diff --git a/.gitattributes b/.gitattributes index 84f7963..fd5e710 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1 +1 @@ -modules/system/secrets/** filter=git-crypt diff=git-crypt +modules/system/variables/secrets/** filter=git-crypt diff=git-crypt diff --git a/hosts/kitty/boot/default.nix b/hosts/kitty/boot/default.nix index 4b3a880..9c9d43a 100644 --- a/hosts/kitty/boot/default.nix +++ b/hosts/kitty/boot/default.nix @@ -1,10 +1,10 @@ -{ config, lib, pkgs, ... }: +{ pkgs, ... }: { boot = { kernelPackages = pkgs.linuxPackages_5_10; swraid = { enable = true; - mdadmConf = "MAILADDR contact@${config.domains.p2}"; + mdadmConf = "MAILADDR contact@nixfox.ca"; }; }; } diff --git a/modules/home/default.nix b/modules/home/default.nix index 9caad19..de8a69d 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -5,8 +5,9 @@ ./programs ./services ./settings - ./wms ./user + ./variables + ./wms ../variables # Imports diff --git a/modules/home/programs/terminal/git/default.nix b/modules/home/programs/terminal/git/default.nix index b431e41..5ec022a 100644 --- a/modules/home/programs/terminal/git/default.nix +++ b/modules/home/programs/terminal/git/default.nix @@ -1,9 +1,9 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { programs.git = { enable = true; userName = "Jimbo"; - userEmail = "jimbo@${config.domains.p2}"; + userEmail = "jimbo@nixfox.ca"; }; programs.lazygit.enable = true; diff --git a/modules/home/programs/terminal/ranger/default.nix b/modules/home/programs/terminal/ranger/default.nix index b0554ee..b1d4b85 100644 --- a/modules/home/programs/terminal/ranger/default.nix +++ b/modules/home/programs/terminal/ranger/default.nix @@ -98,20 +98,20 @@ file = { ".local/share/ranger/bookmarks".text = '' # Local files - h:/home/${config.sysusers.main}/ - k:/home/${config.sysusers.main}/Keepers - j:/home/${config.sysusers.main}/Downloads - v:/home/${config.sysusers.main}/Videos - c:/home/${config.sysusers.main}/.config - l:/home/${config.sysusers.main}/.local + h:/home/${config.home.username}/ + k:/home/${config.home.username}/Keepers + j:/home/${config.home.username}/Downloads + v:/home/${config.home.username}/Videos + c:/home/${config.home.username}/.config + l:/home/${config.home.username}/.local d:/mnt n:/etc/nixos # Remote files - J:/home/${config.sysusers.main}/KittyNFS - K:/home/${config.sysusers.main}/KittyNFS/Files - V:/home/${config.sysusers.main}/KittyNFS/Media - M:/home/${config.sysusers.main}/KittyNFS/Music + J:/home/${config.home.username}/KittyNFS + K:/home/${config.home.username}/KittyNFS/Files + V:/home/${config.home.username}/KittyNFS/Media + M:/home/${config.home.username}/KittyNFS/Music ''; }; packages = with pkgs; [ diff --git a/modules/home/services/mpd/default.nix b/modules/home/services/mpd/default.nix index 098b8a1..267189a 100644 --- a/modules/home/services/mpd/default.nix +++ b/modules/home/services/mpd/default.nix @@ -3,8 +3,8 @@ services.mpd = { enable = config.home.desktop.enable; network.startWhenNeeded = true; - musicDirectory = "/home/${config.sysusers.main}/KittyNFS/Music/JimBops"; - playlistDirectory = "/home/${config.sysusers.main}/KittyNFS/Music/JimBops/Playlists"; + musicDirectory = "/home/${config.home.username}/KittyNFS/Music/JimBops"; + playlistDirectory = "/home/${config.home.username}/KittyNFS/Music/JimBops/Playlists"; extraConfig = '' audio_output { type "pipewire" diff --git a/modules/home/user/default.nix b/modules/home/user/default.nix index f98e179..eb7d6d0 100644 --- a/modules/home/user/default.nix +++ b/modules/home/user/default.nix @@ -2,7 +2,7 @@ { home = { username = "${config.sysusers.main}"; - homeDirectory = "/home/${config.sysusers.main}"; + homeDirectory = "/home/${config.home.username}"; sessionVariables = { EDITOR = "nvim"; MANPAGER = "nvim +Man!"; diff --git a/modules/home/variables/default.nix b/modules/home/variables/default.nix new file mode 100644 index 0000000..2a4872a --- /dev/null +++ b/modules/home/variables/default.nix @@ -0,0 +1,8 @@ +{ ... }: +{ + imports = [ + ./displays + ./look + ./workspaces + ]; +} diff --git a/modules/variables/displays/default.nix b/modules/home/variables/displays/default.nix similarity index 100% rename from modules/variables/displays/default.nix rename to modules/home/variables/displays/default.nix diff --git a/modules/variables/look/border/default.nix b/modules/home/variables/look/border/default.nix similarity index 100% rename from modules/variables/look/border/default.nix rename to