dot013/nix
1
0
Fork 0
Code Issues Pull Requests Activity
Files
810f3bce5b513813b727fee27e8c01fcfb3279db
nix/modules/nih/default.nix
Gustavo "Guz" L. de Mello 1e857fb8f4 feat: nih host type
2024-04-05 18:01:07 -03:00

100 lines
2.3 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
let
cfg = config.nih;
applyAttrNames = builtins.mapAttrs (name: f: f name);
in
{
imports = [
./sound.nix
./users.nix
./networking
./services
];
options.nih = with lib; with lib.types; {
domain = mkOption {
type = str;
default = "${cfg.name}.local";
};
enable = mkEnableOption "";
flakeDir = mkOption {
type = either str path;
};
handleDomains = mkOption {
type = bool;
default = true;
};
ip = mkOption {
type = str;
};
localIp = mkOption {
type = str;
default = cfg.ip;
};
name = mkOption {
type = str;
default = "nih";
};
type = mkOption {
type = enum [ "laptop" "desktop" "server" ];
default = "desktop";
};
};
config = with lib; mkIf cfg.enable {
boot = {
loader.systemd-boot.enable = mkDefault true;
loader.efi.canTouchEfiVariables = mkDefault true;
};
systemd.services."nih-setup" = with builtins; {
script = ''
echo ${builtins.toJSON cfg.users}
'';
wantedBy = [ "multi-user.target" ];
after = [ "forgejo.service" ];
serviceConfig = {
Type = "oneshot";
};
};
# Handle domains configuration
networking.firewall.allowedTCPPorts = mkIf cfg.handleDomains [ 80 433 ];
services.openssh.enable = mkDefault (if cfg.type == "server" then true else false);
systemd.services."tailscaled" = mkIf cfg.handleDomains {
serviceConfig = {
Environment = [ "TS_PERMIT_CERT_UID=caddy" ];
};
};
nih.services = mkIf cfg.handleDomains {
adguard = {
enable = true;
settings.dns.rewrites = (if hasPrefix "*." cfg.domain then {
"${cfg.domain}" = cfg.ip;
} else {
"${cfg.domain}" = cfg.ip;
"${"*." + cfg.domain}" = cfg.ip;
});
};
caddy =
let
nihServices = (filterAttrs (n: v: builtins.isAttrs v && v?domain) cfg.services);
in
mkIf cfg.handleDomains {
enable = true;
virtualHosts = mapAttrs'
(name: value: nameValuePair (value.domain) ({
extraConfig = ''
reverse_proxy ${cfg.localIp}:${toString value.port}
'';
}))
nihServices;
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink