upd

modules/home/programs/git/default.nix

@@ -14,8 +14,12 @@ in
 {
   programs.git = {
     enable = true;
-    userName = "mjallen18";
-    userEmail = "matt.l.jallen@gmail.com";
-    aliases = gitAliases;
+    settings = {
+      user = {
+        name = "mjallen18";
+        email = "matt.l.jallen@gmail.com";
+      };
+      aliases = gitAliases;
+    };
   };
 }

modules/nixos/services/actual/default.nix

@@ -28,10 +28,9 @@ let
         serviceConfig = {
           ExecStart = lib.mkForce "${lib.getExe pkgs.actual-server} --config ${cfg.dataDir}/config.json";
           WorkingDirectory = lib.mkForce cfg.dataDir;
-          StateDirectory = lib.mkForce cfg.dataDir;
           StateDirectoryMode = lib.mkForce 700;
           DynamicUser = lib.mkForce false;
-          ProtectSystem = lib.mkForce null;
+          ProtectSystem = lib.mkForce "full";
         };
       };
     };

modules/nixos/services/headscale/default.nix

@@ -7,12 +7,12 @@
 }:
 with lib;
 let
+  inherit (lib.${namespace}) mkOpt mkReverseProxyOpt;
   cfg = config.${namespace}.services.headscale;
 
   headscaleConfig = {
     services.headscale = {
       enable = true;
-      openFirewall = true;
       address = "0.0.0.0";
       port = cfg.port;
       settings = {

modules/nixos/services/nextcloud/default.nix

@@ -84,7 +84,7 @@ in
           services = {
             nextcloud = {
               enable = true;
-              package = pkgs.nextcloud31;
+              package = pkgs.nextcloud32;
               # datadir = "/data";
               database.createLocally = true;
               hostName = "cloud.mjallen.dev";
@@ -185,7 +185,7 @@ in
           environment.systemPackages = with pkgs; [
             ffmpeg
             # libtensorflow-bin
-            nextcloud31
+            nextcloud32
             nodejs
             onlyoffice-documentserver
             sqlite

modules/nixos/services/uptimekuma/default.nix

@@ -0,0 +1,73 @@
+{
+  config,
+  pkgs,
+  lib,
+  namespace,
+  ...
+}:
+with lib;
+let
+  inherit (lib.${namespace}) mkOpt mkReverseProxyOpt;
+  cfg = config.${namespace}.services.uptime-kuma;
+
+  uptime-kumaConfig = {
+    services.uptime-kuma = {
+      enable = true;
+      appriseSupport = true;
+      settings = {
+        HOST = "0.0.0.0";
+        PORT = "${toString cfg.port}";
+        # DATA_DIR = lib.mkForce cfg.dataDir;
+      };
+    };
+
+    # systemd.services = {
+    #   uptime-kuma = {
+    #     serviceConfig = {
+    #       WorkingDirectory = lib.mkForce cfg.dataDir;
+    #       StateDirectory = lib.mkForce null; # cfg.dataDir;
+    #       StateDirectoryMode = lib.mkForce 700;
+    #       DynamicUser = lib.mkForce false;
+    #       ProtectSystem = lib.mkForce false;
+    #     };
+    #   };
+    # };
+
+    # users.users.uptime-kuma = {
+    #   isSystemUser = true;
+    #   group = "uptime-kuma";
+    #   home = cfg.dataDir;
+    # };
+    # users.groups.uptime-kuma = {};
+  };
+
+  # Create reverse proxy configuration using mkReverseProxy
+  reverseProxyConfig = lib.${namespace}.mkReverseProxy {
+    name = "uptime-kuma";
+    subdomain = cfg.reverseProxy.subdomain;
+    url = "http://${cfg.localAddress}:${toString cfg.port}";
+    middlewares = cfg.reverseProxy.middlewares;
+  };
+
+  fullConfig = {
+    "${namespace}".services.traefik = lib.mkIf cfg.reverseProxy.enable {
+      reverseProxies = [ reverseProxyConfig ];
+    };
+  }
+  // uptime-kumaConfig;
+in
+{
+  options.${namespace}.services.uptime-kuma = {
+    enable = mkEnableOption "uptime-kuma service";
+
+    port = mkOpt types.int 4000 "Port for uptime-kuma to be hosted on";
+
+    localAddress = mkOpt types.str "127.0.0.1" "local address of the service";
+
+    dataDir = mkOpt types.str "" "Path to the data dir";
+
+    reverseProxy = mkReverseProxyOpt;
+  };
+
+  config = mkIf cfg.enable fullConfig;
+}