modules/home/variables/look/border/default.nix diff --git a/modules/variables/look/colors/default.nix b/modules/home/variables/look/colors/default.nix similarity index 100% rename from modules/variables/look/colors/default.nix rename to modules/home/variables/look/colors/default.nix diff --git a/modules/variables/look/default.nix b/modules/home/variables/look/default.nix similarity index 100% rename from modules/variables/look/default.nix rename to modules/home/variables/look/default.nix diff --git a/modules/variables/look/fonts/default.nix b/modules/home/variables/look/fonts/default.nix similarity index 100% rename from modules/variables/look/fonts/default.nix rename to modules/home/variables/look/fonts/default.nix diff --git a/modules/variables/workspaces/default.nix b/modules/home/variables/workspaces/default.nix similarity index 100% rename from modules/variables/workspaces/default.nix rename to modules/home/variables/workspaces/default.nix diff --git a/modules/system/default.nix b/modules/system/default.nix index 093519d..331b92e 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -4,9 +4,9 @@ ./accounts ./devices ./programs - ./secrets ./services ./settings + ./variables ../variables ]; diff --git a/modules/system/devices/networking/wireguard/client/default.nix b/modules/system/devices/networking/wireguard/client/default.nix index 965dbc0..34a2a40 100644 --- a/modules/system/devices/networking/wireguard/client/default.nix +++ b/modules/system/devices/networking/wireguard/client/default.nix @@ -11,7 +11,7 @@ { # Kitty server publicKey = "qnOT/lXOJMaQgDUdXpyfGZB2IEyUouRje2m/bCe9ux8="; allowedIPs = [ "10.100.0.0/24" ]; - endpoint = "sv.${config.domains.p2}:51820"; + endpoint = "sv.nixfox.ca:51820"; persistentKeepalive = 25; } ]; diff --git a/modules/system/secrets/default.nix b/modules/system/secrets/default.nix deleted file mode 100644 index 195782c..0000000 Binary files a/modules/system/secrets/default.nix and /dev/null differ diff --git a/modules/system/services/server/ddclient/default.nix b/modules/system/services/server/ddclient/default.nix index 1d9c0a4..ddc762c 100644 --- a/modules/system/services/server/ddclient/default.nix +++ b/modules/system/services/server/ddclient/default.nix @@ -4,7 +4,7 @@ services.ddclient = { enable = true; protocol = "cloudflare"; - zone = "${config.domains.p2}"; + zone = "nixfox.ca"; usev6 = ""; username = "token"; passwordFile = "${pkgs.writeText "cloudflareapikey" config.secrets.flareApiKey}"; diff --git a/modules/system/services/server/fileserver/jellyfin/nginx/default.nix b/modules/system/services/server/fileserver/jellyfin/nginx/default.nix index f79eeb1..bc9db65 100644 --- a/modules/system/services/server/fileserver/jellyfin/nginx/default.nix +++ b/modules/system/services/server/fileserver/jellyfin/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."jelly.${config.domains.p2}" = lib.mkIf config.services.forgejo.enable { + services.nginx.virtualHosts."jelly.nixfox.ca" = lib.mkIf config.services.forgejo.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/fileserver/nextcloud/default.nix b/modules/system/services/server/fileserver/nextcloud/default.nix index f445fd1..220e275 100644 --- a/modules/system/services/server/fileserver/nextcloud/default.nix +++ b/modules/system/services/server/fileserver/nextcloud/default.nix @@ -9,7 +9,7 @@ services.nextcloud = { enable = true; package = pkgs.nextcloud30; - hostName = "cloud.${config.domains.p2}"; + hostName = "cloud.nixfox.ca"; https = true; config = { adminuser = config.sysusers.main; @@ -17,13 +17,13 @@ }; settings = { trusted_proxies = [ "127.0.0.1" ]; - trusted_domains = [ "cloud.${config.domains.p2}" ]; + trusted_domains = [ "cloud.nixfox.ca" ]; overwriteprotocol = "https"; - mail_smtphost = "mx.${config.domains.p2}"; - mail_domain = "${config.domains.p2}"; + mail_smtphost = "mx.nixfox.ca"; + mail_domain = "nixfox.ca"; mail_from_address = "noreply"; mail_smtpauth = "true"; - mail_smtpname = "noreply@${config.domains.p2}"; + mail_smtpname = "noreply@nixfox.ca"; mail_smtppassword = config.secrets.noreplyPassword; mail_smtpmode = "smtp"; mail_smtpport = 587; diff --git a/modules/system/services/server/fileserver/nextcloud/nginx/default.nix b/modules/system/services/server/fileserver/nextcloud/nginx/default.nix index f638cdd..88712d4 100644 --- a/modules/system/services/server/fileserver/nextcloud/nginx/default.nix +++ b/modules/system/services/server/fileserver/nextcloud/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."cloud.