nix-config/lib/network/default.nix

# Central network topology registry.
#
# Exposed as lib.<namespace>.network.*  (Snowfall Lib merges lib/ sub-directories
# automatically, so this file is reachable as lib.mjallen.network inside any
# NixOS module, home-manager module, or package that receives `lib`).
#
# Usage examples:
#
#   let net = lib.mjallen.network; in
#   net.hosts.nas.lan          # "10.0.1.3"
#   net.hosts.nas.lan4         # "10.0.1.3/24"  (CIDR notation)
#   net.hosts.nuc.lan          # "10.0.1.4"
#   net.hosts.pi5.nebula       # "10.1.1.1"
#   net.subnet.lan             # "10.0.1.0/24"
#   net.subnet.nebula          # "10.1.1.0/24"
#   net.ports.nas.nextcloud    # 9988
#   net.domain                 # "mjallen.dev"
#
# All attributes intentionally use plain strings / ints so they can be
# interpolated with `toString` or used directly in any context.
{
  network = {
    # -----------------------------------------------------------------------
    # Global domain
    # -----------------------------------------------------------------------
    domain = "mjallen.dev";

    # -----------------------------------------------------------------------
    # Subnets
    # -----------------------------------------------------------------------
    subnet = {
      lan = "10.0.1.0/24";
      nebula = "10.1.1.0/24";
      # Docker / container bridge used by Home Assistant
      docker = "172.30.33.0/24";
    };

    # -----------------------------------------------------------------------
    # Hosts
    # Each host exposes:
    #   lan    — bare IPv4 address (no prefix length)
    #   lan4   — IPv4 address with /24 CIDR suffix  (for static IP config)
    #   nebula — Nebula overlay IP (where applicable)
    # -----------------------------------------------------------------------
    hosts = {
      # ---- Raspberry Pi 5 (pi5) — DNS / Nebula lighthouse ----------------
      pi5 = {
        hostname = "pi5";
        lan = "10.0.1.2";
        lan4 = "10.0.1.2/24";
        nebula = "10.1.1.1";
        gateway = "10.0.1.1";
      };

      # ---- NAS (jallen-nas) — primary server -----------------------------
      nas = {
        hostname = "jallen-nas";
        lan = "10.0.1.3";
        lan4 = "10.0.1.3/24";
        nebula = "10.1.1.3";
        gateway = "10.0.1.1";
      };

      # ---- Intel NUC (nuc-nixos) — Home Assistant host -------------------
      nuc = {
        hostname = "nuc-nixos";
        lan = "10.0.1.4";
        lan4 = "10.0.1.4/24";
        nebula = "10.1.1.4";
        gateway = "10.0.1.1";
      };

      # ---- MacBook Pro (macbook-pro-nixos) — Apple Silicon laptop --------
      macbook = {
        hostname = "macbook-pro-nixos";
        nebula = "10.1.1.8";
      };

      # ---- ASUS ROG Ally X (allyx) ----------------------------------------
      allyx = {
        hostname = "allyx";
        nebula = "10.1.1.10";
      };

      # ---- Router / gateway / AdGuard upstream ---------------------------
      router = {
        hostname = "router";
        lan = "10.0.1.1";
        lan4 = "10.0.1.1/24";
      };
    };

    # -----------------------------------------------------------------------
    # Service ports
    # Grouped by host.  Every entry matches the port set in apps.nix / the
    # corresponding mkModule option so there is a single source of truth.
    # -----------------------------------------------------------------------
    ports = {
      # ---- pi5 services --------------------------------------------------
      pi5 = {
        adguard = 3000;
        attic = 9012;
        nebula = 4242;
        dns = 53;
      };

      # ---- NAS services --------------------------------------------------
      nas = {
        actual = 3333;
        attic = 9012;
        authentik = 9000;
        authentikRac = 4823;
        calibre = 8084;
        calibreWeb = 8083;
        codeServer = 4444;
        cockpit = 9091;
        collabora = 9980;
        coturn = 3478;
        crowdsec = 8181;
        dispatcharr = 9191;
        elasticsearch = 9200;
        gitea = 3000;
        giteaSsh = 2222;
        glance = 5555;
        glances = 61208;
        grafana = 9999;
        grimmory = 6066;
        guacd = 4822;
        headscale = 2112;
        immich = 2283;
        jellyfin = 8096;
        seerr = 5055;
        kavita = 5000;
        llamaCpp = 8127;
        lubelogger = 6754;
        manyfold = 3214;
        mariadb = 3306;
        matrix = 8448;
        mongodb = 27017;
        nebula = 4242;
        netbootxyz = 4000;
        netbootxyzWeb = 4080;
        nextcloud = 9988;
        ntfy = 2586;
        nutUpsd = 3493;
        ocis = 9200;
        onlyoffice = 9943;
        opencloud = 9200;
        orcaSlicer = 3100;
        paperless = 28981;
        paperlessAi = 28982;
        postgresql = 5432;
        protonmailSmtp = 1025;
        protonmailImap = 1143;
        redisCcache = 6363;
        redisManyfold = 6380;
        redisOnlyoffice = 6381;
        resticServer = 8008;
        sabnzbd = 8280;
        sonarr = 8989;
        radarr = 7878;
        sparkyFitnessFe = 3004;
        sparkyFitnessBe = 3010;
        sunshine = 47989;
        tdarr = 8265;
        tdarrServer = 8266;
        termix = 7777;
        tunarr = 8000;
        unmanic = 8265;
        uptimeKuma = 3001;
        wyomingPiper = 10200;
        wyomingWhisper = 10300;
      };

      # ---- NUC services --------------------------------------------------
      nuc = {
        homeAssistant = 8123;
        mqtt = 1883;
        otbr = 8880;
        otbrRest = 8881;
        esphome = 6052;
      };
    };
  };
}