs = {
-    autoScrub.enable = lib.mkDefault false;
+    autoScrub.enable = lib.mkDefault true;
    autoScrub.fileSystems = lib.mkDefault [
      "/nix"
      "/root"
--- a/modules/nixos/nix/default.nix
+++ b/modules/nixos/nix/default.nix
@@ -3,11 +3,14 @@
  nix = {
    settings = {
      substituters = [
        "nas-cache:5ibTWOXJYlKBaoNtdDEPmvdLPtfnbwf9jvdnfwi5dUs="
        "https://cache.mjallen.dev/nas-cache"
        "https://nixos-raspberrypi.cachix.org"
        "https://nix-community.cachix.org"
        "https://cache.nixos.org/"
      ];
      trusted-public-keys = [
        "nixos-raspberrypi.cachix.org-1:4iMO9LXa8BqhU+Rpg6LQKiGa2lsNh/j2oiYLNOQ5sPI="
        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
      ];
--- a/modules/nixos/traefik/default.nix
+++ b/modules/nixos/traefik/default.nix
@@ -12,10 +12,10 @@ let
  serverIp = "10.0.1.3";
  # Forward services
-  authUrl = "http://${serverIp}:9000/outpost.goauthentik.io";
+  authUrl = "http://${serverIp}:${namespace.services.authentik.port}/outpost.goauthentik.io";
  actualUrl = "http://${config.containers.actual.localAddress}:${toString config.containers.actual.config.services.actual.settings.port}";
-  authentikUrl = "http://${serverIp}:9000";
+  authentikUrl = "http://${serverIp}:${namespace.services.authentik.port}";
  cacheUrl = "http://${serverIp}:9012";
  cloudUrl = "http://${config.containers.nextcloud.localAddress}:80";
  giteaUrl = "http://${config.containers.gitea.localAddress}:${toString config.containers.gitea.config.services.gitea.settings.server.HTTP_PORT}";
--- a/systems/aarch64-linux/macbook-pro-nixos/default.nix
+++ b/systems/aarch64-linux/macbook-pro-nixos/default.nix
@@ -46,7 +46,7 @@ in
        distrobox
      ];
    };
-    desktop = {
+    programs = {
      hyprland = {
        enable = true;
        primaryDisplay = "eDP-1";
		`@@ -0,0 +1,3 @@`


							!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{\|}~ ¡¢£¤¥¦§¨©ª«¬®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