${config.domains.p2}" = lib.mkIf config.services.nextcloud.enable { + services.nginx.virtualHosts."cloud.nixfox.ca" = lib.mkIf config.services.nextcloud.enable { enableACME = true; addSSL = true; locations."/" = { diff --git a/modules/system/services/server/forgejo/default.nix b/modules/system/services/server/forgejo/default.nix index b897e31..e7fea67 100644 --- a/modules/system/services/server/forgejo/default.nix +++ b/modules/system/services/server/forgejo/default.nix @@ -8,17 +8,17 @@ package = pkgs.forgejo; settings = { server = { - DOMAIN = "git.${config.domains.p2}"; - ROOT_URL = "https://git.${config.domains.p2}:443"; + DOMAIN = "git.nixfox.ca"; + ROOT_URL = "https://git.nixfox.ca:443"; HTTP_PORT = 3110; SSH_PORT = 2299; START_SSH_SERVER = true; }; mailer = { ENABLED = true; - SMTP_ADDR = "mx.${config.domains.p2}"; - FROM = "NixFox Git "; - USER = "noreply@${config.domains.p2}"; + SMTP_ADDR = "mx.nixfox.ca"; + FROM = "NixFox Git "; + USER = "noreply@nixfox.ca"; PASSWD = config.secrets.noreplyPassword; PROTOCOL = "smtps"; }; @@ -32,7 +32,7 @@ networking.firewall.allowedTCPPorts = [ 2299 ]; - services.ddclient.domains = [ "git.${config.domains.p2}" ]; + services.ddclient.domains = [ "git.nixfox.ca" ]; environment.persistence."/persist".directories = [ "/var/lib/forgejo" ]; }; diff --git a/modules/system/services/server/forgejo/nginx/default.nix b/modules/system/services/server/forgejo/nginx/default.nix index e183246..5428884 100644 --- a/modules/system/services/server/forgejo/nginx/default.nix +++ b/modules/system/services/server/forgejo/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."git.${config.domains.p2}" = lib.mkIf config.services.forgejo.enable { + services.nginx.virtualHosts."git.nixfox.ca" = lib.mkIf config.services.forgejo.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/icecast/default.nix b/modules/system/services/server/icecast/default.nix index 171b5b6..8f9beb4 100644 --- a/modules/system/services/server/icecast/default.nix +++ b/modules/system/services/server/icecast/default.nix @@ -8,7 +8,7 @@ services.icecast = { enable = config.system.server.enable; listen.port = 73; - hostname = "radio.${config.domains.p2}"; + hostname = "radio.nixfox.ca"; admin = { user = "${config.sysusers.main}"; password = "${config.secrets.castAdminPass}"; @@ -19,7 +19,7 @@ Canada - contact@${config.domains.p2} + contact@nixfox.ca ''; }; } diff --git a/modules/system/services/server/icecast/nginx/default.nix b/modules/system/services/server/icecast/nginx/default.nix index e78186b..6573d11 100644 --- a/modules/system/services/server/icecast/nginx/default.nix +++ b/modules/system/services/server/icecast/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."radio.${config.domains.p2}" = lib.mkIf config.services.icecast.enable { + services.nginx.virtualHosts."radio.nixfox.ca" = lib.mkIf config.services.icecast.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/mailserver/roundcube/default.nix b/modules/system/services/server/mailserver/roundcube/default.nix index 2a44390..a738cbe 100644 --- a/modules/system/services/server/mailserver/roundcube/default.nix +++ b/modules/system/services/server/mailserver/roundcube/default.nix @@ -2,9 +2,9 @@ { services.roundcube = { enable = config.system.mailserver.enable; - hostName = "mail.${config.domains.p2}"; + hostName = "mail.nixfox.ca"; extraConfig = '' - $config['smtp_server'] = "tls://mx.${config.domains.p2}"; + $config['smtp_server'] = "tls://mx.nixfox.ca"; $config['smtp_user'] = "%u"; $config['smtp_pass'] = "%p"; ''; diff --git a/modules/system/services/server/mailserver/simplenix/default.nix b/modules/system/services/server/mailserver/simplenix/default.nix index 110546f..de67fd6 100644 --- a/modules/system/services/server/mailserver/simplenix/default.nix +++ b/modules/system/services/server/mailserver/simplenix/default.nix @@ -8,46 +8,46 @@ mailserver = rec { enable = config.system.mailserver.enable; domains = [ - "${config.domains.p2}" - "${config.domains.blox}" - "${config.domains.luna}" - "${config.domains.corn}" + "nixfox.ca" + "bloxelcom.net" + "freecorn1854.win" + "lunamoonlight.xyz" ]; - fqdn = "mx.