From a32993db4cd59042a0a48649c20003e9b4f51f7e Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 22 Jun 2025 11:51:36 -0500 Subject: [PATCH] refactor: standardized instance records --- modules/config/instances/config/acme.nix | 10 +-- .../instances/config/audiobookshelf.nix | 4 +- modules/config/instances/config/forgejo.nix | 24 +++--- modules/config/instances/config/glance.nix | 24 +++--- modules/config/instances/config/jellyfin.nix | 24 +++--- modules/config/instances/config/kanboard.nix | 38 --------- modules/config/instances/config/mastodon.nix | 24 +++--- modules/config/instances/config/matrix.nix | 14 ++-- modules/config/instances/config/minecraft.nix | 18 ++--- modules/config/instances/config/nextcloud.nix | 24 +++--- modules/config/instances/config/nginx.nix | 10 +-- modules/config/instances/config/ollama.nix | 24 +++--- modules/config/instances/config/owncast.nix | 26 +++---- modules/config/instances/config/peertube.nix | 24 +++--- modules/config/instances/config/podgrab.nix | 35 +++++++++ modules/config/instances/config/postfix.nix | 18 ++--- .../config/instances/config/postgresql.nix | 12 +-- modules/config/instances/config/samba.nix | 10 +-- modules/config/instances/config/searx.nix | 24 +++--- modules/config/instances/config/syncthing.nix | 20 ++--- modules/config/instances/config/synology.nix | 10 +-- .../instances/config/upRootNutrition.nix | 10 +-- .../config/instances/config/vaultwarden.nix | 24 +++--- modules/config/instances/config/wireGuard.nix | 10 +-- modules/config/instances/default.nix | 4 - modules/nixos/services/acme/default.nix | 2 +- modules/nixos/services/podgrab/default.nix | 77 +++++++++++++++++++ secrets/secrets.yaml | 5 +- templates/elm/frontend/.gitignore | 0 templates/elm/frontend/README.md | 0 templates/elm/frontend/elm-land.json | 0 templates/elm/frontend/elm.json | 0 templates/elm/frontend/src/Effect.elm | 0 templates/elm/frontend/src/Pages/Home_.elm | 0 .../elm/frontend/src/Pages/NotFound_.elm | 0 templates/elm/frontend/src/Shared.elm | 0 templates/elm/frontend/src/Shared/Model.elm | 0 templates/elm/frontend/src/Shared/Msg.elm | 0 templates/elm/frontend/src/View.elm | 0 templates/elm/frontend/src/interop.ts | 0 40 files changed, 310 insertions(+), 239 deletions(-) delete mode 100755 modules/config/instances/config/kanboard.nix create mode 100644 modules/config/instances/config/podgrab.nix create mode 100644 modules/nixos/services/podgrab/default.nix mode change 100644 => 100755 templates/elm/frontend/.gitignore mode change 100644 => 100755 templates/elm/frontend/README.md mode change 100644 => 100755 templates/elm/frontend/elm-land.json mode change 100644 => 100755 templates/elm/frontend/elm.json mode change 100644 => 100755 templates/elm/frontend/src/Effect.elm mode change 100644 => 100755 templates/elm/frontend/src/Pages/Home_.elm mode change 100644 => 100755 templates/elm/frontend/src/Pages/NotFound_.elm mode change 100644 => 100755 templates/elm/frontend/src/Shared.elm mode change 100644 => 100755 templates/elm/frontend/src/Shared/Model.elm mode change 100644 => 100755 templates/elm/frontend/src/Shared/Msg.elm mode change 100644 => 100755 templates/elm/frontend/src/View.elm mode change 100644 => 100755 templates/elm/frontend/src/interop.ts diff --git