Generalize ddclient, generalize root reset, fix nextcloud, impermanence is fully working on Kitty.

hosts/kitty/filesystems/default.nix

@@ -4,31 +4,31 @@
     "/" = {
       device = "/dev/disk/by-uuid/b8b7ed47-c98c-4a49-af01-b2832dde1287";
       fsType = "btrfs";
-      options = [ "subvol=root" ];
+      options = [ "subvol=root" "compress=zstd" "noatime" "ssd" ];
     };
     "/prev" = {
       device = "/dev/disk/by-uuid/b8b7ed47-c98c-4a49-af01-b2832dde1287";
       fsType = "btrfs";
-      options = [ "subvol=prev" ];
-    };
-    "/persist" = {
-      device = "/dev/disk/by-uuid/acf95700-8669-45c7-9a72-bf3215b3c325";
-      fsType = "btrfs";
-      neededForBoot = true;
-      options = [ "subvol=persist" "compress=zstd" ];
+      options = [ "subvol=prev" "compress=zstd" "noatime" "ssd" "noexec" ];
     };
     "/nix" = {
       device = "/dev/disk/by-uuid/b8b7ed47-c98c-4a49-af01-b2832dde1287";
       fsType = "btrfs";
-      options = [ "subvol=nix" ];
+      options = [ "subvol=nix" "compress=zstd" "noatime" "ssd" ];
     };
     "/boot" = {
       device = "/dev/disk/by-uuid/CD94-1D3F";
       fsType = "vfat";
-      options = [ "fmask=0022" "dmask=0022" ];
+      options = [ "umask=0077" ];
     };
 
-    # Subvols and bindmounts
+    # Impermanence and subvols
+    "/persist" = {
+      device = "/dev/disk/by-uuid/acf95700-8669-45c7-9a72-bf3215b3c325";
+      fsType = "btrfs";
+      neededForBoot = true;
+      options = [ "subvol=persist" "compress=zstd" "noatime" ];
+    };
     "/export/KittyNFS" = {
       depends = [ "/persist" ];
       device = "/persist/export/KittyNFS";

modules/system/accounts/users/system/nextcloud/default.nix

@@ -5,7 +5,7 @@
       group = "nextcloud";
       extraGroups = [ "nfsShare" ];
       isSystemUser = true;
-      uid = 995;
+      uid = 218;
     };
     groups.nextcloud = {};
   };

modules/system/devices/boot/services/root-reset/default.nix

@@ -2,15 +2,15 @@
 {
   boot.initrd.systemd.services.root-reset = {
     enable = true;
-    description = "Reset root and snapshot last boot";
+    description = "Create new and snapshot previous root";
     wantedBy = [ "initrd.target" ];
     before = [ "sysroot.mount" ];
-    after = [ "dev-${config.networking.hostName}-root.device" ];
+    after = [ "initrd-root-device.target" ];
     unitConfig.DefaultDependencies = "no";
     serviceConfig.Type = "oneshot";
     script = ''
       mkdir -p /mnt
-      mount /dev/${config.networking.hostName}/root /mnt
+      mount -t btrfs /dev/${config.networking.hostName}/root /mnt
 
       if [[ -e /mnt/prev ]]; then
         btrfs subvolume delete /mnt/prev

modules/system/services/server/forgejo/default.nix

@@ -31,6 +31,8 @@
 
     networking.firewall.allowedTCPPorts = [ 2299 ];
 
+    services.ddclient.domains = [ "git.${config.domains.p2}" ];
+
     environment.persistence."/persist".directories = [
       "/var/lib/forgejo"
     ];

modules/system/services/server/mailserver/simplenix/default.nix

@@ -1,4 +1,4 @@
-{ mailserver, pkgs, config, ... }: 
+{ mailserver, config, lib, pkgs, ... }: 
 {
   imports = [
     ./nginx
@@ -52,4 +52,5 @@
 