${config.domains.p2}"; + fqdn = "mx.nixfox.ca"; certificateScheme = "acme-nginx"; localDnsResolver = false; redis.port = 1515; # Passwords made with 'mkpasswd -sm bcrypt' loginAccounts = { - "noreply@${config.domains.p2}" = { + "noreply@nixfox.ca" = { hashedPasswordFile = pkgs.writeText "noreply" config.secrets.noreplyMailHash; sendOnly = true; }; - "jimbo@${config.domains.p2}" = { + "jimbo@nixfox.ca" = { hashedPasswordFile = pkgs.writeText "jimbo" config.secrets.jimboMailHash; aliases = [ - "james@${config.domains.p2}" - "jimbo@${config.domains.blox}" + "james@nixfox.ca" + "jimbo@bloxelcom.net" - "vice@${config.domains.p2}" - "vice@${config.domains.blox}" - "yara@${config.domains.p2}" + "vice@nixfox.ca" + "vice@bloxelcom.net" + "yara@nixfox.ca" - "contact@${config.domains.p2}" + "contact@nixfox.ca" ]; }; - "luna@${config.domains.luna}" = { + "luna@lunamoonlight.xyz" = { hashedPasswordFile = pkgs.writeText "luna" config.secrets.lunaMailHash; aliases = [ - "luna@${config.domains.blox}" - "contact@${config.domains.blox}" - "ibu@${config.domains.blox}" + "luna@bloxelcom.net" + "contact@bloxelcom.net" + "ibu@bloxelcom.net" ]; }; - "contact@${config.domains.corn}" = { + "contact@freecorn1854.win" = { hashedPasswordFile = pkgs.writeText "corn" config.secrets.cornMailHash; - aliases = [ "freecorn@${config.domains.blox}" ]; + aliases = [ "freecorn@bloxelcom.net" ]; }; }; }; diff --git a/modules/system/services/server/mailserver/simplenix/nginx/default.nix b/modules/system/services/server/mailserver/simplenix/nginx/default.nix index 631b65b..848fb26 100644 --- a/modules/system/services/server/mailserver/simplenix/nginx/default.nix +++ b/modules/system/services/server/mailserver/simplenix/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."mx.${config.domains.p2}" = lib.mkIf config.mailserver.enable { + services.nginx.virtualHosts."mx.nixfox.ca" = lib.mkIf config.mailserver.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/minecraft/servers/blockworld/default.nix b/modules/system/services/server/minecraft/servers/blockworld/default.nix index ca896f4..99cae85 100644 --- a/modules/system/services/server/minecraft/servers/blockworld/default.nix +++ b/modules/system/services/server/minecraft/servers/blockworld/default.nix @@ -16,6 +16,6 @@ in { symlinks = common.paperSymlinks; files = common.configFiles; }; - ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.blockworld.enable [ "bloxel.${config.domains.p2}" ]; + ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.blockworld.enable [ "bloxel.nixfox.ca" ]; }; } diff --git a/modules/system/services/server/minecraft/servers/dewdemolisher/default.nix b/modules/system/services/server/minecraft/servers/dewdemolisher/default.nix index 76e92e6..7a2254e 100644 --- a/modules/system/services/server/minecraft/servers/dewdemolisher/default.nix +++ b/modules/system/services/server/minecraft/servers/dewdemolisher/default.nix @@ -15,6 +15,6 @@ in { symlinks = common.paperSymlinks; files = common.configFiles; }; - ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.dewdemolisher.enable [ "dew.${config.domains.p2}" ]; + ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.dewdemolisher.enable [ "dew.nixfox.ca" ]; }; } diff --git a/modules/system/services/server/minecraft/servers/johnside/default.nix b/modules/system/services/server/minecraft/servers/johnside/default.nix index 1741585..b12082f 100644 --- a/modules/system/services/server/minecraft/servers/johnside/default.nix +++ b/modules/system/services/server/minecraft/servers/johnside/default.nix @@ -28,6 +28,6 @@ in { }; files = common.configFiles; }; - ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.johnside.enable [ "john.${config.domains.p2}" ]; + ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.johnside.enable [ "john.nixfox.ca" ]; }; } diff --git a/modules/system/services/server/minecraft/servers/roguecraft/default.nix b/modules/system/services/server/minecraft/servers/roguecraft/default.nix index 4ae5ec6..c577054 100644 --- a/modules/system/services/server/minecraft/servers/roguecraft/default.nix +++ b/modules/system/services/server/minecraft/servers/roguecraft/default.nix @@ -11,22 +11,22 @@ in { server-port = 30014; motd = "\\u00A7l\\u00A7bNixFox \\u00A7cRoguecraft \\u00A7bserver."; require-resource-pack = true; - resource-pack = "https://${config.domains.p2}/roguecraftresourcepackredir"; + resource-pack = "https://nixfox.ca/roguecraftresourcepackredir"; resource-pack-sha1 = "b540c0562aba90c3ead2356bb9cb74fcf0db36b3"; }; whitelist = common.whitelist; symlinks = common.paperSymlinks; files = common.configFiles // { "world/datapacks/roguecraft.zip" = builtins.fetchurl { - url = "https://${config.domains.p2}/roguecraftdatapackredir"; + url = "https://nixfox.ca/roguecraftdatapackredir"; sha256 = "04zrkvzvi1i898al45fh9j3k635sf9qhwca7phbv4ynkfl8bz3q3"; }; }; }; - ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.roguecraft.enable [ "rogue.