test: setting up nas structure

2025-12-14 02:20:53 -06:00 · 2025-12-08 22:25:13 -06:00 · 2025-12-08 22:25:13 -06:00 · 4225970826
commit 4225970826
parent 8cd193ec49
747 changed files with 2938 additions and 4347 deletions
--- a/modules/config/default.nix
+++ b/modules/config/default.nix
@ -54,41 +54,43 @@ let
    };
  };

-  instanceSubmodule = lib.types.submodule {
-    options = {
-      subdomain = stringType;
-      label = stringType;
-      name = stringType;
-      short = stringType;
-      hostname = stringType;
-      tags = listType;
-      records = genOptions stringType "record";
-      domains = genOptions stringType "url";
-      dns = genOptions stringType "provider";
-      localhost = genOptions stringType "address";
-      wireguard = genOptions stringType "interface";
-      remotehost = genOptions stringType "address";
-      email = genOptions stringType "address";
-      sops = genOptions stringType "path";
-      paths = genOptions stringType "path";
-      varPaths = genOptions stringType "path";
+  interfaceConfig = {
+    domain = stringType;
+    email = stringType;
+    ip = stringType;
+    subdomain = stringType;
+    wireguard = stringType;
+    microvm = {
+      gate = stringType;
+      id = stringType;
+      idUser = stringType;
+      mac = stringType;
+      macUser = stringType;
+      num = intType;
+      ssh = intType;
+    };
+    ssl = {
+      cert = stringType;
+      key = stringType;
+      path = stringType;
+    };
+    paths = {
      mntPaths = genOptions stringType "path";
      secretPaths = genOptions stringType "path";
+      varPaths = genOptions stringType "path";
+    };
+  };
+
+  instanceSubmodule = lib.types.submodule {
+    options = {
+      name = stringType;
+      label = stringType;
+      short = stringType;
+      tags = listType;
+      dns = genOptions stringType "provider";
      ports = genOptions intType "port";
-      interface = {
-        id = stringType;
-        mac = stringType;
-        idUser = stringType;
-        macUser = stringType;
-        ip = stringType;
-        gate = stringType;
-        ssh = intType;
-      };
-      ssl = {
-        cert = stringType;
-        key = stringType;
-        path = stringType;
-      };
+      addresses = genOptions stringType "address";
+      interfaces = genOptions interfaceConfig "interface";
    };
  };

@ -284,10 +286,8 @@ in
            emailNoReply = "noreply";
            servicePath = "/mnt/media/NAS1";
            mntPath = "/mnt/storage";
-            varLib = var;
            varPath = var;
            sslPath = "${var}/acme";
-            sopsPath = "${var}/secrets";
            secretPath = "/run/secrets";
            cachePath = "/var/cache";
            dummy = "";
--- a/modules/config/instances/config/firefly-iii.nix
+++ b/modules/config/instances/config/firefly-iii.nix
@ -10,53 +10,59 @@ let
    ;
  label = "Firefly-III";
  name = "firefly-iii";
-  subdomain = "finances";
-  domain = "${subdomain}.${domain0}";
-  secrets = "${secretPath}/${name}";
-  ssl = "${sslPath}/${domain}";
 in
 {
  label = label;
  name = name;
  short = label;
-  email = {
-    address0 = "noreply@${domain0}";
-  };
-  domains = {
-    url0 = domain;
-  };
  tags = [
    "firefly-iii"
    "finances"
    "money"
  ];
-  subdomain = subdomain;
  ports = {
    port0 = 8084;
    port1 = 8081;
  };
-  interface = {
-    id = "vm-${name}";
-    mac = "02:00:00:00:54:04";
-    idUser = "vmuser-firefly";
-    macUser = "02:00:00:00:00:04";
-    ip = "192.168.50.114";
-    gate = "192.168.50.1";
-    ssh = 2204;
-  };
-  ssl = {
-    path = ssl;
-    cert = "${ssl}/fullchain.pem";
-    key = "${ssl}/key.pem";
-  };
-  varPaths = {
-    path0 = "${varPath}/${name}";
-    path1 = "${cachePath}/${name}";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}";
-  };
-  secretPaths = {
-    path0 = secrets;
+  interfaces = {
+    interface0 =
+      let
+        subdomain = "finances";
+        domain = "${subdomain}.${domain0}";
+        secrets = "${secretPath}/${name}";
+        ssl = "${sslPath}/${domain}";
+      in
+      {
+        microvm = {
+          id = "vm-${name}";
+          mac = "02:00:00:00:54:04";
+          idUser = "vmuser-firefly";
+          macUser = "02:00:00:00:00:04";
+          ip = "192.168.50.114";
+          gate = "192.168.50.1";
+          ssh = 2204;
+        };
+        email = "noreply@${domain0}";
+        domain = domain;
+        subdomain = subdomain;
+        ssl = {
+          path = ssl;
+          cert = "${ssl}/fullchain.pem";
+          key = "${ssl}/key.pem";
+        };
