Fix mailserver and vault warden

hosts/kitty/boot/default.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, modulesPath, ... }:
+{ config, lib, pkgs, ... }:
 {
   boot = {
     kernelPackages = pkgs.linuxPackages_hardened;

hosts/prophet/boot/default.nix

@@ -1,37 +1,7 @@
-{ pkgs, ... }:
+{ lib, pkgs, ... }:
 {
   boot = {
-    initrd = {
-      systemd = {
-        enable = true;
-        services.root-reset = {
-          description = "Reset root and snapshot last boot";
-          wantedBy = [ "initrd.target" ];
-          after = [ "dev-${config.networking.hostName}-root.device" ];
-          before = [ "sysroot.mount" ];
-          unitConfig.DefaultDependencies = "no";
-          serviceConfig.Type = "oneshot";
-          script = ''
-            mkdir -p /mnt
-            mount /dev/${config.networking.hostName}/root /mnt
-
-            if [[ -e /mnt/prev ]]; then
-              btrfs subvolume delete /mnt/prev
-            fi
-
-            btrfs subvolume snapshot /mnt/root /mnt/prev
-
-            btrfs subvolume list -o /mnt/root | cut -f9 -d' ' | while read subvolume; do
-              btrfs subvolume delete "/mnt/$subvolume"
-            done
-
-            btrfs subvolume delete /mnt/root
-            btrfs subvolume create /mnt/root
-
-            umount /mnt
-          '';
-        };
-      };
-    };
+    kernelPackages = pkgs.linuxPackages_hardened;
+    initrd.systemd.services.root-reset.enable = lib.mkForce false;
   };
 }

hosts/prophet/default.nix

@@ -1,28 +1,26 @@
-{ config, ... }:
+{ lib, ... }:
 {
   imports = [
+    ./boot
+    ./filesystems
     ./hardware
-
-    # Apps and programs
-    ../../../modules/system
-    ../../../modules/system/accounts
-    ../../../modules/system/devices/filesystems
-    ../../../modules/system/devices/boot/systemd
-    ../../../modules/system/devices/networking
-    ../../../modules/system/devices/networking/firewall/pc
-    ../../../modules/system/devices/networking/wireguard/pc
-    ../../../modules/system/programs/git
-    ../../../modules/system/programs/security
-    ../../../modules/system/services/common
-    ../../../modules/system/services/server/acme
-    ../../../modules/system/services/server/webhost/nginx
-    ../../../modules/system/services/server/mailserver
-
-    # Misc
-    ../../../overlays
-    ../../../variables
+    ./users
+    ../../modules/system
   ];
 
-  networking.hostName = "prophet";
-  networking.wireguard.interfaces.wgc.ips = [ "10.100.0.19/24" ];
+  networking = {
+    hostName = "prophet";
+    hostId = "97a21a38";
+    wg-quick.interfaces.wgc.address = [ "10.100.0.19/24" ];
+  };
+
+  environment.persistence."/persist".enable = lib.mkForce false;
+
+  system = {
+    desktop.enable = false;
+    mailserver.enable = true;
+    wireless.enable = false;
+    wireguard.client.enable = true;
+    stateVersion = "24.05";
+  };
 }

modules/system/devices/networking/wireguard/client/default.nix

@@ -14,7 +14,7 @@
           { # Cyberspark Server
             publicKey = "qnOT/lXOJMaQgDUdXpyfGZB2IEyUouRje2m/bCe9ux8=";
             allowedIPs = [ "10.100.0.0/24" ];
-            endpoint = "sv.${config.domains.jim1}:51820";
+            endpoint = "sv.${config.domains.p1}:51820";
             persistentKeepalive = 25;
           }
         ];

modules/system/services/server/minecraft/servers/johnside/default.nix

@@ -2,8 +2,7 @@
 let
   common = import ../../common { inherit pkgs; };
 in {
-  services = {
-    minecraft-servers.servers.johnside = {
+  services.minecraft-servers.servers.johnside = {
     package = pkgs.paperServers.paper-1_20_6;
     jvmOpts = "-Xmx2500M";
     serverProperties = common.serverProperties // {
@@ -13,18 +12,6 @@ in {
     };
     whitelist = common.whitelist;
     symlinks = common.paperSymlinks // {
-        "plugins/BlueMap.jar" = builtins.fetchurl {
-          url = "https://cdn.modrinth.com/data/swbUV1cr/versions/TL5ElRWX/BlueMap-5.3-spigot.jar";
-          sha256 = "08ls3wk0333vjg49kcmri884pcgm2xk9xdhwcxyffbh4ra0xrlbw";
-        };
-        "plugins/BlueMapOfflinePlayers.jar" = builtins.fetchurl {
-          url = "https://github.com/TechnicJelle/BlueMapOfflinePlayerMarkers/releases/download/v3.0/BlueMapOfflinePlayerMarkers-3.0.jar";
-          sha256 = "1f07w53q7yr4mvph7013d7ajxmp4lnsv6b1ab14y2x0bmqv39nwr";
-        };
-        "plugins/BlueMapMarkerManager.jar" = builtins.fetchurl {
-          url = "https://cdn.modrinth.com/data/a8UoyV2h/versions/E0XoPfJV/BMM-2.1.5.jar";
-          sha256 = "1vpnqglybysxnqyzkjnwbwg000dqkbk516apzvhmg39wlfaysl9d";
-        };
       "plugins/CustomDiscs.jar" = builtins.fetchurl {
         url = "https://github.com/Navoei/CustomDiscs/releases/download/v3.0/custom-discs-3.0.jar";
         sha256 = "0xv0zrkdmjx0d7l34nqag8j004pm9zqivc12d3zy9pdrkv7pz87d";
@@ -40,15 +27,4 @@ in {
     };
     files = common.configFiles;
   };
-
-    # BlueMap webhost
-    nginx.virtualHosts."john.${config.domains.p1}" = {
-      enableACME = true;
-      forceSSL = true;
-      locations."/" = {
-        proxyPass = "http://127.0.0.1:31010";
-        proxyWebsockets = true;
-      };
-    };
-  };
 }

modules/system/services/server/nginx/default.nix

@@ -5,7 +5,7 @@
     ./virtualhosts
   ];
 
-  config = lib.mkIf config.system.server.enable {
+  config = lib.mkIf (config.system.server.enable || config.system.mailserver.enable) {
     services.nginx = {
       enable = true;
       recommendedTlsSettings = true;

modules/system/services/server/vaultwarden/nginx/default.nix

@@ -1,6 +1,6 @@
 { config, lib, ... }:
 {
-  services.nginx.virtualHosts."pass.${config.domains.p1}" = lib.mkIf config.services.vaultwarden.enable {
+  services.nginx.virtualHosts."pass.${config.domains.p2}" = lib.mkIf config.services.vaultwarden.enable {
     enableACME = true;
     forceSSL = true;
     locations."/" = {