${config.domains.p2}" ]; + ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.roguecraft.enable [ "rogue.nixfox.ca" ]; - nginx.virtualHosts."${config.domains.p2}".locations = lib.mkIf config.services.minecraft-servers.servers.roguecraft.enable { + nginx.virtualHosts."nixfox.ca".locations = lib.mkIf config.services.minecraft-servers.servers.roguecraft.enable { "/roguecraftdatapackredir" = { return = "301 https://cdn.modrinth.com/data/HtKjVijx/versions/Rme4c23R/Roguecraft%201.2.6%20-%20Data%20Pack.zip"; }; diff --git a/modules/system/services/server/minecraft/servers/skyblock/default.nix b/modules/system/services/server/minecraft/servers/skyblock/default.nix index eac1b3d..eb7f559 100644 --- a/modules/system/services/server/minecraft/servers/skyblock/default.nix +++ b/modules/system/services/server/minecraft/servers/skyblock/default.nix @@ -15,6 +15,6 @@ in { symlinks = common.paperSymlinks; files = common.configFiles; }; - ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.dewdemolisher.enable [ "skyblock.${config.domains.p2}" ]; + ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.dewdemolisher.enable [ "skyblock.nixfox.ca" ]; }; } diff --git a/modules/system/services/server/minecraft/servers/uberbeta/default.nix b/modules/system/services/server/minecraft/servers/uberbeta/default.nix index ed26edf..204bb47 100644 --- a/modules/system/services/server/minecraft/servers/uberbeta/default.nix +++ b/modules/system/services/server/minecraft/servers/uberbeta/default.nix @@ -19,6 +19,6 @@ in { server-port = 30005; }; }; - ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.uberbeta.enable [ "beta.${config.domains.p2}" ]; + ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.uberbeta.enable [ "beta.nixfox.ca" ]; }; } diff --git a/modules/system/services/server/minecraft/servers/velocity/default.nix b/modules/system/services/server/minecraft/servers/velocity/default.nix index abe6571..c358006 100644 --- a/modules/system/services/server/minecraft/servers/velocity/default.nix +++ b/modules/system/services/server/minecraft/servers/velocity/default.nix @@ -1,7 +1,5 @@ { pkgs, ... }: -let - common = import ../../common { inherit pkgs; }; -in { +{ services.minecraft-servers.servers.velocity = { package = pkgs.velocityServers.velocity; jvmOpts = "-Xmx512M"; diff --git a/modules/system/services/server/socialserver/mastodon/default.nix b/modules/system/services/server/socialserver/mastodon/default.nix index c79f93e..193fe26 100644 --- a/modules/system/services/server/socialserver/mastodon/default.nix +++ b/modules/system/services/server/socialserver/mastodon/default.nix @@ -3,16 +3,16 @@ config = lib.mkIf config.system.socialserver.enable { services.mastodon = { enable = true; - localDomain = "social.${config.domains.p2}"; + localDomain = "social.nixfox.ca"; streamingProcesses = 4; configureNginx = true; smtp = { createLocally = false; - host = "mx.${config.domains.p2}"; + host = "mx.nixfox.ca"; port = 587; authenticate = true; - fromAddress = "NixFox Mastodon "; - user = "noreply@${config.domains.p2}"; + fromAddress = "NixFox Mastodon "; + user = "noreply@nixfox.ca"; passwordFile = pkgs.writeText "smtp_pass.txt" config.secrets.noreplyPassword; }; }; diff --git a/modules/system/services/server/socialserver/matrix/coturn/default.nix b/modules/system/services/server/socialserver/matrix/coturn/default.nix index 5cdd8a4..37607d9 100644 --- a/modules/system/services/server/socialserver/matrix/coturn/default.nix +++ b/modules/system/services/server/socialserver/matrix/coturn/default.nix @@ -12,23 +12,23 @@ max-port = 50000; use-auth-secret = true; static-auth-secret = config.secrets.coturnSecret; - realm = "turn.${config.domains.p1}"; - cert = "/var/lib/acme/turn.${config.domains.p1}.com/fullchain.pem"; - pkey = "/var/lib/acme/turn.${config.domains.p1}.com/key.pem"; + realm = "turn.jimbosfiles.com"; + cert = "/var/lib/acme/turn.jimbosfiles.com/fullchain.pem"; + pkey = "/var/lib/acme/turn.jimbosfiles.com/key.pem"; }; # Enable coturn on Synapse matrix-synapse.settings = { turn_uris = [ - "turn:turn.${config.domains.p1}:3478?transport=udp" - "turn:turn.${config.domains.p1}:3478?transport=tcp" + "turn:turn.jimbosfiles.com:3478?transport=udp" + "turn:turn.jimbosfiles.com:3478?transport=tcp" ]; turn_shared_secret = config.secrets.coturnSecret; turn_user_lifetime = "1h"; }; # Sync the IP to Cloudflare - ddclient.domains = [ "git.