+        paths = {
+          varPaths = {
+            path0 = "${varPath}/${name}";
+            path1 = "${cachePath}/${name}";
+          };
+          mntPaths = {
+            path0 = "${mntPath}/${name}";
+          };
+          secretPaths = {
+            path0 = secrets;
+          };
+
+        };
+      };
  };
 }
--- a/modules/config/instances/config/forgejo.nix
+++ b/modules/config/instances/config/forgejo.nix
@ -11,22 +11,11 @@ let

  name = "forgejo";
  label = "Forgejo";
-  subdomain = "source";
-  domain = "${subdomain}.${domain1}";
-  secrets = "${secretPath}/${name}";
-  ssl = "${sslPath}/${domain}";
 in
 {
  name = name;
  label = label;
  short = label;
-  email = {
-    address0 = "${emailNoReply}@${domain1}";
-  };
-  domains = {
-    url0 = domain;
-  };
-  subdomain = subdomain;
  tags = [
    name
    "forge"
@ -35,28 +24,43 @@ in
  ports = {
    port0 = 3033;
  };
-  interface = {
-    id = "vm-${name}";
-    mac = "02:00:00:00:53:03";
-    idUser = "vmuser-${name}";
-    macUser = "02:00:00:00:00:03";
-    ip = "192.168.50.113";
-    gate = "192.168.50.1";
-    ssh = 2203;
-  };
-
-  ssl = {
-    path = ssl;
-    cert = "${ssl}/fullchain.pem";
-    key = "${ssl}/key.pem";
-  };
-  varPaths = {
-    path0 = "${varPath}/${name}";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}";
-  };
-  secretPaths = {
-    path0 = secrets;
+  interfaces = {
+    interface0 =
+      let
+        subdomain = "source";
+        domain = "${subdomain}.${domain1}";
+        secrets = "${secretPath}/${name}";
+        ssl = "${sslPath}/${domain}";
+      in
+      {
+        domains = domain;
+        subdomain = subdomain;
+        email = "${emailNoReply}@${domain1}";
+        microvm = {
+          id = "vm-${name}";
+          mac = "02:00:00:00:53:03";
+          idUser = "vmuser-${name}";
+          macUser = "02:00:00:00:00:03";
+          ip = "192.168.50.113";
+          gate = "192.168.50.1";
+          ssh = 2203;
+        };
+        ssl = {
+          path = ssl;
+          cert = "${ssl}/fullchain.pem";
+          key = "${ssl}/key.pem";
+        };
+        paths = {
+          varPaths = {
+            path0 = "${varPath}/${name}";
+          };
+          mntPaths = {
+            path0 = "${mntPath}/${name}";
+          };
+          secretPaths = {
+            path0 = secrets;
+          };
+        };
+      };
  };
 }
--- a/modules/config/instances/config/jellyfin.nix
+++ b/modules/config/instances/config/jellyfin.nix
@ -9,19 +9,11 @@ let
    ;
  label = "Jellyfin";
  name = "jellyfin";
-  domain = "${name}.${domain0}";
-  ssl = "${sslPath}/${name}.${domain0}";
 in
 {
  label = label;
  name = name;
  short = "Jelly";
-  email = {
-    address0 = "noreply@${domain0}";
-  };
-  domains = {
-    url0 = domain;
-  };
  tags = [
    "jelly"
    "video"
@ -30,32 +22,42 @@ in
    "shows"
    "music"
  ];
-  subdomain = name;
  ports = {
    port0 = 8096; # Jellyfin HTTP
    port1 = 5055; # Jellyseer
    port2 = 8920; # Jellyfin HTTPS
  };
-  interface = {
-    id = "vm-${name}";
-    mac = "02:00:00:00:52:02";
-    idUser = "vmuser-${name}";
-    macUser = "02:00:00:00:00:02";
-    ip = "192.168.50.112";
-    gate = "192.168.50.1";
-    ssh = 2202;
-  };
-  ssl = {
-    path = ssl;
-    cert = "${ssl}/fullchain.pem";
-    key = "${ssl}/key.pem";
-  };
-  varPaths = {
-    path0 = "${varPath}/${name}";
-    path1 = "${cachePath}/${name}";
-    path2 = "${varPath}/${name}-media";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}";
+  interfaces = {
+    interface0 =
+      let
+        domain = "${name}.${domain0}";
+        ssl = "${sslPath}/${name}.${domain0}";
+      in
+      {
+        domain = domain;
+        subdomain = name;
+        email = "noreply@${domain0}";
+        microvm = {
+          id = "vm-${name}";
+          mac = "02:00:00:00:52:02";
+          idUser = "vmuser-${name}";
+          macUser = "02:00:00:00:00:02";
+          ip = "192.168.50.112";
+          gate = "192.168.50.1";
+          ssh = 2202;
+        };
+        paths = {
+          varPaths = {
+          };
+          mntPaths = {
+            path0 = "${mntPath}/${name}";
+          };
+        };
+        ssl = {
+          path = ssl;
+          cert = "${ssl}/fullchain.pem";
+          key = "${ssl}/key.pem";
+        };
+      };
  };
 }
--- a/modules/config/instances/config/mastodon.nix
+++ b/modules/config/instances/config/mastodon.nix
@ -10,22 +10,11 @@ let
    ;
  label = "Mastodon";
  name = "mastodon";
-  subdomain = "social";
-  domain = "${subdomain}.${domain1}";
-  secrets = "${secretPath}/${name}";
