Lots of user changes and also Spacebar

2025-03-14 18:23:32 -04:00 · 2025-03-14 18:23:32 -04:00 · 36c3f778c8
commit 36c3f778c8
parent b5ec4cbf68
19 changed files with 69 additions and 43 deletions
--- a/hosts/midas/firewall/default.nix
+++ b/hosts/midas/firewall/default.nix
@ -13,7 +13,6 @@
        chain PREROUTING {
          type nat hook prerouting priority dstnat; policy accept;
          tcp dport 2211 dnat to ${config.ips.pc}:22 comment "SSH to PC"
          tcp dport 2222 dnat to 10.100.0.19:22 comment "SSH to Oracle VM"
          udp dport { 27005, 27015, 7777 } dnat to ${config.ips.pc} comment "PC Hosted Games"
@ -28,7 +27,7 @@
        chain POSTROUTING {
          type nat hook postrouting priority 100; policy accept;
-          oifname "eno1" masquerade
+          oifname "enp0s31f6" masquerade
        }
      '';
    };
--- a/modules/system/accounts/default.nix
+++ b/modules/system/accounts/default.nix
@ -1,4 +1,5 @@
-{ ... }: {
+{ ... }:
 {
  imports = [
    ./users
    ./groups
--- a/modules/system/accounts/users/custom/default.nix
+++ b/modules/system/accounts/users/custom/default.nix
@ -1,7 +0,0 @@
 { home-manager, ... }:
 {
  imports = [
    ./main
    home-manager.nixosModules.home-manager
  ];
 }
--- a/modules/system/accounts/users/default.nix
+++ b/modules/system/accounts/users/default.nix
@ -1,9 +1,7 @@
-{ ... }:
+{ home-manager, ... }:
 {
  imports = [
-    ./custom
+    ./main
-    ./system
+    home-manager.nixosModules.home-manager
  ];
  users.mutableUsers = false;
 }
--- a/modules/system/accounts/users/custom/main/default.nix
+++ b/modules/system/accounts/users/custom/main/default.nix
@ -12,14 +12,14 @@
      isNormalUser = true;
      createHome = true;
      openssh.authorizedKeys.keyFiles = [
-        ../../../../../../hosts/tower/id_ed25519.pub
+        ../../../../../hosts/tower/id_ed25519.pub
-        ../../../../../../hosts/envy/id_ed25519.pub
+        ../../../../../hosts/envy/id_ed25519.pub
-        ../../../../../../hosts/pear/id_ed25519.pub
+        ../../../../../hosts/pear/id_ed25519.pub
-        ../../../../../../hosts/redmond/id_ed25519.pub
+        ../../../../../hosts/redmond/id_ed25519.pub
-        ../../../../../../hosts/midas/id_ed25519.pub
+        ../../../../../hosts/midas/id_ed25519.pub
-        ../../../../../../hosts/prophet/id_ed25519.pub
+        ../../../../../hosts/prophet/id_ed25519.pub
      ];
      openssh.authorizedKeys.keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9"
@ -43,6 +43,6 @@
      shell = pkgs.zsh;
    };
-    home-manager.users."${config.sysusers.main}" = import ../../../../../home;
+    home-manager.users."${config.sysusers.main}" = import ../../../../home;
  };
 }
--- a/modules/system/accounts/users/system/default.nix
+++ b/modules/system/accounts/users/system/default.nix
@ -1,9 +0,0 @@
 { ... }:
 {
  imports = [
    ./jellyfin
    ./liquidsoap
    ./nextcloud
    ./nginx
  ];
 }
--- a/modules/system/secrets/default.nix
+++ b/modules/system/secrets/default.nix
--- a/modules/system/services/server/fileserver/jellyfin/default.nix
+++ b/modules/system/services/server/fileserver/jellyfin/default.nix
@ -1,6 +1,9 @@
 { config, lib, ... }:
 {
-  imports = [ ./nginx ];
+  imports = [
    ./nginx
    ./user
  ];
  config = lib.mkIf config.system.fileserver.enable {
    services.jellyfin.enable = true;
--- a/modules/system/services/server/fileserver/jellyfin/nginx/default.nix
+++ b/modules/system/services/server/fileserver/jellyfin/nginx/default.nix
@ -1,6 +1,6 @@
 { config, lib, ... }:
 {
-  services.nginx.virtualHosts."jelly.nixfox.ca" = lib.mkIf config.services.forgejo.enable {
+  services.nginx.virtualHosts."jelly.nixfox.ca" = lib.mkIf config.services.jellyfin.enable {
    enableACME = true;
    forceSSL = true;
    locations."/" = {
--- a/modules/system/services/server/fileserver/jellyfin/user/default.nix
+++ b/modules/system/services/server/fileserver/jellyfin/user/default.nix
@ -1,6 +1,6 @@
-{ ... }:
+{ config, lib, ... }:
 {
-  users = {
+  users = lib.mkIf config.services.jellyfin.enable {
    users.jellyfin = {
      group = "jellyfin";
      extraGroups = [ "nfsShare" ];
--- a/modules/system/services/server/fileserver/nextcloud/default.nix
+++ b/modules/system/services/server/fileserver/nextcloud/default.nix
@ -1,6 +1,9 @@
 { config, lib, pkgs, ... }:
 {
-  imports = [ ./nginx ];
+  imports = [
    ./nginx
    ./user
  ];
  config = lib.mkIf config.system.fileserver.enable {
    services.nextcloud = {
--- a/modules/system/services/server/fileserver/nextcloud/user/default.nix
+++ b/modules/system/services/server/fileserver/nextcloud/user/default.nix
@ -1,6 +1,6 @@
-{ ... }:
+{ config, lib, ... }:
 {
-  users = {
+  users = lib.mkIf config.services.nextcloud.enable {
    users.nextcloud = {
      group = "nextcloud";
      extraGroups = [ "nfsShare" ];
--- a/modules/system/services/server/icecast/liquidsoap/default.nix
+++ b/modules/system/services/server/icecast/liquidsoap/default.nix
@ -3,5 +3,6 @@
  imports = [
    ./nixbops
    ./nixscrap
    ./user
  ];
 }
--- a/modules/system/services/server/icecast/liquidsoap/user/default.nix
+++ b/modules/system/services/server/icecast/liquidsoap/user/default.nix
@ -1,6 +1,6 @@
-{ ... }:
+{ config, lib, ... }:
 {
-  users = {
+  users = lib.mkIf config.services.icecast.enable {
    users.liquidsoap = {
      group = "liquidsoap";
      extraGroups = [ "nginx" ];
--- a/modules/system/services/server/socialserver/default.nix
+++ b/modules/system/services/server/socialserver/default.nix
@ -3,7 +3,7 @@
  imports = [
    ./mastodon
    ./owncast
-    #./spacebar
+    ./spacebar
  ];
  options.system.socialserver.enable = lib.mkEnableOption "Enable social media like services";
--- a/modules/system/services/server/socialserver/spacebar/default.nix
+++ b/modules/system/services/server/socialserver/spacebar/default.nix
@ -0,0 +1,25 @@
 { config, lib, pkgs, spacebar, ... }:
 {
  imports = [
    #./nginx
    ./user
  ];
  config = lib.mkIf config.system.socialserver.enable {
    systemd.services.spacebar-server = {
      enable = true;
      description = "Spacebar Chat Server";
      documentation = [ "https://docs.spacebar.chat/" ];
      path = [ spacebar.packages.${pkgs.system}.default ];
      wantedBy = [ "multi-user.target" ];
      after = [ "network.target" ];
      serviceConfig = {
        WorkingDirectory = "/var/lib/spacebar";
        ExecStart = "start-bundle";
        Restart = "always";
        User = "spacebar";
      };
    };
    environment.persistence."/persist".directories = [ config.systemd.services.spacebar-server.serviceConfig.WorkingDirectory ];
  };
 }
--- a/modules/system/services/server/socialserver/spacebar/user/default.nix
+++ b/modules/system/services/server/socialserver/spacebar/user/default.nix
@ -0,0 +1,11 @@
 { config, lib, ... }:
 {
  users = lib.mkIf config.system.socialserver.enable {
    users.spacebar = {
      group = "spacebar";
      isSystemUser = true;
      uid = 138;
    };
    groups.spacebar = {};
  };
 }
--- a/modules/system/services/server/webserver/nginx/default.nix
+++ b/modules/system/services/server/webserver/nginx/default.nix
@ -2,6 +2,7 @@
 {
  imports = [
    ./rtmp
    ./user
    ./virtualhosts
  ];
--- a/modules/system/services/server/webserver/nginx/user/default.nix
+++ b/modules/system/services/server/webserver/nginx/user/default.nix
@ -1,6 +1,6 @@
-{ ... }:
+{ config, lib, ... }:
 {
-  users = {
+  users = lib.mkIf config.services.nginx.enable {
    users.nginx = {
      group = "nginx";
      extraGroups = [