   # Rspamd port from earlier to avoid overlap
   services.redis.servers.rspamd.port = 1515;
+  services.ddclient.domains = lib.mkIf config.mailserver.enable [ "mx.${config.domains.p1}" ];
 }

modules/system/services/server/minecraft/servers/blockworld/default.nix

@@ -1,8 +1,9 @@
-{ pkgs, ... }:
+{ config, lib, pkgs, ... }:
 let
   common = import ../../common { inherit pkgs; };
 in {
-  services.minecraft-servers.servers.blockworld = {
+  services = {
+    minecraft-servers.servers.blockworld = {
       autoStart = false;
       package = pkgs.paperServers.paper-1_21_1;
       jvmOpts = "-Xmx3072M";
@@ -15,4 +16,6 @@ in {
       symlinks = common.paperSymlinks;
       files = common.configFiles;
     };
+    ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.blockworld.enable [ "bloxel.${config.domains.p2}" ];
+  };
 }

modules/system/services/server/minecraft/servers/dewdemolisher/default.nix

@@ -1,8 +1,9 @@
-{ pkgs, ... }:
+{ config, lib, pkgs, ... }:
 let
   common = import ../../common { inherit pkgs; };
 in {
-  services.minecraft-servers.servers.dewdemolisher = {
+  services = {
+    minecraft-servers.servers.dewdemolisher = {
       package = pkgs.paperServers.paper-1_21_1;
       jvmOpts = "-Xmx2000M";
       serverProperties = common.serverProperties // {
@@ -14,4 +15,6 @@ in {
       symlinks = common.paperSymlinks;
       files = common.configFiles;
     };
+    ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.dewdemolisher.enable [ "dew.${config.domains.p2}" ];
+  };
 }

modules/system/services/server/minecraft/servers/johnside/default.nix

@@ -1,8 +1,9 @@
-{ pkgs, config, ... }:
+{ config, lib, pkgs, ... }:
 let
   common = import ../../common { inherit pkgs; };
 in {
-  services.minecraft-servers.servers.johnside = {
+  services = {
+    minecraft-servers.servers.johnside = {
       package = pkgs.paperServers.paper-1_20_6;
       jvmOpts = "-Xmx2500M";
       serverProperties = common.serverProperties // {
@@ -27,4 +28,6 @@ in {
       };
       files = common.configFiles;
     };
+    ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.johnside.enable [ "john.${config.domains.p2}" ];
+  };
 }

modules/system/services/server/minecraft/servers/roguecraft/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, config, ... }:
+{ config, lib, pkgs, ... }:
 let
   common = import ../../common { inherit pkgs; };
 in {
@@ -23,7 +23,10 @@ in {
         };
       };
     };
-    nginx.virtualHosts."${config.domains.p1}".locations = {
+
+    ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.roguecraft.enable [ "rogue.${config.domains.p2}" ];
+
+    nginx.virtualHosts."${config.domains.p1}".locations = lib.mkIf config.services.minecraft-servers.servers.roguecraft.enable {
       "/roguecraftdatapackredir" = {
         return = "301 https://cdn.modrinth.com/data/HtKjVijx/versions/Rme4c23R/Roguecraft%201.2.6%20-%20Data%20Pack.zip";
       };

modules/system/services/server/minecraft/servers/uberbeta/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ config, lib, pkgs, ... }:
 let
   common = import ../../common { inherit pkgs; };
   uberBukkitZip = pkgs.fetchzip {
@@ -10,7 +10,8 @@ let
     src = "${uberBukkitZip}/uberbukkit-2.0.0.jar";
   });
 in {
-  services.minecraft-servers.servers.uberbeta = {
+  services = {
+    minecraft-servers.servers.uberbeta = {
       package = uberBukkit;
       jvmOpts = "-Xmx512M";
       serverProperties = common.serverProperties // {
@@ -18,4 +19,6 @@ in {
         server-port = 30005;
       };
     };
+    ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.uberbeta.enable [ "beta.${config.domains.p2}" ];
+  };
 }

modules/system/services/server/socialserver/matrix/coturn/default.nix

@@ -26,6 +26,9 @@
         turn_shared_secret = config.secrets.coturnSecret;
         turn_user_lifetime = "1h";
       };
+
+      # Sync the IP to Cloudflare
+      ddclient.domains = [ "git.${config.domains.p2}" ];
     };
 
     # Open coturn ports

modules/system/services/server/webserver/ddclient/default.nix

@@ -8,16 +8,6 @@
       usev6 = "";
       username = "token";
       passwordFile = "${pkgs.writeText "cloudflareapikey" config.secrets.flareApiKey}";
-      domains = [
-        "${config.domains.p2}"
-        "*.${config.domains.p2}"
-        "sv.${config.domains.p2}"
-        "git.${config.domains.p2}"
-        "turn.${config.domains.p2}"
-        "dew.${config.domains.p2}"
-        "john.${config.domains.p2}"
-        "rogue.${config.domains.p2}"
-      ];
     };
     environment.persistence."/persist".directories = [
       "/var/lib/private/ddclient"