-  ssl = "${sslPath}/${domain}";
 in
 {
  label = label;
  name = name;
  short = "Mast";
-  email = {
-    address0 = "noreply@${domain1}";
-  };
-  domains = {
-    url0 = domain;
-  };
-  subdomain = subdomain;
  tags = [
    name
    "mast"
@ -35,27 +24,43 @@ in
    port0 = 80;
  };
  interface = {
-    id = "vm-${name}";
-    mac = "02:00:00:00:55:05";
-    idUser = "vmuser-mastodon";
-    macUser = "02:00:00:00:00:05";
-    ip = "192.168.50.115";
-    gate = "192.168.50.1";
-    ssh = 2205;
-  };
-  ssl = {
-    path = ssl;
-    cert = "${ssl}/fullchain.pem";
-    key = "${ssl}/key.pem";
-  };
-  varPaths = {
-    path0 = "${varPath}/${name}";
-    path1 = "${cachePath}/${name}";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}";
-  };
-  secretPaths = {
-    path0 = secrets;
+    interface0 =
+      let
+        subdomain = "social";
+        domain = "${subdomain}.${domain1}";
+        secrets = "${secretPath}/${name}";
+        ssl = "${sslPath}/${domain}";
+      in
+      {
+        domains = domain;
+        subdomain = subdomain;
+        email = "noreply@${domain1}";
+        microvm = {
+          id = "vm-${name}";
+          mac = "02:00:00:00:55:05";
+          idUser = "vmuser-mastodon";
+          macUser = "02:00:00:00:00:05";
+          ip = "192.168.50.115";
+          gate = "192.168.50.1";
+          ssh = 2205;
+        };
+        ssl = {
+          path = ssl;
+          cert = "${ssl}/fullchain.pem";
+          key = "${ssl}/key.pem";
+        };
+        paths = {
+          varPaths = {
+            path0 = "${varPath}/${name}";
+            path1 = "${cachePath}/${name}";
+          };
+          mntPaths = {
+            path0 = "${mntPath}/${name}";
+          };
+          secretPaths = {
+            path0 = secrets;
+          };
+        };
+      };
  };
 }
--- a/modules/config/instances/config/minecraft.nix
+++ b/modules/config/instances/config/minecraft.nix
@ -0,0 +1,73 @@
+{ moduleFunctions }:
+let
+  inherit (moduleFunctions.instancesFunctions)
+    varPath
+    mntPath
+    secretPath
+    ;
+  label = "Minecraft";
+  name = "minecraft";
+in
+{
+  label = label;
+  name = name;
+  ports = {
+  };
+  interfaces = {
+    interface0 =
+      let
+        world = "world0";
+      in
+      {
+        microvm = {
+          id = "vm-${world}";
+          mac = "02:00:00:00:51:41";
+          idUser = "vmuser-${world}";
+          macUser = "02:00:00:00:00:41";
+          ip = "192.168.50.141";
+          gate = "192.168.50.1";
+          ssh = 2401;
+          port = 43000;
+        };
+        paths = {
+          varPaths = {
+            path0 = "${varPath}/${name}";
+          };
+          mntPaths = {
+            path0 = "${mntPath}/${name}/${world}";
+          };
+          secretPaths = {
+            path0 = "${secretPath}/${name}";
+          };
+        };
+      };
+    interface1 =
+      let
+        world = "world1";
+      in
+      {
+        microvm = {
+          id = "vm-${world}";
+          mac = "02:00:00:00:51:42";
+          idUser = "vmuser-${world}";
+          macUser = "02:00:00:00:00:42";
+          ip = "192.168.50.142";
+          gate = "192.168.50.1";
+          ssh = 2402;
+          port = 43001;
+        };
+        paths = {
+          varPaths = {
+            path0 = "${varPath}/${name}";
+          };
+          mntPaths = {
+            path1 = "${mntPath}/${name}/${world}";
+          };
+          secretPaths = {
+            path0 = "${secretPath}/${name}";
+          };
+
+        };
+      };
+  };
+}
--- a/modules/config/instances/config/minecraft0.nix
+++ b/modules/config/instances/config/minecraft0.nix
@ -1,36 +0,0 @@
-{ moduleFunctions }:
-let
-  inherit (moduleFunctions.instancesFunctions)
-    varPath
-    mntPath
-    secretPath
-    ;
-  label = "Minecraft";
-  name = "minecraft";
-  world = "world0";
-in
-{
-  label = label;
-  name = name;
-  ports = {
-    port0 = 43000;
-  };
-  interface = {
-    id = "vm-${world}";
-    mac = "02:00:00:00:51:41";
-    idUser = "vmuser-${world}";
-    macUser = "02:00:00:00:00:41";
-    ip = "192.168.50.141";
-    gate = "192.168.50.1";
-    ssh = 2401;
-  };
-  varPaths = {
-    path0 = "${varPath}/${name}";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}/${world}";
-  };
-  secretPaths = {
-    path0 = "${secretPath}/${name}";
-  };
-}
--- a/modules/config/instances/config/minecraft1.nix
+++ b/modules/config/instances/config/minecraft1.nix
@ -1,36 +0,0 @@
-{ moduleFunctions }:
-let
-  inherit (moduleFunctions.instancesFunctions)
-    varPath
-    mntPath
-    secretPath
-    ;
-  label = "Minecraft";