a/modules/config/instances/config/acme.nix b/modules/config/instances/config/acme.nix index 9b4a432..0e95fd3 100755 --- a/modules/config/instances/config/acme.nix +++ b/modules/config/instances/config/acme.nix @@ -5,16 +5,16 @@ let sopsPath ; - acmeLabel = "Acme"; - acmeName = "acme"; + label = "Acme"; + name = "acme"; in { - label = acmeLabel; - name = acmeName; + label = label; + name = name; paths = { path0 = sslPath; }; sops = { - path0 = "${sopsPath}/${acmeName}"; + path0 = "${sopsPath}/${name}"; }; } diff --git a/modules/config/instances/config/audiobookshelf.nix b/modules/config/instances/config/audiobookshelf.nix index 2a522a0..e78f45e 100755 --- a/modules/config/instances/config/audiobookshelf.nix +++ b/modules/config/instances/config/audiobookshelf.nix @@ -1,13 +1,13 @@ { instancesFunctions }: let inherit (instancesFunctions) - audiobookshelfLabel - audiobookshelfName domain0 servicePath sslPath sopsPath ; + audiobookshelfLabel = "Audiobookshelf"; + audiobookshelfName = "audiobookshelf"; audiobookshelfSubdomain = "books"; audiobookshelfDomain = "${audiobookshelfSubdomain}.${domain0}"; in diff --git a/modules/config/instances/config/forgejo.nix b/modules/config/instances/config/forgejo.nix index 0caa43b..7a2c2e4 100755 --- a/modules/config/instances/config/forgejo.nix +++ b/modules/config/instances/config/forgejo.nix @@ -7,32 +7,32 @@ let sopsPath ; - forgejoLabel = "Forgejo"; - forgejoName = "forgejo"; - forgejoSubdomain = "source"; - forgejoDomain = "${forgejoSubdomain}.${domain3}"; + label = "Forgejo"; + name = "forgejo"; + subdomain = "source"; + domain = "${subdomain}.${domain3}"; in { - label = forgejoLabel; - name = forgejoName; + label = label; + name = name; email = { address0 = "noreply@${domain3}"; }; sops = { - path0 = "${sopsPath}/${forgejoName}"; + path0 = "${sopsPath}/${name}"; }; domains = { - url0 = forgejoDomain; + url0 = domain; }; - subdomain = forgejoSubdomain; + subdomain = subdomain; paths = { - path0 = "${servicePath}/${forgejoLabel}"; + path0 = "${servicePath}/${label}"; }; ports = { port0 = 3033; }; ssl = { - cert = "${sslPath}/${forgejoSubdomain}.${domain3}/fullchain.pem"; - key = "${sslPath}/${forgejoSubdomain}.${domain3}/key.pem"; + cert = "${sslPath}/${subdomain}.${domain3}/fullchain.pem"; + key = "${sslPath}/${subdomain}.${domain3}/key.pem"; }; } diff --git a/modules/config/instances/config/glance.nix b/modules/config/instances/config/glance.nix index de212ac..1a8b2d8 100755 --- a/modules/config/instances/config/glance.nix +++ b/modules/config/instances/config/glance.nix @@ -7,32 +7,32 @@ let sopsPath ; - glanceLabel = "Glance"; - glanceName = "glance"; - glanceSubdomain = "dashboard"; - glanceDomain = "${glanceSubdomain}.${domain0}"; + label = "Glance"; + name = "glance"; + subdomain = "dashboard"; + domain = "${subdomain}.${domain0}"; in { - label = glanceLabel; - name = glanceName; + label = label; + name = name; email = { address0 = "noreply@${domain0}"; }; sops = { - path0 = "${sopsPath}/${glanceName}"; + path0 = "${sopsPath}/${name}"; }; domains = { - url0 = glanceDomain; + url0 = domain; }; - subdomain = glanceSubdomain; + subdomain = subdomain; paths = { - path0 = "${servicePath}/${glanceLabel}"; + path0 = "${servicePath}/${label}"; }; ports = { port0 = 3434; }; ssl = { - cert = "${sslPath}/${glanceSubdomain}.