swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

WIP share configuraton between nixos / homemanager

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-07-16 18:23:00 +02:00
parent 641a0cd84d
commit 302c488569
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
166 changed files with 1029 additions and 1031 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/nixos/server/ankisync.nix
View file

@ -9,8 +9,8 @@ let
ankiUser = globals.user.name;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
networking.firewall.allowedTCPPorts = [ servicePort ];

4
modules/nixos/server/atuin.nix
View file

@ -5,8 +5,8 @@ let
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
topology.self.services.${serviceName}.info = "https://${serviceDomain}";
globals.services.${serviceName}.domain = serviceDomain;

4
modules/nixos/server/croc.nix
View file

@ -15,8 +15,8 @@ let
cfg = config.services.croc;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
sops = {
secrets = {

4
modules/nixos/server/emacs.nix
View file

@ -4,8 +4,8 @@ let
servicePort = 9812;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} server on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} server on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
networking.firewall.allowedTCPPorts = [ servicePort ];

4
modules/nixos/server/firefly-iii.nix
View file

@ -12,8 +12,8 @@ let
cfg = config.services.firefly-iii;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
users = {
groups.${serviceGroup} = { };

4
modules/nixos/server/forgejo.nix
View file

@ -11,8 +11,8 @@ let
kanidmDomain = globals.services.kanidm.domain;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
networking.firewall.allowedTCPPorts = [ servicePort ];

4
modules/nixos/server/freshrss.nix
View file

@ -9,8 +9,8 @@ let
inherit (config.swarselsystems) sopsFile;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
users.users.${serviceUser} = {
extraGroups = [ "users" ];

4
modules/nixos/server/immich.nix
View file

@ -6,8 +6,8 @@ let
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
users.users.${serviceUser} = {
extraGroups = [ "video" "render" "users" ];

4
modules/nixos/server/jellyfin.nix
View file

@ -6,8 +6,8 @@ let
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
users.users.${serviceUser} = {
extraGroups = [ "video" "render" "users" ];
};

4
modules/nixos/server/jenkins.nix
View file

@ -5,8 +5,8 @@ let
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
services.jenkins = {
enable = true;

4
modules/nixos/server/kanidm.nix
View file

@ -17,8 +17,8 @@ let
nextcloudDomain = globals.services.nextcloud.domain;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
users.users.${serviceUser} = {
group = serviceGroup;

4
modules/nixos/server/kavita.nix
View file

@ -8,8 +8,8 @@ let
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
environment.systemPackages = with pkgs; [
calibre
];

4
modules/nixos/server/koillection.nix
View file

@ -13,8 +13,8 @@ let
inherit (config.swarselsystems) sopsFile;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
sops.secrets = {
koillection-db-password = { inherit sopsFile; owner = postgresUser; group = postgresUser; mode = "0440"; };

4
modules/nixos/server/matrix.nix
View file

@ -21,8 +21,8 @@ let
'';
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
environment.systemPackages = with pkgs; [
matrix-synapse
lottieconverter

4
modules/nixos/server/microbin.nix
View file

@ -11,8 +11,8 @@ let
cfg = config.services.${serviceName};
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
users = {
groups.${serviceGroup} = { };

6
modules/nixos/server/monitoring.nix
View file

@ -17,8 +17,8 @@ let
inherit (config.swarselsystems) sopsFile;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
sops = {
secrets = {
@ -193,7 +193,7 @@ in
sslVerify = false;
scrapeUri = "http://localhost/nginx_status";
};
nextcloud = lib.mkIf config.swarselsystems.modules.server.nextcloud {
nextcloud = lib.mkIf config.swarselmodules.server.nextcloud {
enable = true;
port = 9205;
url = "https://${serviceDomain}/ocs/v2.php/apps/serverinfo/api/v1/info";

4
modules/nixos/server/mpd.nix
View file

@ -8,8 +8,8 @@ let
serviceName = "mpd";
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
users = {
groups = {
mpd = { };

4
modules/nixos/server/navidrome.nix
View file

@ -7,8 +7,8 @@ let
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
environment.systemPackages = with pkgs; [
pciutils
alsa-utils

4
modules/nixos/server/nextcloud.nix
View file

@ -10,8 +10,8 @@ let
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
sops.secrets = {
nextcloud-admin-pw = { inherit sopsFile; owner = serviceUser; group = serviceGroup; mode = "0440"; };

4
modules/nixos/server/nfs.nix
View file

@ -3,8 +3,8 @@ let
nfsUser = globals.user.name;
in
{
options.swarselsystems.modules.server.nfs = lib.mkEnableOption "enable nfs on server";
config = lib.mkIf config.swarselsystems.modules.server.nfs {
options.swarselmodules.server.nfs = lib.mkEnableOption "enable nfs on server";
config = lib.mkIf config.swarselmodules.server.nfs {
services = {
# add a user with sudo smbpasswd -a <user>
samba = {