-  name = "minecraft";
-  world = "world1";
-in
-{
-  label = label;
-  name = name;
-  ports = {
-    port0 = 43001;
-  };
-  interface = {
-    id = "vm-${world}";
-    mac = "02:00:00:00:51:42";
-    idUser = "vmuser-${world}";
-    macUser = "02:00:00:00:00:42";
-    ip = "192.168.50.142";
-    gate = "192.168.50.1";
-    ssh = 2402;
-  };
-  varPaths = {
-    path0 = "${varPath}/${name}";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}/${world}";
-  };
-  secretPaths = {
-    path0 = "${secretPath}/${name}";
-  };
-}
--- a/modules/config/instances/config/nginx.nix
+++ b/modules/config/instances/config/nginx.nix
@ -1,19 +0,0 @@
-{ moduleFunctions }:
-let
-  inherit (moduleFunctions.instancesFunctions)
-    sopsPath
-    ;
-
-  label = "Nginx";
-  name = "nginx";
-in
-{
-  label = label;
-  name = name;
-  sops = {
-    path0 = "${sopsPath}/${name}";
-  };
-  ports = {
-    port0 = 8080;
-  };
-}
--- a/modules/config/instances/config/ollama.nix
+++ b/modules/config/instances/config/ollama.nix
@ -9,18 +9,11 @@ let
    ;
  label = "Ollama";
  name = "ollama";
-  domain = "${name}.${domain0}";
-  secrets = "${secretPath}/${name}";
-  ssl = "${sslPath}/${domain}";
 in
 {
  label = label;
  name = name;
  short = label;
-  domains = {
-    url0 = domain;
-  };
-  subdomain = name;
  tags = [
    name
    "chat"
@ -31,26 +24,40 @@ in
    port1 = 11434; # Ollama API
  };
  interface = {
-    id = "vm-${name}";
-    mac = "02:00:00:00:56:08";
-    idUser = "vmuser-${name}";
-    macUser = "02:00:00:00:00:08";
-    ip = "192.168.50.118";
-    gate = "192.168.50.1";
-    ssh = 2208;
-  };
-  ssl = {
-    path = ssl;
-    cert = "${ssl}/fullchain.pem";
-    key = "${ssl}/key.pem";
-  };
-  varPaths = {
-    path0 = "${varPath}/${name}";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}";
-  };
-  secretPaths = {
-    path0 = secrets;
+    interface0 =
+      let
+        domain = "${name}.${domain0}";
+        secrets = "${secretPath}/${name}";
+        ssl = "${sslPath}/${domain}";
+      in
+      {
+        domain = domain;
+        subdomain = name;
+        microvm = {
+          id = "vm-${name}";
+          mac = "02:00:00:00:56:08";
+          idUser = "vmuser-${name}";
+          macUser = "02:00:00:00:00:08";
+          ip = "192.168.50.118";
+          gate = "192.168.50.1";
+          ssh = 2208;
+        };
+        ssl = {
+          path = ssl;
+          cert = "${ssl}/fullchain.pem";
+          key = "${ssl}/key.pem";
+        };
+        paths = {
+          varPaths = {
+            path0 = "${varPath}/${name}";
+          };
+          mntPaths = {
+            path0 = "${mntPath}/${name}";
+          };
+          secretPaths = {
+            path0 = secrets;
+          };
+        };
+      };
  };
 }
--- a/modules/config/instances/config/opencloud.nix
+++ b/modules/config/instances/config/opencloud.nix
@ -0,0 +1,98 @@
+{ moduleFunctions }:
+let
+  inherit (moduleFunctions.instancesFunctions)
+    domain0
+    sslPath
+    varPath
+    mntPath
+    secretPath
+    ;
+  label = "OpenCloud";
+  name = "opencloud";
+  short = "cloud";
+in
+{
+  label = label;
+  name = name;
+  short = "Cloud";
+  tags = [
+    name
+    "opencloud"
+    "cloud"
+  ];
+  ports = {
+    port0 = 9200;
+  };
+  interface = {
+    interface0 =
+      let
+        domain = "${short}.${domain0}";
+        secrets = "${secretPath}/${name}";
+        ssl = "${sslPath}/${domain}";
+      in
+      {
+        domain = domain;
+        subdomain = short;
+        microvm = {
+          id = "vm-${short}";
+          mac = "02:00:00:00:56:09";
+          idUser = "vmuser-${short}";
+          macUser = "02:00:00:00:00:09";
+          ip = "192.168.50.119";
+          gate = "192.168.50.1";
+          ssh = 2209;
+        };
+        ssl = {
+          path = ssl;
+          cert = "${ssl}/fullchain.pem";
+          key = "${ssl}/key.pem";
+        };
+        paths = {
+          varPaths = {
+            path0 = "${varPath}/${name}";
+          };
+          mntPaths = {
+            path0 = "${mntPath}/${name}";
+          };
+          secretPaths = {
+            path0 = secrets;
+          };
+        };
+      };
+    interface1 =
+      let
+        domain = "${short}.${domain0}";
+        secrets = "${secretPath}/${name}";
+        ssl = "${sslPath}/${name}.${domain0}";
+      in
+      {
+        domain = domain;
+        subdomain = short;
+        microvm = {
+          id = "vm-${short}";
+          mac = "02:00:00:00:56:06";
+          idUser = "vmuser-${short}";
+          macUser = "02:00:00:00:00:06";