${config.domains.p2}" ]; + ddclient.domains = [ "turn.jimbosfiles.com" ]; }; # Open coturn ports diff --git a/modules/system/services/server/socialserver/matrix/coturn/nginx/default.nix b/modules/system/services/server/socialserver/matrix/coturn/nginx/default.nix index b5d3cdc..effae07 100644 --- a/modules/system/services/server/socialserver/matrix/coturn/nginx/default.nix +++ b/modules/system/services/server/socialserver/matrix/coturn/nginx/default.nix @@ -1,7 +1,7 @@ { config, lib, ... }: { config = lib.mkIf config.services.coturn.enable { - services.nginx.virtualHosts."turn.${config.domains.p1}" = { + services.nginx.virtualHosts."turn.jimbosfiles.com" = { enableACME = true; forceSSL = true; listen = [{ @@ -13,7 +13,7 @@ }; security.acme.certs = { - "turn.${config.domains.p1}" = { + "turn.jimbosfiles.com" = { group = "turnserver"; postRun = "systemctl restart coturn.service"; }; diff --git a/modules/system/services/server/socialserver/matrix/element/default.nix b/modules/system/services/server/socialserver/matrix/element/default.nix index 97be8e4..f63c763 100644 --- a/modules/system/services/server/socialserver/matrix/element/default.nix +++ b/modules/system/services/server/socialserver/matrix/element/default.nix @@ -5,15 +5,15 @@ config = lib.mkIf config.services.matrix-synapse.enable { nixpkgs.config.element-web.conf = { default_server_config."m.homeserver" = { - base_url = "https://matrix.${config.domains.p1}"; - server_name = "matrix.${config.domains.p1}"; + base_url = "https://matrix.jimbosfiles.com"; + server_name = "matrix.jimbosfiles.com"; }; branding = { - #welcome_background_url = "https://staging.${config.domains.p1}/images/backgrounds/template-background.png"; - #auth_header_logo_url = "https://staging.${config.domains.p1}/images/logos/template-logo.png"; + #welcome_background_url = "https://staging.jimbosfiles.com/images/backgrounds/template-background.png"; + #auth_header_logo_url = "https://staging.jimbosfiles.com/images/logos/template-logo.png"; }; embedded_pages = { - home_url = "https://www.${config.domains.p1}/"; + home_url = "https://www.jimbosfiles.com/"; }; disable_custom_urls = true; disable_guests = true; diff --git a/modules/system/services/server/socialserver/matrix/element/nginx/default.nix b/modules/system/services/server/socialserver/matrix/element/nginx/default.nix index 24ffa33..1c085eb 100644 --- a/modules/system/services/server/socialserver/matrix/element/nginx/default.nix +++ b/modules/system/services/server/socialserver/matrix/element/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: { - services.nginx.virtualHosts."chat.${config.domains.p2}" = lib.mkIf config.services.matrix-synapse.enable { + services.nginx.virtualHosts."chat.nixfox.ca" = lib.mkIf config.services.matrix-synapse.enable { enableACME = true; addSSL = true; root = "${pkgs.element-web}"; diff --git a/modules/system/services/server/socialserver/matrix/synapse/default.nix b/modules/system/services/server/socialserver/matrix/synapse/default.nix index 20a3a39..3420d0c 100644 --- a/modules/system/services/server/socialserver/matrix/synapse/default.nix +++ b/modules/system/services/server/socialserver/matrix/synapse/default.nix @@ -8,31 +8,32 @@ services.matrix-synapse = { enable = true; settings = { - server_name = "${config.domains.p1}"; - public_baseurl = "https://matrix.${config.domains.p1}"; + server_name = "jimbosfiles.com"; + public_baseurl = "https://matrix.jimbosfiles.com"; suppress_key_server_warning = true; - listeners = [ - { - port = 8008; - bind_addresses = [ "::" "0.0.0.0" ]; - resources = [{ - compress = true; - names = [ - "client" - "federation" - ]; - }]; - type = "http"; - tls = false; - x_forwarded = true; - } - ]; + listeners = [{ + port = 8008; + bind_addresses = [ + "::" + "0.0.0.0" + ]; + resources = [{ + compress = true; + names = [ + "client" + "federation" + ]; + }]; + type = "http"; + tls = false; + x_forwarded = true; + }]; email = { - notif_from = "NixFox Matrix "; - smtp_host = "mx.