diff --git a/hosts/kitty/default.nix b/hosts/kitty/default.nix index 8b453ef..04149ce 100644 --- a/hosts/kitty/default.nix +++ b/hosts/kitty/default.nix @@ -1,25 +1,18 @@ { ... }: { imports = [ + ./disko + ./firewall ./hardware - - # Apps and programs - ../../../modules/system - ../../../modules/system/accounts - ../../../modules/system/devices/filesystems - ../../../modules/system/devices/boot/systemd - ../../../modules/system/devices/networking - ../../../modules/system/devices/networking/firewall/server - ../../../modules/system/devices/networking/wireguard/server - ../../../modules/system/programs/git - ../../../modules/system/programs/security - ../../../modules/system/services/common - ../../../modules/system/services/server - - # Misc - ../../../overlays - ../../../variables + ../../modules/system ]; - networking.hostName = "kitty"; + system.desktop.enable = false; + system.server.enable = true; + #system.lanzaboote.enable = true; + system.wireless.enable = false; + + environment.sessionVariables.NIXOS_OZONE_WL = "1"; + + networking.hostName = "tower"; } diff --git a/modules/home/wms/sway/hotkeys/default.nix b/modules/home/wms/sway/hotkeys/default.nix index e7738d8..8949749 100644 --- a/modules/home/wms/sway/hotkeys/default.nix +++ b/modules/home/wms/sway/hotkeys/default.nix @@ -217,7 +217,7 @@ "${primeMod}+shift+a" = ''focus child''; # Scratchpads - "Shift+Ctrl+Backslash" = ''[app_id="gotop"] scratchpad show, move position center resize set 1216 888''; + "Shift+Ctrl+Backslash" = ''[app_id="gotop"] scratchpad show, move position center, resize set 1216 888''; "${primeMod}+Shift+m" = ''[app_id="music"] scratchpad show, move position center, resize set 1006 657''; "${primeMod}+Shift+v" = ''[app_id="sound"] scratchpad show, move position center, resize set 1000 800''; "${primeMod}+Shift+Backslash" = ''[app_id="com.github.wwmm.easyeffects"] scratchpad show, move position center, resize set 1000 800''; diff --git a/modules/system/devices/disks/btrfs/default.nix b/modules/system/devices/disks/btrfs/default.nix new file mode 100644 index 0000000..1b87165 --- /dev/null +++ b/modules/system/devices/disks/btrfs/default.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + services.btrfs.autoScrub.enable = true; +} diff --git a/modules/system/devices/disks/default.nix b/modules/system/devices/disks/default.nix index 3576248..75fc04d 100644 --- a/modules/system/devices/disks/default.nix +++ b/modules/system/devices/disks/default.nix @@ -1,6 +1,7 @@ { ... }: { imports = [ + ./btrfs ./filesystems ./impermanence ./snapper diff --git a/modules/system/devices/disks/filesystems/default.nix b/modules/system/devices/disks/filesystems/default.nix index 08606b3..522fb9f 100644 --- a/modules/system/devices/disks/filesystems/default.nix +++ b/modules/system/devices/disks/filesystems/default.nix @@ -1,6 +1,7 @@ -{ ... }: +{ lib, ... }: { boot.supportedFilesystems = { ntfs = true; + zfs = lib.mkForce false; }; } diff --git a/modules/system/options/default.nix b/modules/system/options/default.nix index 05fe34e..46eee8a 100644 --- a/modules/system/options/default.nix +++ b/modules/system/options/default.nix @@ -5,13 +5,12 @@ with lib; { desktop.enable = mkOption { type = types.bool; default = true; - description = "Enable desktop apps and services?"; + description = "Enable desktop apps and services"; }; - server.enable = mkOption { type = types.bool; default = false; - description = "Enable server services?"; + description = "Enable server services"; }; }; }; diff --git a/modules/system/services/server/ddclient/default.nix b/modules/system/services/server/ddclient/default.nix index 40f3ce9..a77c102 100644 --- a/modules/system/services/server/ddclient/default.nix +++ b/modules/system/services/server/ddclient/default.nix @@ -1,7 +1,7 @@ { pkgs, config, ... }: { services.ddclient = { - enable = true; + enable = config.system.server.enable; protocol = "cloudflare"; use = "web, web=https://ipinfo.io/ip"; zone = "${config.domains.jim1}"; diff --git a/modules/system/services/server/fileserver/local/nfs/default.nix b/modules/system/services/server/fileserver/local/nfs/default.nix index 99eaa33..561aff0 100644 --- a/modules/system/services/server/fileserver/local/nfs/default.nix +++ b/modules/system/services/server/fileserver/local/nfs/default.nix @@ -1,7 +1,7 @@ { ... }: { services.nfs.server = { - enable = true; + enable = config.system.server.enable; exports = '' /export/JimboNFS/Files *(rw,sync,no_subtree_check) /export/JimboNFS/Media *(rw,sync,no_subtree_check) diff --git a/modules/system/services/server/fileserver/local/samba/default.nix b/modules/system/services/server/fileserver/local/samba/default.nix index 987df05..e307354 100644 --- a/modules/system/services/server/fileserver/local/samba/default.nix +++ b/modules/system/services/server/fileserver/local/samba/default.nix @@ -2,7 +2,7 @@ { services = { samba = { - enable = true; + enable = config.system.server.enable; securityType = "user"; openFirewall = true; settings = { diff --git a/modules/system/services/server/fileserver/public/nextcloud/default.nix b/modules/system/services/server/fileserver/public/nextcloud/default.nix index 33d59ab..d7af8b5 100644 --- a/modules/system/services/server/fileserver/public/nextcloud/default.nix +++ b/modules/system/services/server/fileserver/public/nextcloud/default.nix @@ -3,7 +3,7 @@ imports = [ ./nginx ]; services.nextcloud = { - enable = true; + enable = config.system.server.enable; package = pkgs.nextcloud30; hostName = "cloud.${config.domains.jim1}"; datadir = "/mnt/nextcloud"; diff --git a/modules/system/services/server/fileserver/public/nextcloud/nginx/default.nix b/modules/system/services/server/fileserver/public/nextcloud/nginx/default.nix index 9cd9c06..367a642 100644 --- a/modules/system/services/server/fileserver/public/nextcloud/nginx/default.nix +++ b/modules/system/services/server/fileserver/public/nextcloud/nginx/default.nix @@ -3,6 +3,7 @@ services.nginx.virtualHosts."cloud.${config.domains.jim1}" = { enableACME = true; addSSL = true; + onlySSL = true; locations."/" = { proxyWebsockets = true; extraConfig = '' diff --git a/modules/system/services/server/fileserver/public/photoprism/default.nix b/modules/system/services/server/fileserver/public/photoprism/default.nix index d0e217e..b176bb4 100644 --- a/modules/system/services/server/fileserver/public/photoprism/default.nix +++ b/modules/system/services/server/fileserver/public/photoprism/default.nix @@ -3,7 +3,7 @@ imports = [ ./nginx ]; services.photoprism = { - enable = true; + enable = config.system.server.enable; port = 2342; originalsPath = "/var/lib/private/photoprism/originals"; address = "0.0.0.0"; diff --git a/modules/system/services/server/forgejo/default.nix b/modules/system/services/server/forgejo/default.nix index 081e13d..e70f3dc 100644 --- a/modules/system/services/server/forgejo/default.nix +++ b/modules/system/services/server/forgejo/default.nix @@ -2,32 +2,30 @@ { imports = [ ./nginx ]; - services = { - forgejo = { - enable = true; - settings = { - server = { - DOMAIN = "git.${config.domains.jim1}"; - ROOT_URL = "https://git.${config.domains.jim1}:443"; - HTTP_PORT = 3110; - SSH_PORT = 2299; - START_SSH_SERVER = true; - }; - ui = { - DEFAULT_THEME = "forgejo-dark"; - }; - mailer = { - ENABLED = true; - SMTP_ADDR = "mx.${config.domains.jim1}"; - FROM = "Jimbo's Git "; - USER = "noreply@${config.domains.jim1}"; - PASSWD = config.secrets.noreplyPassword; - PROTOCOL = "smtps"; - }; - service = { - REGISTER_EMAIL_CONFIRM = true; - DISABLE_REGISTRATION = true; - }; + services.forgejo = { + enable = config.system.server.enable; + settings = { + server = { + DOMAIN = "git.