+          ip = "192.168.50.116";
+          gate = "192.168.50.1";
+          ssh = 2206;
+        };
+        ssl = {
+          path = ssl;
+          cert = "${ssl}/fullchain.pem";
+          key = "${ssl}/key.pem";
+        };
+        paths = {
+          varPaths = {
+            path0 = "${varPath}/${name}";
+          };
+          mntPaths = {
+            path0 = "${mntPath}/${name}";
+          };
+          secretPaths = {
+            path0 = secrets;
+          };
+        };
+      };
+  };
+}
--- a/modules/config/instances/config/opencloud0.nix
+++ b/modules/config/instances/config/opencloud0.nix
@ -1,56 +0,0 @@
-{ moduleFunctions }:
-let
-  inherit (moduleFunctions.instancesFunctions)
-    domain0
-    sslPath
-    varPath
-    mntPath
-    secretPath
-    ;
-  label = "OpenCloud";
-  name = "opencloud";
-  short = "cloud";
-  domain = "${short}.${domain0}";
-  secrets = "${secretPath}/${name}";
-  ssl = "${sslPath}/${domain}";
-in
-{
-  label = label;
-  name = name;
-  short = "Cloud";
-  domains = {
-    url0 = domain;
-  };
-  subdomain = short;
-  tags = [
-    name
-    "opencloud"
-    "cloud"
-  ];
-  ports = {
-    port0 = 9200;
-  };
-  interface = {
-    id = "vm-${short}";
-    mac = "02:00:00:00:56:09";
-    idUser = "vmuser-${short}";
-    macUser = "02:00:00:00:00:09";
-    ip = "192.168.50.119";
-    gate = "192.168.50.1";
-    ssh = 2209;
-  };
-  ssl = {
-    path = ssl;
-    cert = "${ssl}/fullchain.pem";
-    key = "${ssl}/key.pem";
-  };
-  varPaths = {
-    path0 = "${varPath}/${name}";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}";
-  };
-  secretPaths = {
-    path0 = secrets;
-  };
-}
--- a/modules/config/instances/config/opencloud1.nix
+++ b/modules/config/instances/config/opencloud1.nix
@ -1,56 +0,0 @@
-{ moduleFunctions }:
-let
-  inherit (moduleFunctions.instancesFunctions)
-    domain0
-    sslPath
-    varPath
-    mntPath
-    secretPath
-    ;
-  label = "OpenCloud";
-  name = "opencloud";
-  short = "cloud";
-  domain = "${short}.${domain0}";
-  secrets = "${secretPath}/${name}";
-  ssl = "${sslPath}/${name}.${domain0}";
-in
-{
-  label = label;
-  name = name;
-  short = "Cloud";
-  domains = {
-    url0 = domain;
-  };
-  subdomain = short;
-  tags = [
-    name
-    "opencloud"
-    "cloud"
-  ];
-  ports = {
-    port0 = 9200;
-  };
-  interface = {
-    id = "vm-${short}";
-    mac = "02:00:00:00:56:06";
-    idUser = "vmuser-${short}";
-    macUser = "02:00:00:00:00:06";
-    ip = "192.168.50.116";
-    gate = "192.168.50.1";
-    ssh = 2206;
-  };
-  ssl = {
-    path = ssl;
-    cert = "${ssl}/fullchain.pem";
-    key = "${ssl}/key.pem";
-  };
-  varPaths = {
-    path0 = "${varPath}/${name}";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}";
-  };
-  secretPaths = {
-    path0 = secrets;
-  };
-}
--- a/modules/config/instances/config/photoprism.nix
+++ b/modules/config/instances/config/photoprism.nix
@ -0,0 +1,63 @@
+{ moduleFunctions }:
+let
+  inherit (moduleFunctions.instancesFunctions)
+    domain0
+    sslPath
+    varPath
+    mntPath
+    secretPath
+    ;
+  label = "Photoprism";
+  name = "photoprism";
+  short = "prism";
+in
+{
+  label = label;
+  name = name;
+  short = label;
+  tags = [
+    name
+    "photo"
+    "images"
+  ];
+  ports = {
+    port0 = 3030;
+  };
+  interface = {
+    interface0 =
+      let
+        domain = "${short}.${domain0}";
+        secrets = "${secretPath}/${name}";
+        ssl = "${sslPath}/${domain}";
+      in
+      {
+        domain = domain;
+        subdomain = short;
+        microvm = {
+          id = "vm-${short}";
+          mac = "02:00:00:00:56:11";
+          idUser = "vmuser-${short}";
+          macUser = "02:00:00:00:00:11";
+          ip = "192.168.50.121";
+          gate = "192.168.50.1";
+          ssh = 2211;
+        };
+        ssl = {
+          path = ssl;
+          cert = "${ssl}/fullchain.pem";
+          key = "${ssl}/key.pem";
+        };
+        paths = {
+          varPaths = {
+            path0 = "${varPath}/${label}";
+          };
+          mntPaths = {
+            path0 = "${mntPath}/${name}";
+          };
+          secretPaths = {
+            path0 = secrets;
+          };
+        };
+      };
+  };
+}
--- a/modules/config/instances/config/postgresql.nix
+++ b/modules/config/instances/config/postgresql.nix
@ -1,23 +0,0 @@
-{ moduleFunctions }:
-let
-  inherit (moduleFunctions.instancesFunctions)
-    servicePath
-    sopsPath
-    ;
-
-  label = "PostgreSQL";
-  name = "postgres";
-in
-{
-  label = label;
-  name = name;
-  sops = {
-    path0 = "${sopsPath}/${name}";
-  };
