More individualizing. Pretty cool

hosts/midas/default.nix

@@ -26,7 +26,6 @@
 
   system = {
     server.enable = true;
-    lanzaboote.enable = true;
     stateVersion = "24.11";
   };
 }

hosts/midas/services/default.nix

@@ -1,17 +1,18 @@
 { ... }:
 {
   services = {
-    fileserver.enable = true;
-    socialserver.enable = true;
-    webserver.enable = true;
-
     forgejo.enable = true;
     icecast.enable = true;
+    jellyfin.enable = true;
+    mastodon.enable = true;
+    matrix-synapse.enable = true;
+    nextcloud.enable = true;
+    nfs.server.enable = true;
     owncast.enable = true;
     transmission.enable = true;
     vaultwarden.enable = true;
+    webserver.enable = true;
     wireguard.server.enable = true;
-
     minecraft-servers = {
       enable = true;
       servers = {

modules/system/services/server/default.nix

@@ -2,15 +2,18 @@
 {
   imports = [
     ./cfdyndns
-    ./fileserver
     ./forgejo
     ./icecast
+    ./jellyfin
     ./mailserver
+    ./mastodon
+    ./matrix
     ./minecraft
     ./mysql
+    ./nextcloud
+    ./nfs
     ./nginx
     ./owncast
-    ./socialserver
     ./transmission
     ./vaultwarden
     ./wireguard

modules/system/services/server/fileserver/default.nix

@@ -1,10 +0,0 @@
-{ lib, ... }: 
-{
-  options.services.fileserver.enable = lib.mkEnableOption "Enable file serving services";
-
-  imports = [
-    ./jellyfin
-    ./nextcloud
-    ./nfs
-  ];
-}

modules/system/services/server/fileserver/jellyfin/default.nix

@@ -1,12 +0,0 @@
-{ config, lib, ... }:
-{
-  imports = [
-    ./nginx
-    ./user
-  ];
-
-  config = lib.mkIf config.services.fileserver.enable {
-    services.jellyfin.enable = true;
-    environment.persistence."/persist".directories = [ "/var/lib/jellyfin" ];
-  };
-}

modules/system/services/server/fileserver/nfs/default.nix

@@ -1,12 +0,0 @@
-{ config, lib, ... }:
-{
-  imports = [ ./user ];
-
-  config = lib.mkIf config.services.fileserver.enable {
-    services.nfs.server = {
-      enable = true;
-      exports = "/storage *(rw,sync,no_subtree_check)";
-    };
-    networking.firewall.extraInputRules = "ip saddr 10.0.0.0/8 tcp dport 2049 accept";
-  };
-}

modules/system/services/server/jellyfin/default.nix

@@ -0,0 +1,9 @@
+{ config, lib, ... }:
+{
+  imports = [
+    ./nginx
+    ./user
+  ];
+
+  environment.persistence."/persist".directories = lib.mkIf config.services.jellyfin.enable [ "/var/lib/jellyfin" ];
+}

modules/system/services/server/mastodon/default.nix

@@ -1,8 +1,7 @@
 { config, lib, pkgs, ... }:
 {
-  config = lib.mkIf config.services.socialserver.enable {
+  config = lib.mkIf config.services.mastodon.enable {
     services.mastodon = {
-      enable = true;
       localDomain = "social.nixfox.ca";
       streamingProcesses = 4;
       configureNginx = true;

modules/system/services/server/matrix/element/default.nix

@@ -0,0 +1,19 @@
+{ config, lib, ... }:
+{
+  imports = [ ./nginx ];
+
+  nixpkgs.config.element-web.conf = lib.mkIf config.services.matrix-synapse.enable {
+    default_server_config."m.homeserver" = {
+      base_url = "https://matrix.nixfox.ca";
+      server_name = "matrix.nixfox.ca";
+    };
+    branding = {
+      auth_header_logo_url = "https://www.nixfox.ca/images/copyright/profile.png";
+      #welcome_background_url = "https://www.nixfox.ca/images/backgrounds/template-background.png";
+    };
+    embedded_pages.home_url = "https://www.nixfox.ca/";
+    disable_custom_urls = true;
+    disable_guests = true;
+    default_theme = "dark";
+  };
+}

modules/system/services/server/matrix/synapse/default.nix

@@ -2,9 +2,8 @@
 {
   imports = [ ./nginx ];
 
