feat[server]: also proxy roundcube

hosts/nixos/x86_64-linux/eagleland/default.nix

@@ -26,7 +26,15 @@
     isBtrfs = true;
     isNixos = true;
     isLinux = true;
-    proxyHost = "eagleland";
+    proxyHost = "twothreetunnel"; # mail shall not be proxied through twothreetunnel
+    server = {
+      wireguard.interfaces = {
+        wgProxy = {
+          isClient = true;
+          serverName = "twothreetunnel";
+        };
+      };
+    };
   };
 } // lib.optionalAttrs (!minimal) {
 
@@ -34,6 +42,8 @@
     mailserver = true;
     dns-hostrecord = true;
     postgresql = true;
+    nginx = true;
+    wireguard = true;
   };
 
   swarselprofiles = {

hosts/nixos/x86_64-linux/hintbooth/default.nix

@@ -52,7 +52,6 @@
 
   swarselmodules = {
     server = {
-      nginx = lib.mkForce false; # we get this from the server profile
       wireguard = true;
     };
   };

hosts/nixos/x86_64-linux/summers/default.nix

@@ -43,10 +43,6 @@
     server = true;
   };
 
-  swarselmodules.server = {
-    nginx = lib.mkForce false;
-  };
-
   microvm.vms =
     let
       mkMicrovm = guestName: {

hosts/nixos/x86_64-linux/winters/default.nix

@@ -72,37 +72,36 @@
 
   swarselmodules.server = {
     diskEncryption = lib.mkForce false;
-    wireguard = lib.mkDefault true;
-    nfs = lib.mkDefault true;
-    nginx = lib.mkDefault true;
-    kavita = lib.mkDefault true;
-    restic = lib.mkDefault true;
-    jellyfin = lib.mkDefault true;
-    navidrome = lib.mkDefault true;
-    spotifyd = lib.mkDefault true;
-    mpd = lib.mkDefault true;
-    postgresql = lib.mkDefault true;
-    matrix = lib.mkDefault true;
-    nextcloud = lib.mkDefault true;
-    immich = lib.mkDefault true;
-    paperless = lib.mkDefault true;
-    transmission = lib.mkDefault true;
-    syncthing = lib.mkDefault true;
-    grafana = lib.mkDefault true;
-    emacs = lib.mkDefault true;
-    freshrss = lib.mkDefault true;
-    jenkins = lib.mkDefault false;
-    kanidm = lib.mkDefault true;
-    firefly-iii = lib.mkDefault true;
-    koillection = lib.mkDefault true;
-    radicale = lib.mkDefault true;
-    atuin = lib.mkDefault true;
-    forgejo = lib.mkDefault true;
-    ankisync = lib.mkDefault true;
-    # snipeit = lib.mkDefault false;
-    homebox = lib.mkDefault true;
-    opkssh = lib.mkDefault true;
-    garage = lib.mkDefault false;
+    nginx = true; # for php stuff
+    acme = false; # cert handled by proxy
+    wireguard = true;
+
+    nfs = true;
+    kavita = true;
+    restic = true;
+    jellyfin = true;
+    navidrome = true;
+    spotifyd = true;
+    mpd = true;
+    postgresql = true;
+    matrix = true;
+    nextcloud = true;
+    immich = true;
+    paperless = true;
+    transmission = true;
+    syncthing = true;
+    grafana = true;
+    emacs = true;
+    freshrss = true;
+    kanidm = true;
+    firefly-iii = true;
+    koillection = true;
+    radicale = true;
+    atuin = true;
+    forgejo = true;
+    ankisync = true;
+    homebox = true;
+    opkssh = true;
   };
 
 }