-  paths = {
-    path0 = "${servicePath}/${label}";
-  };
-  ports = {
-    port0 = 5432;
-  };
-}
--- a/modules/config/instances/config/projectSite.nix
+++ b/modules/config/instances/config/projectSite.nix
@ -7,40 +7,38 @@ let
    ;
  label = "ProjectSite";
  name = "projectsite";
-  domain = "${name}.${domain0}";
 in
 {
  label = label;
  name = name;
  short = "Project";
-  email = {
-    address0 = "noreply@${domain0}";
-  };
-  domains = {
-    url0 = domain;
-  };
  tags = [
    "project"
  ];
-  subdomain = name;
  ports = {
    port0 = 1334;
  };
-  interface = {
-    id = "vm-project";
-    mac = "02:00:00:00:52:22";
-    idUser = "vmuser-project";
-    macUser = "02:00:00:00:00:22";
-    ip = "192.168.50.212";
-    gate = "192.168.50.1";
-    ssh = 2299;
-  };
-  varPaths = {
-    path0 = "${varPath}/${name}";
-    path1 = "${varPath}/${name}/dist";
-
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}";
+  interfaces = {
+    interface0 = {
+      email = "noreply@${domain0}";
+      microvm = {
+        id = "vm-project";
+        mac = "02:00:00:00:52:22";
+        idUser = "vmuser-project";
+        macUser = "02:00:00:00:00:22";
+        ip = "192.168.50.212";
+        gate = "192.168.50.1";
+        ssh = 2299;
+      };
+      paths = {
+        varPaths = {
+          path0 = "${varPath}/${name}";
+          path1 = "${varPath}/${name}/dist";
+        };
+        mntPaths = {
+          path0 = "${mntPath}/${name}";
+        };
+      };
+    };
  };
 }
--- a/modules/config/instances/config/prompter.nix
+++ b/modules/config/instances/config/prompter.nix
@ -1,41 +0,0 @@
-{ moduleFunctions }:
-let
-  inherit (moduleFunctions.instancesFunctions)
-    domain0
-    sslPath
-    sopsPath
-    ;
-
-  label = "Prompter";
-  name = "prompter";
-  subdomain = "prompter";
-  domain = "${subdomain}.${domain0}";
-in
-{
-  label = label;
-  name = name;
-  short = "upRoot";
-  sops = {
-    path0 = "${sopsPath}/${name}";
-  };
-  domains = {
-    url0 = domain;
-  };
-  subdomain = subdomain;
-  tags = [
-    name
-    "blog"
-  ];
-  paths = {
-    path0 = "/var/lib/${name}/dist";
-    path1 = "";
-    path2 = "";
-  };
-  ports = {
-    port0 = 1234;
-  };
-  ssl = {
-    cert = "${sslPath}/${domain0}/fullchain.pem";
-    key = "${sslPath}/${domain0}/key.pem";
-  };
-}
--- a/modules/config/instances/config/qbittorrent.nix
+++ b/modules/config/instances/config/qbittorrent.nix
@ -10,18 +10,11 @@ let
  label = "qBittorrent";
  name = "qbittorrent";
  short = "share";
-  domain = "${short}.${domain0}";
-  secrets = "${secretPath}/${name}";
-  ssl = "${sslPath}/${domain}";
 in
 {
  label = label;
  name = name;
  short = label;
-  domains = {
-    url0 = domain;
-  };
-  subdomain = short;
  tags = [
    name
    "torrent"
@ -31,26 +24,40 @@ in
    port0 = 3030;
  };
  interface = {
-    id = "vm-${short}";
-    mac = "02:00:00:00:56:07";
-    idUser = "vmuser-${short}";
-    macUser = "02:00:00:00:00:07";
-    ip = "192.168.50.117";
-    gate = "192.168.50.1";
-    ssh = 2207;
-  };
-  ssl = {
-    path = ssl;
-    cert = "${ssl}/fullchain.pem";
-    key = "${ssl}/key.pem";
-  };
-  varPaths = {
-    path0 = "${varPath}/${label}";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}";
-  };
-  secretPaths = {
-    path0 = secrets;
+    interface0 =
+      let
+        domain = "${short}.${domain0}";
+        secrets = "${secretPath}/${name}";
+        ssl = "${sslPath}/${domain}";
+      in
+      {
+        domain = domain;
+        subdomain = short;
+        microvm = {
+          id = "vm-${short}";
+          mac = "02:00:00:00:56:07";
+          idUser = "vmuser-${short}";
+          macUser = "02:00:00:00:00:07";
+          ip = "192.168.50.117";
+          gate = "192.168.50.1";
+          ssh = 2207;
+        };
+        ssl = {
+          path = ssl;
+          cert = "${ssl}/fullchain.pem";
+          key = "${ssl}/key.pem";
+        };
+        paths = {
+          varPaths = {
+            path0 = "${varPath}/${label}";
+          };
+          mntPaths = {
+            path0 = "${mntPath}/${name}";
+          };
+          secretPaths = {
+            path0 = secrets;
+          };
+        };
+      };
  };
 }
--- a/modules/config/instances/config/samba.nix
+++ b/modules/config/instances/config/samba.nix
@ -1,21 +0,0 @@
-{ moduleFunctions }:
-let
-  inherit (moduleFunctions.instancesFunctions)
-    sopsPath
-    ;
-
-  label = "Samba";
-  name = "samba";
-in
-{
-  label = label;
-  name = name;
-  sops = {
-    path0 = "${sopsPath}/${name}";
-  };
-  paths = {
-  };
-  ports = {
-    port0 = 445; # Samba
-  };