${config.domains.jim1}"; + ROOT_URL = "https://git.${config.domains.jim1}:443"; + HTTP_PORT = 3110; + SSH_PORT = 2299; + START_SSH_SERVER = true; + }; + ui = { + DEFAULT_THEME = "forgejo-dark"; + }; + mailer = { + ENABLED = true; + SMTP_ADDR = "mx.${config.domains.jim1}"; + FROM = "Jimbo's Git "; + USER = "noreply@${config.domains.jim1}"; + PASSWD = config.secrets.noreplyPassword; + PROTOCOL = "smtps"; + }; + service = { + REGISTER_EMAIL_CONFIRM = true; + DISABLE_REGISTRATION = true; }; }; }; diff --git a/modules/system/services/server/icecast/default.nix b/modules/system/services/server/icecast/default.nix index 29c7970..475bb3b 100644 --- a/modules/system/services/server/icecast/default.nix +++ b/modules/system/services/server/icecast/default.nix @@ -6,7 +6,7 @@ ]; services.icecast = { - enable = true; + enable = config.system.server.enable; listen.port = 265; hostname = "icecast.${config.domains.jim1}"; admin = { diff --git a/modules/system/services/server/mailserver/default.nix b/modules/system/services/server/mailserver/default.nix index 0c37f91..7c3810a 100644 --- a/modules/system/services/server/mailserver/default.nix +++ b/modules/system/services/server/mailserver/default.nix @@ -1,5 +1,13 @@ { ... }: { + options.system.mailserver = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable mail host and services"; + }; + }; + imports = [ ./simplenix ./roundcube diff --git a/modules/system/services/server/mailserver/roundcube/default.nix b/modules/system/services/server/mailserver/roundcube/default.nix index e986536..90638df 100644 --- a/modules/system/services/server/mailserver/roundcube/default.nix +++ b/modules/system/services/server/mailserver/roundcube/default.nix @@ -1,7 +1,7 @@ { pkgs, config, ... }: { services.roundcube = { - enable = true; + enable = config.system.mailserver.enable; hostName = "mail.${config.domains.jim1}"; extraConfig = '' $config['smtp_server'] = "tls://mx.${config.domains.jim1}"; diff --git a/modules/system/services/server/mailserver/simplenix/default.nix b/modules/system/services/server/mailserver/simplenix/default.nix index 8aad38c..63dc29b 100644 --- a/modules/system/services/server/mailserver/simplenix/default.nix +++ b/modules/system/services/server/mailserver/simplenix/default.nix @@ -6,7 +6,7 @@ ]; mailserver = rec { - enable = true; + enable = config.system.mailserver.enable; domains = [ "${config.domains.jim1}" "${config.domains.jim2}" diff --git a/modules/system/services/server/minecraft/default.nix b/modules/system/services/server/minecraft/default.nix index 22ca690..8f8133e 100644 --- a/modules/system/services/server/minecraft/default.nix +++ b/modules/system/services/server/minecraft/default.nix @@ -13,7 +13,7 @@ nixpkgs.overlays = [ minecraft.overlay ]; services.minecraft-servers = { - enable = true; + enable = config.system.server.enable; eula = true; }; } diff --git a/modules/system/services/server/mysql/default.nix b/modules/system/services/server/mysql/default.nix index 5e999b9..1513b2b 100644 --- a/modules/system/services/server/mysql/default.nix +++ b/modules/system/services/server/mysql/default.nix @@ -1,7 +1,7 @@ { pkgs, ... }: { services.mysql = { - enable = true; + enable = config.system.server.enable; package = pkgs.mariadb; dataDir = "/var/lib/mysql"; ensureDatabases = [ diff --git a/modules/system/services/server/nginx/default.nix b/modules/system/services/server/nginx/default.nix index 9df722e..8818a10 100644 --- a/modules/system/services/server/nginx/default.nix +++ b/modules/system/services/server/nginx/default.nix @@ -6,7 +6,7 @@ ]; services.nginx = { - enable = true; + enable = config.system.server.enable; recommendedTlsSettings = true; recommendedOptimisation = true; recommendedGzipSettings = true;