4
modules/nixos/server/nginx.nix
View file

@ -5,8 +5,8 @@ let
in
{
options.swarselsystems.modules.server.nginx = lib.mkEnableOption "enable nginx on server";
config = lib.mkIf config.swarselsystems.modules.server.nginx {
options.swarselmodules.server.nginx = lib.mkEnableOption "enable nginx on server";
config = lib.mkIf config.swarselmodules.server.nginx {
environment.systemPackages = with pkgs; [
lego
];

4
modules/nixos/server/oauth2-proxy.nix
View file

@ -13,7 +13,7 @@ let
in
{
options = {
swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
# largely based on https://github.com/oddlama/nix-config/blob/main/modules/oauth2-proxy.nix
services.nginx.virtualHosts = lib.mkOption {
type = lib.types.attrsOf (
@ -121,7 +121,7 @@ in
);
};
};
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
config = lib.mkIf config.swarselmodules.server.${serviceName} {
sops = {
secrets = {

4
modules/nixos/server/packages.nix
View file

@ -1,7 +1,7 @@
{ lib, config, pkgs, ... }:
{
options.swarselsystems.modules.server.packages = lib.mkEnableOption "enable packages on server";
config = lib.mkIf config.swarselsystems.modules.server.packages {
options.swarselmodules.server.packages = lib.mkEnableOption "enable packages on server";
config = lib.mkIf config.swarselmodules.server.packages {
environment.systemPackages = with pkgs; [
gnupg
nix-index

4
modules/nixos/server/paperless.nix
View file

@ -13,8 +13,8 @@ let
kanidmDomain = globals.services.kanidm.domain;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
users.users.${serviceUser} = {
extraGroups = [ "users" ];

2
modules/nixos/server/pipewire.nix
View file

@ -1,6 +1,6 @@
{ lib, config, ... }:
{
config = lib.mkIf (config?swarselsystems.modules.server.mpd || config?swarselsystems.modules.server.navidrome) {
config = lib.mkIf (config?swarselmodules.server.mpd || config?swarselmodules.server.navidrome) {
security.rtkit.enable = true; # this is required for pipewire real-time access

4
modules/nixos/server/postgresql.nix
View file

@ -4,8 +4,8 @@ let
postgresVersion = 14;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
services = {
${serviceName} = {
enable = true;

4
modules/nixos/server/radicale.nix
View file

@ -11,8 +11,8 @@ let
cfg = config.services.${serviceName};
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
sops = {
secrets.radicale-user = { inherit sopsFile; owner = serviceUser; group = serviceGroup; mode = "0440"; };

4
modules/nixos/server/restic.nix
View file

@ -3,8 +3,8 @@ let
inherit (config.swarselsystems) sopsFile;
in
{
options.swarselsystems.modules.server.restic = lib.mkEnableOption "enable restic backups on server";
config = lib.mkIf config.swarselsystems.modules.server.restic {
options.swarselmodules.server.restic = lib.mkEnableOption "enable restic backups on server";
config = lib.mkIf config.swarselmodules.server.restic {
sops = {
secrets = {

5
modules/nixos/server/settings.nix
View file

@ -3,14 +3,15 @@ let
inherit (config.swarselsystems) flakePath;
in
{
options.swarselmodules.server.general = lib.mkEnableOption "general setting on server";
options.swarselsystems = {
modules.server.general = lib.mkEnableOption "general setting on server";
shellAliases = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
default = { };
};
};
config = lib.mkIf config.swarselsystems.modules.server.general {
config = lib.mkIf config.swarselmodules.server.general {
environment.shellAliases = lib.recursiveUpdate
{

4
modules/nixos/server/shlink.nix
View file

@ -10,9 +10,9 @@ let
in
{
options = {
swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
};
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
config = lib.mkIf config.swarselmodules.server.${serviceName} {
sops = {
secrets = {

4
modules/nixos/server/spotifyd.nix
View file

@ -6,8 +6,8 @@ let
serviceGroup = serviceUser;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
users.groups.${serviceGroup} = {
gid = 65136;
};

4
modules/nixos/server/ssh.nix
View file

@ -1,7 +1,7 @@
{ self, lib, config, ... }:
{
options.swarselsystems.modules.server.ssh = lib.mkEnableOption "enable ssh on server";
config = lib.mkIf config.swarselsystems.modules.server.ssh {
options.swarselmodules.server.ssh = lib.mkEnableOption "enable ssh on server";
config = lib.mkIf config.swarselmodules.server.ssh {
services.openssh = {
enable = true;
startWhenNeeded = lib.mkForce false;

4
modules/nixos/server/syncthing.nix
View file

@ -11,8 +11,8 @@ let
cfg = config.services.${serviceName};
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
users.users.${serviceUser} = {
extraGroups = [ "users" ];

4
modules/nixos/server/transmission.nix
View file

@ -20,8 +20,8 @@ let
prowlarrPort = 9696;
in
{
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} and friends on server";
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} and friends on server";
config = lib.mkIf config.swarselmodules.server.${serviceName} {
# this user/group section is probably unneeded
users = {