-}
--- a/modules/config/instances/config/smtp.nix
+++ b/modules/config/instances/config/smtp.nix
@ -6,20 +6,22 @@ let
    ;

  name = "smtp";
+  domain = "smtp.migadu.com";
 in
 {
-  hostname = "smtp.migadu.com";
  name = name;
  ports = {
    port0 = 465; # TLS
    port1 = 587; # StartTLS
  };
-  email = {
-    address0 = "noreply@${domain0}";
-    address1 = "noreply@${domain1}";
-  };
-  records = {
-    record0 = "tls";
-    record1 = "starttls";
+  interfaces = {
+    interface0 = {
+      domain = domain;
+      email = "noreply@${domain0}";
+    };
+    interface1 = {
+      domain = domain;
+      email = "noreply@${domain1}";
+    };
  };
 }
--- a/modules/config/instances/config/syncthing.nix
+++ b/modules/config/instances/config/syncthing.nix
@ -2,30 +2,19 @@
 let
  inherit (moduleFunctions.instancesFunctions)
    domain0
-    varLib
+    varPath
+    mntPath
    sslPath
-    sopsPath
+    secretPath
    ;

  label = "Syncthing";
  name = "syncthing";
-  domain = "${name}.${domain0}";
 in
 {
  label = label;
  name = name;
  short = "Sync";
-  sops = {
-    path0 = "${sopsPath}/${name}";
-  };
-  paths = {
-    path0 = "${varLib}/${name}";
-    path1 = "${varLib}/${name}/backups";
-  };
-  domains = {
-    url0 = domain;
-  };
-  subdomain = name;
  tags = [
    name
    "sync"
@ -36,8 +25,43 @@ in
    port1 = 21027; # Syncthing (Discovery)
    port2 = 22000; # Syncthing (Transfer)
  };
-  ssl = {
-    cert = "${sslPath}/${name}.${domain0}/fullchain.pem";
-    key = "${sslPath}/${name}.${domain0}/key.pem";
+  interfaces = {
+    interface0 =
+      let
+        domain = "${name}.${domain0}";
+        ssl = "${sslPath}/${domain}";
+        id = "sync";
+        secrets = "${secretPath}/${name}";
+      in
+      {
+        domain = domain;
+        subdomain = name;
+        microvm = {
+          id = "vm-${id}";
+          mac = "02:00:00:00:56:10";
+          idUser = "vmuser-${id}";
+          macUser = "02:00:00:00:00:10";
+          ip = "192.168.50.120";
+          gate = "192.168.50.1";
+          ssh = 2210;
+        };
+        ssl = {
+          cert = "${ssl}/fullchain.pem";
+          key = "${ssl}/key.pem";
+          path = ssl;
+        };
+        paths = {
+          varPaths = {
+            path0 = "${varPath}/${name}";
+            path1 = "${varPath}/${name}/backups";
+          };
+          mntPaths = {
+            path0 = "${mntPath}/${name}";
+          };
+          secretPaths = {
+            path0 = secrets;
+          };
+        };
+      };
  };
 }
--- a/modules/config/instances/config/upRootNutrition.nix
+++ b/modules/config/instances/config/upRootNutrition.nix
@ -1,50 +0,0 @@
-{ moduleFunctions }:
-let
-  inherit (moduleFunctions.instancesFunctions)
-    domain1
-    varPath
-    mntPath
-    sslPath
-    ;
-  label = "upRootNutrition";
-  name = "uprootnutrition";
-  ssl = "${sslPath}/${domain1}";
-in
-
-{
-  label = label;
-  name = name;
-  short = "upRoot";
-  email = {
-    address0 = "nick@${domain1}";
-  };
-  domains = {
-    url0 = domain1;
-  };
-  tags = [
-    name
-    "blog"
-  ];
-  interface = {
-    id = "vm-uproot";
-    mac = "02:00:00:00:52:21";
-    idUser = "vmuser-uproot";
-    macUser = "02:00:00:00:00:21";
-    ip = "192.168.50.211";
-    gate = "192.168.50.1";
-    ssh = 2300;
-  };
-  ssl = {
-    path = ssl;
-    cert = "${ssl}/fullchain.pem";
-    key = "${ssl}/key.pem";
-  };
-
-  varPaths = {
-    path0 = "${varPath}/${name}";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}";
-  };
-
-}
--- a/modules/config/instances/config/vaultwarden.nix
+++ b/modules/config/instances/config/vaultwarden.nix
@ -9,21 +9,11 @@ let
    ;
  label = "Vaultwarden";
  name = "vaultwarden";
-  domain = "${name}.${domain0}";
-  secrets = "${secretPath}/${name}";
-  ssl = "${sslPath}/${name}.${domain0}";
 in
 {
  label = label;
  name = name;
  short = "Vault";
-  email = {
-    address0 = "noreply@${domain0}";
-  };
-  domains = {
-    url0 = domain;
-  };
-  subdomain = name;
  tags = [
    name
    "bitwarden"
@ -35,26 +25,41 @@ in
    port0 = 8085;
  };
  interface = {
-    id = "vm-${name}";
-    mac = "02:00:00:00:51:01";
-    idUser = "vmuser-vault";
-    macUser = "02:00:00:00:00:01";
-    ip = "192.168.50.111";
-    gate = "192.168.50.1";
-    ssh = 2201;
-  };
-  ssl = {
-    path = ssl;
-    cert = "${ssl}/fullchain.pem";
-    key = "${ssl}/key.pem";
-  };
-  varPaths = {
-    path0 = "${varPath}/${name}";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}";
-  };
-  secretPaths = {
-    path0 = secrets;
+    interface0 =
+      let
+        domain = "${name}.${domain0}";