${config.domains.p2}"; - smtp_user = "noreply@${config.domains.p2}"; + notif_from = "NixFox Matrix "; + smtp_host = "mx.nixfox.ca"; + smtp_user = "noreply@nixfox.ca"; smtp_pass = config.secrets.noreplyPassword; enable_tls = true; smtp_port = 587; @@ -42,27 +43,11 @@ # Disable registration without email registrations_require_3pid = [ "email" ]; - # Allow only this range of emails - allowed_local_3pids = [ - { - medium = "email"; - pattern = ''^[^@]+@nixfox\.ca$''; - } - { - medium = "email"; - pattern = ''^[^@]+@freecorn1854\.win$''; - } - { - medium = "email"; - pattern = ''^[^@]+@lunamoonlight\.xyz$''; - } - ]; - # Set the type of database database.name = "sqlite3"; # Allow account registration - enable_registration = true; + #enable_registration = true; # General settings url_preview_enabled = true; @@ -71,8 +56,7 @@ burst_count = 15; }; }; - environment.persistence."/persist".directories = [ - "/var/lib/matrix-synapse" - ]; + + environment.persistence."/persist".directories = [ "/var/lib/matrix-synapse" ]; }; } diff --git a/modules/system/services/server/socialserver/matrix/synapse/nginx/default.nix b/modules/system/services/server/socialserver/matrix/synapse/nginx/default.nix index 60dc12d..f326cbc 100644 --- a/modules/system/services/server/socialserver/matrix/synapse/nginx/default.nix +++ b/modules/system/services/server/socialserver/matrix/synapse/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."matrix.${config.domains.p1}" = lib.mkIf config.services.matrix-synapse.enable { + services.nginx.virtualHosts."matrix.jimbosfiles.com" = lib.mkIf config.services.matrix-synapse.enable { enableACME = true; forceSSL = true; locations = { diff --git a/modules/system/services/server/socialserver/owncast/nginx/default.nix b/modules/system/services/server/socialserver/owncast/nginx/default.nix index 7e2db58..abc052f 100644 --- a/modules/system/services/server/socialserver/owncast/nginx/default.nix +++ b/modules/system/services/server/socialserver/owncast/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."live.${config.domains.p2}" = lib.mkIf config.services.owncast.enable { + services.nginx.virtualHosts."live.nixfox.ca" = lib.mkIf config.services.owncast.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/transmission/nginx/default.nix b/modules/system/services/server/transmission/nginx/default.nix index b60907a..c4c737a 100644 --- a/modules/system/services/server/transmission/nginx/default.nix +++ b/modules/system/services/server/transmission/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."tor.${config.domains.p2}" = lib.mkIf config.services.transmission.enable { + services.nginx.virtualHosts."tor.nixfox.ca" = lib.mkIf config.services.transmission.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/vaultwarden/default.nix b/modules/system/services/server/vaultwarden/default.nix index e7df4a8..ef1dcb6 100644 --- a/modules/system/services/server/vaultwarden/default.nix +++ b/modules/system/services/server/vaultwarden/default.nix @@ -6,25 +6,24 @@ services.vaultwarden = { enable = true; config = { - DOMAIN = "https://pass.${config.domains.p2}"; + DOMAIN = "https://pass.nixfox.ca"; SIGNUPS_ALLOWED = false; ROCKET_ADDRESS = "127.0.0.1"; ROCKET_PORT = 8222; ROCKET_LOG = "critical"; # Smtp email - SMTP_HOST = "mx.${config.domains.p2}"; - SMTP_FROM = "noreply@${config.domains.p2}"; + SMTP_HOST = "mx.nixfox.ca"; + SMTP_FROM = "noreply@nixfox.ca"; SMTP_FROM_NAME = "Vaultwarden"; - SMTP_USERNAME = "noreply@${config.domains.p2}"; + SMTP_USERNAME = "noreply@nixfox.ca"; SMTP_PASSWORD = config.secrets.noreplyPassword; SMTP_SECURITY = "starttls"; SMTP_PORT = 587; SMTP_TIMEOUT = 15; }; }; - environment.persistence."/persist".directories = [ - "/var/lib/bitwarden_rs" - ]; + + environment.persistence."/persist".directories = [ "/var/lib/bitwarden_rs" ]; }; } diff --git a/modules/system/services/server/vaultwarden/nginx/default.nix b/modules/system/services/server/vaultwarden/nginx/default.nix index 5a1ad17..0877413 100644 --- a/modules/system/services/server/vaultwarden/nginx/default.nix +++ b/modules/system/services/server/vaultwarden/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."pass.${config.domains.p2}" = lib.mkIf config.services.vaultwarden.enable { + services.nginx.virtualHosts."pass.nixfox.ca" = lib.mkIf config.services.vaultwarden.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/webserver/acme/default.nix b/modules/system/services/server/webserver/acme/default.nix index 9ff77ad..a88a2b7 100644 --- a/modules/system/services/server/webserver/acme/default.nix +++ b/modules/system/services/server/webserver/acme/default.nix @@ -3,10 +3,8 @@ config = lib.mkIf config.services.nginx.enable { security.acme = { acceptTerms = true; - defaults.email = "contact@${config.domains.p2}"; + defaults.email = "contact@nixfox.ca"; }; - environment.persistence."/persist".directories = [ - "/var/lib/acme" - ]; + environment.persistence."/persist".directories = [ "/var/lib/acme" ]; }; } diff --git a/modules/system/services/server/webserver/nginx/virtualhosts/default.nix b/modules/system/services/server/webserver/nginx/virtualhosts/default.nix index 149652b..ffe0d77 100644 --- a/modules/system/services/server/webserver/nginx/virtualhosts/default.nix +++ b/modules/system/services/server/webserver/nginx/virtualhosts/default.nix @@ -1,7 +1,7 @@ { ... }: { imports = [ - ./p1 - ./p2 + ./nixfox + ./jimbosfiles ]; } diff --git a/modules/system/services/server/webserver/nginx/virtualhosts/p1/default.nix b/modules/system/services/server/webserver/nginx/virtualhosts/jimbosfiles/default.nix similarity index 64% rename from modules/system/services/server/webserver/nginx/virtualhosts/p1/default.nix rename to modules/system/services/server/webserver/nginx/virtualhosts/jimbosfiles/default.nix index 4a45e0a..df17ceb 100644 --- a/modules/system/services/server/webserver/nginx/virtualhosts/p1/default.nix +++ b/modules/system/services/server/webserver/nginx/virtualhosts/jimbosfiles/default.nix @@ -1,16 +1,16 @@ { config, lib, ... }: { - services.nginx.virtualHosts."${config.domains.p1}" = lib.mkIf config.system.server.enable { + services.nginx.virtualHosts."jimbosfiles.com" = lib.mkIf config.system.server.enable { enableACME = true; addSSL = true; - globalRedirect = "www.${config.domains.p2}"; + globalRedirect = "www.nixfox.ca"; locations = { "/.well-known/matrix/client".extraConfig = '' default_type application/json; return 200 ' { "m.homeserver": { - "base_url": "https://matrix.${config.domains.p1}" + "base_url": "https://matrix.jimbosfiles.com" }, "m.identity_server": { "base_url": "https://matrix.org" @@ -20,7 +20,7 @@ ''; "/.well-known/matrix/server".extraConfig = '' default_type application/json; - return 200 '{ "m.server": "matrix.${config.domains.p1}:443" }'; + return 200 '{ "m.server": "matrix.jimbosfiles.com:443" }'; ''; }; }; diff --git a/modules/system/services/server/webserver/nginx/virtualhosts/p2/default.nix b/modules/system/services/server/webserver/nginx/virtualhosts/nixfox/default.nix similarity index 69% rename from modules/system/services/server/webserver/nginx/virtualhosts/p2/default.nix rename to modules/system/services/server/webserver/nginx/virtualhosts/nixfox/default.nix index 37d7d87..8a93ae5 100644 --- a/modules/system/services/server/webserver/nginx/virtualhosts/p2/default.nix +++ b/modules/system/services/server/webserver/nginx/virtualhosts/nixfox/default.nix @@ -1,16 +1,16 @@ { config, lib, ... }: { services.nginx.virtualHosts = lib.mkIf config.system.server.enable { - "www.${config.domains.p2}" = { + "www.nixfox.ca" = { enableACME = true; addSSL = true; default = true; root = "/var/www/landing-page"; }; - "${config.domains.p2}" = { + "nixfox.ca" = { enableACME = true; addSSL = true; - globalRedirect = "www.${config.domains.p2}"; + globalRedirect = "www.nixfox.ca"; }; }; } diff --git a/modules/system/variables/default.nix b/modules/system/variables/default.nix new file mode 100644 index 0000000..df2682a --- /dev/null +++ b/modules/system/variables/default.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + imports = [ + ./ips + ./secrets + ]; +} diff --git a/modules/variables/ips/default.nix b/modules/system/variables/ips/default.nix similarity index 100% rename from modules/variables/ips/default.nix rename to modules/system/variables/ips/default.nix diff --git a/modules/system/variables/secrets/default.nix b/modules/system/variables/secrets/default.nix new file mode 100644 index 0000000..ef22258 Binary files /dev/null and b/modules/system/variables/secrets/default.nix differ diff --git a/modules/variables/default.nix b/modules/variables/default.nix index 8ff6260..d1bb9a1 100644 --- a/modules/variables/default.nix +++ b/modules/variables/default.nix @@ -1,11 +1,4 @@ { ... }: { - imports = [ - ./displays - ./domains - ./ips - ./look - ./users - ./workspaces - ]; + imports = [ ./users ]; } diff --git a/modules/variables/domains/default.nix b/modules/variables/domains/default.nix deleted file mode 100644 index e1c2ffa..0000000 --- a/modules/variables/domains/default.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, lib, ... }: -{ - options.domains = lib.mkOption { - type = lib.types.attrs; - default = {}; - }; - - config.domains = { - p1 = "jimbosfiles.com"; - p2 = "nixfox.ca"; - blox = "bloxelcom.net"; - corn = "freecorn1854.win"; - luna = "lunamoonlight.xyz"; - }; -}