-  config = lib.mkIf config.services.socialserver.enable {
+  config = lib.mkIf config.services.matrix-synapse.enable {
     services.matrix-synapse = {
-      enable = true;
       settings = {
         server_name = "nixfox.ca";
         public_baseurl = "https://matrix.nixfox.ca";

modules/system/services/server/nextcloud/default.nix

@@ -5,9 +5,8 @@
     ./user
   ];
 
-  config = lib.mkIf config.services.fileserver.enable {
+  config = lib.mkIf config.services.nextcloud.enable {
     services.nextcloud = {
-      enable = true;
       package = pkgs.nextcloud30;
       hostName = "files.nixfox.ca";
       https = true;

modules/system/services/server/nfs/default.nix

@@ -0,0 +1,9 @@
+{ config, lib, ... }:
+{
+  imports = [ ./user ];
+
+  config = lib.mkIf config.services.nfs.server.enable {
+    services.nfs.server.exports = "/storage *(rw,sync,no_subtree_check)";
+    networking.firewall.extraInputRules = "ip saddr 10.0.0.0/8 tcp dport 2049 accept";
+  };
+}

modules/system/services/server/nginx/default.nix

@@ -22,7 +22,5 @@
       80
       443
     ];
-
-    environment.persistence."/persist".directories = [ "/var/www" ];
   };
 }

modules/system/services/server/nginx/rtmp/default.nix

@@ -2,9 +2,9 @@
 {
   config = lib.mkIf config.services.webserver.enable {
     services.nginx = {
-      package = (pkgs.nginx.override {
+      package = pkgs.nginx.override {
         modules = with pkgs.nginxModules; [ rtmp ];
-      });
+      };
       appendConfig = ''
         rtmp {
           server {

modules/system/services/server/nginx/virtualhosts/default.nix

@@ -1,7 +1,9 @@
-{ ... }:
+{ config, lib, ... }:
 {
   imports = [
     ./files
     ./nixfox
   ];
+
+  environment.persistence."/persist".directories = lib.mkIf config.services.webserver.enable [ "/var/www" ];
 }

modules/system/services/server/socialserver/default.nix

@@ -1,9 +0,0 @@
-{ lib, ... }:
-{
-  imports = [
-    ./mastodon
-    ./matrix
-  ];
-
-  options.services.socialserver.enable = lib.mkEnableOption "Enable social media like services";
-}

modules/system/services/server/socialserver/matrix/element/default.nix

@@ -1,21 +0,0 @@
-{ config, lib, ... }:
-{
-  imports = [ ./nginx ];
-
-  config = lib.mkIf config.services.matrix-synapse.enable {
-    nixpkgs.config.element-web.conf = {
-      default_server_config."m.homeserver" = {
-        base_url = "https://matrix.nixfox.ca";
-        server_name = "matrix.nixfox.ca";
-      };
-      branding = {
-        auth_header_logo_url = "https://www.nixfox.ca/images/copyright/profile.png";
-        #welcome_background_url = "https://www.nixfox.ca/images/backgrounds/template-background.png";
-      };
-      embedded_pages.home_url = "https://www.nixfox.ca/";
-      disable_custom_urls = true;
-      disable_guests = true;
-      default_theme = "dark";
-    };
-  };
-}

modules/system/users/main/default.nix

@@ -8,9 +8,9 @@
     sysusers.main = "bun";
 
     users.users."${config.sysusers.main}" = {
-      hashedPassword = config.secrets.mainAccPass;
       isNormalUser = true;
       createHome = true;
+      hashedPassword = config.secrets.mainAccPass;
       openssh.authorizedKeys.keyFiles = [
         ../../../../hosts/tower/id_ed25519.pub
         ../../../../hosts/kitty/id_ed25519.pub