+        secrets = "${secretPath}/${name}";
+        ssl = "${sslPath}/${name}.${domain0}";
+      in
+      {
+        domain = domain;
+        subdomain = name;
+        email = "noreply@${domain0}";
+        microvm = {
+          id = "vm-${name}";
+          mac = "02:00:00:00:51:01";
+          idUser = "vmuser-vault";
+          macUser = "02:00:00:00:00:01";
+          ip = "192.168.50.111";
+          gate = "192.168.50.1";
+          ssh = 2201;
+        };
+        ssl = {
+          path = ssl;
+          cert = "${ssl}/fullchain.pem";
+          key = "${ssl}/key.pem";
+        };
+        paths = {
+          varPaths = {
+            path0 = "${varPath}/${name}";
+          };
+          mntPaths = {
+            path0 = "${mntPath}/${name}";
+          };
+          secretPaths = {
+            path0 = secrets;
+          };
+        };
+      };
  };
 }
--- a/modules/config/instances/config/web.nix
+++ b/modules/config/instances/config/web.nix
@ -1,19 +1,14 @@
 { moduleFunctions }:
 let
  inherit (moduleFunctions.instancesFunctions)
-    domain0
-    domain1
+    dummy
    ;
  label = "Router";
 in
 {
  label = label;
  name = "router";
-  short = label;
-  domains = {
-    url0 = domain0;
-    url1 = domain1;
-  };
+  short = dummy;
  dns = {
    provider0 = "namecheap";
    provider1 = "cloudflare";
@ -22,17 +17,11 @@ in
    "router"
    "asus"
  ];
-  localhost = {
+  addresses = {
    address0 = "127.0.0.1"; # Local
    address1 = "0.0.0.0"; # All
    address2 = "192.168.50.1"; # Router
    address3 = "192.168.50.0"; # Router
    address4 = "192.168.1.0"; # Router
  };
-  remotehost = {
-    address0 = "24.76.173.0";
-  };
-  wireguard = {
-    interface0 = "10.100.0.1";
-  };
 }
--- a/modules/config/instances/config/website.nix
+++ b/modules/config/instances/config/website.nix
@ -0,0 +1,54 @@
+{ moduleFunctions }:
+let
+  inherit (moduleFunctions.instancesFunctions)
+    domain1
+    varPath
+    sslPath
+    ;
+  label = "upRootNutrition";
+  name = "uprootnutrition";
+in
+{
+  label = label;
+  name = name;
+  short = "upRoot";
+  tags = [
+    name
+    "blog"
+  ];
+  interface = {
+    interface0 =
+      let
+        ssl = "${sslPath}/${domain1}";
+      in
+      {
+        domain = domain1;
+        email = "nick@${domain1}";
+        microvm = {
+          id = "vm-uproot";
+          mac = "02:00:00:00:52:21";
+          idUser = "vmuser-uproot";
+          macUser = "02:00:00:00:00:21";
+          ip = "192.168.50.211";
+          gate = "192.168.50.1";
+          ssh = 2300;
+        };
+        ssl = {
+          path = ssl;
+          cert = "${ssl}/fullchain.pem";
+          key = "${ssl}/key.pem";
+        };
+      };
+    interface1 = {
+      microvm = {
+        id = "vm-project";
+        mac = "02:00:00:00:52:22";
+        idUser = "vmuser-project";
+        macUser = "02:00:00:00:00:22";
+        ip = "192.168.50.212";
+        gate = "192.168.50.1";
+        ssh = 2299;
+      };
+    };
+  };
+}
--- a/modules/config/instances/config/wireGuard.nix
+++ b/modules/config/instances/config/wireGuard.nix
@ -1,9 +1,8 @@
 { moduleFunctions }:
 let
  inherit (moduleFunctions.instancesFunctions)
-    sopsPath
+    secretPath
    ;
-
  label = "WireGuard";
  name = "wireguard";
 in
@ -11,10 +10,21 @@ in
  label = label;
  name = name;
  sops = {
-    path0 = "${sopsPath}/${name}";
  };
  ports = {
    port0 = 53;
    port1 = 51821;
  };
+  addresses = {
+    address0 = "10.100.0.1";
+  };
+  interfaces = {
+    interface0 = {
+      paths = {
+        secretPaths = {
+          path0 = "${secretPath}/${name}";
+        };
+      };
+    };
+  };
 }
--- a/modules/config/instances/config/zookeeper.nix
+++ b/modules/config/instances/config/zookeeper.nix
@ -12,19 +12,24 @@ in
  label = label;
  name = name;
  interface = {
-    id = "vm-boonbot";
-    mac = "02:00:00:00:53:23";
-    idUser = "vmuser-boonbot";
-    macUser = "02:00:00:00:00:23";
-    ip = "192.168.50.213";
-    gate = "192.168.50.1";
-    ssh = 2303;
+    interface0 = {
+      microvm = {
+        id = "vm-boonbot";
+        mac = "02:00:00:00:53:23";
+        idUser = "vmuser-boonbot";
+        macUser = "02:00:00:00:00:23";
+        ip = "192.168.50.213";
+        gate = "192.168.50.1";
+        ssh = 2303;
+      };
+      paths = {
+        varPaths = {
+          path0 = "${varPath}/${name}";
+        };
+        mntPaths = {
+          path0 = "${mntPath}/${name}";
+        };
+      };
+    };
  };
-  varPaths = {
-    path0 = "${varPath}/${name}";
-  };
-  mntPaths = {
-    path0 = "${mntPath}/${name}";
-  };
-
 }