feat: jenkins + darwin (and linting)

2025-12-06 09:07:21 +01:00 · 2024-10-22 18:10:34 +02:00 · 2024-10-22 18:10:34 +02:00 · 6338497d5f
commit 6338497d5f
parent d2c8805e5b
42 changed files with 841 additions and 602 deletions
--- a/profiles/server/common/default.nix
+++ b/profiles/server/common/default.nix
@ -26,6 +26,7 @@
    ./syncthing.nix
    ./restic.nix
    ./monitoring.nix
+    ./jenkins.nix
  ];

  nix =
--- a/profiles/server/common/immich.nix
+++ b/profiles/server/common/immich.nix
@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ lib, config, ... }:
 {
  config = lib.mkIf config.swarselsystems.server.immich {

--- a/profiles/server/common/jenkins.nix
+++ b/profiles/server/common/jenkins.nix
@ -0,0 +1,35 @@
+{ pkgs, lib, config, ... }:
+{
+  config = lib.mkIf config.swarselsystems.server.jenkins {
+
+    services.jenkins = {
+      enable = true;
+      withCLI = true;
+      port = 8088;
+      packages = [ pkgs.stdenv pkgs.git pkgs.jdk17 config.programs.ssh.package pkgs.nix ];
+      listenAddress = "127.0.0.1";
+      home = "/Vault/apps/jenkins";
+    };
+
+
+
+    services.nginx = {
+      virtualHosts = {
+        "servant.swarsel.win" = {
+          enableACME = true;
+          forceSSL = true;
+          acmeRoot = null;
+          locations = {
+            "/" = {
+              proxyPass = "http://localhost:8088";
+              extraConfig = ''
+                client_max_body_size 0;
+              '';
+            };
+          };
+        };
+      };
+    };
+  };
+
+}
--- a/profiles/server/common/matrix.nix
+++ b/profiles/server/common/matrix.nix
@ -1,4 +1,4 @@
-{ config, lib, pkgs, modulesPath, sops, ... }:
+{ config, lib, pkgs, sops, ... }:
 let
  matrixDomain = "swatrix.swarsel.win";
  baseUrl = "https://${matrixDomain}";
--- a/profiles/server/common/monitoring.nix
+++ b/profiles/server/common/monitoring.nix
@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ lib, config, ... }:
 {
  config = lib.mkIf config.swarselsystems.server.monitoring {

--- a/profiles/server/common/nfs.nix
+++ b/profiles/server/common/nfs.nix
@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ pkgs, ... }:
 {
  services = {
    # add a user with sudo smbpasswd -a <user>
--- a/profiles/server/common/paperless.nix
+++ b/profiles/server/common/paperless.nix
@ -1,6 +1,6 @@
-{ pkgs, lib, config, ... }:
+{ lib, config, ... }:
 {
-  config = lib.mkIf config.swarselsystems.server.immich {
+  config = lib.mkIf config.swarselsystems.server.paperless {

    users.users.paperless = {
      extraGroups = [ "users" ];
--- a/profiles/server/common/restic.nix
+++ b/profiles/server/common/restic.nix
@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ lib, config, ... }:
 {
  config = lib.mkIf config.swarselsystems.server.restic {

--- a/profiles/server/common/sfs.nix
+++ b/profiles/server/common/sfs.nix
@ -1,53 +0,0 @@
-{ pkgs, lib, config, ... }:
-{
-
-  # Network shares
-  # add a user with sudo smbpasswd -a <user>
-  samba = {
-    package = pkgs.samba4Full;
-    extraConfig = ''
-      workgroup = WORKGROUP
-      server role = standalone server
-      dns proxy = no
-
-      pam password change = yes
-      map to guest = bad user
-      create mask = 0664
-      force create mode = 0664
-      directory mask = 0775
-      force directory mode = 0775
-      follow symlinks = yes
-    '';
-
-    # ^^ `samba4Full` is compiled with avahi, ldap, AD etc support compared to the default package, `samba`
-    # Required for samba to register mDNS records for auto discovery
-    # See https://github.com/NixOS/nixpkgs/blob/592047fc9e4f7b74a4dc85d1b9f5243dfe4899e3/pkgs/top-level/all-packages.nix#L27268
-    enable = true;
-    # openFirewall = true;
-    shares.Eternor = {
-      browseable = "yes";
-      "read only" = "no";
-      "guest ok" = "no";
-      path = "/Vault/Eternor";
-      writable = "true";
-      comment = "Eternor";
-      "valid users" = "@Swarsel";
-    };
-  };
-
-
-  avahi = {
-    publish.enable = true;
-    publish.userServices = true;
-    # ^^ Needed to allow samba to automatically register mDNS records without the need for an `extraServiceFile`
-    nssmdns4 = true;
-    # ^^ Not one hundred percent sure if this is needed- if it aint broke, don't fix it
-    enable = true;
-  };
-
-  samba-wsdd = {
-    # This enables autodiscovery on windows since SMB1 (and thus netbios) support was discontinued
-    enable = true;
-  };
-};
-}
--- a/profiles/server/common/sops.nix
+++ b/profiles/server/common/sops.nix
@ -1,4 +1,4 @@
-{ pkgs, config, ... }:
+{ config, ... }:
 {
  sops = {
    age.sshKeyPaths = [ "/etc/ssh/sops" ];
--- a/profiles/server/common/spotifyd.nix
+++ b/profiles/server/common/spotifyd.nix
@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ lib, config, ... }:
 {
  config = lib.mkIf config.swarselsystems.server.spotifyd {
    users.groups.spotifyd = {
--- a/profiles/server/common/syncthing.nix
+++ b/profiles/server/common/syncthing.nix
@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ lib, config, ... }:
 {
  config = lib.mkIf config.swarselsystems.server.syncthing {

--- a/profiles/server/common/zfs.nix
+++ b/profiles/server/common/zfs.nix
@ -1,2 +0,0 @@
-{ pkgs, lib, config, ... }:
-{ }