${domain0}/fullchain.pem"; - key = "${sslPath}/${glanceSubdomain}.${domain0}/key.pem"; + cert = "${sslPath}/${subdomain}.${domain0}/fullchain.pem"; + key = "${sslPath}/${subdomain}.${domain0}/key.pem"; }; } diff --git a/modules/config/instances/config/jellyfin.nix b/modules/config/instances/config/jellyfin.nix index 7b39dc6..3b07d10 100755 --- a/modules/config/instances/config/jellyfin.nix +++ b/modules/config/instances/config/jellyfin.nix @@ -2,27 +2,27 @@ let inherit (instancesFunctions) domain0 - jellyfinLabel - jellyfinName servicePath sslPath sopsPath ; - jellyfinDomain = "${jellyfinName}.${domain0}"; + label = "Jellyfin"; + name = "jellyfin"; + domain = "${name}.${domain0}"; in { - label = jellyfinLabel; - name = jellyfinName; + label = label; + name = name; sops = { - path0 = "${sopsPath}/${jellyfinName}"; + path0 = "${sopsPath}/${name}"; }; domains = { - url0 = jellyfinDomain; + url0 = domain; }; - subdomain = jellyfinName; + subdomain = name; paths = { - path0 = "${servicePath}/${jellyfinLabel}"; - path1 = "${servicePath}/${jellyfinLabel}/cache"; + path0 = "${servicePath}/${label}"; + path1 = "${servicePath}/${label}/cache"; }; ports = { port0 = 5055; # Jellyseer @@ -30,7 +30,7 @@ in port2 = 8920; # Jellyfin HTTPS }; ssl = { - cert = "${sslPath}/${jellyfinName}.${domain0}/fullchain.pem"; - key = "${sslPath}/${jellyfinName}.${domain0}/key.pem"; + cert = "${sslPath}/${name}.${domain0}/fullchain.pem"; + key = "${sslPath}/${name}.${domain0}/key.pem"; }; } diff --git a/modules/config/instances/config/kanboard.nix b/modules/config/instances/config/kanboard.nix deleted file mode 100755 index 1f5d5c0..0000000 --- a/modules/config/instances/config/kanboard.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ instancesFunctions }: -let - inherit (instancesFunctions) - domain0 - servicePath - sslPath - sopsPath - ; - - kanboardLabel = "Kanboard"; - kanboardName = "kanboard"; - kanboardSubdomain = "todo"; - kanboardDomain = "${kanboardSubdomain}.${domain0}"; -in -{ - label = kanboardLabel; - name = kanboardName; - email = { - address0 = "noreply@${kanboardName}.${domain0}"; - }; - sops = { - path0 = "${sopsPath}/${kanboardName}"; - }; - domains = { - url0 = kanboardDomain; - }; - subdomain = kanboardSubdomain; - paths = { - path0 = "${servicePath}/${kanboardLabel}"; - }; - ports = { - port0 = 3128; - }; - ssl = { - cert = "${sslPath}/${kanboardSubdomain}.${domain0}/fullchain.pem"; - key = "${sslPath}/${kanboardSubdomain}.${domain0}/key.pem"; - }; -} diff --git a/modules/config/instances/config/mastodon.nix b/modules/config/instances/config/mastodon.nix index 96e82e9..474d2a9 100755 --- a/modules/config/instances/config/mastodon.nix +++ b/modules/config/instances/config/mastodon.nix @@ -7,31 +7,31 @@ let sopsPath ; - mastodonLabel = "Mastodon"; - mastodonName = "mastodon"; - mastodonSubdomain = "social"; - mastodonDomain = "${mastodonSubdomain}.${domain3}"; + label = "Mastodon"; + name = "mastodon"; + subdomain = "social"; + domain = "${subdomain}.${domain3}"; in { - label = mastodonLabel; - name = mastodonName; + label = label; + name = name; email = { address0 = "noreply@${domain3}"; }; domains = { - url0 = mastodonDomain; + url0 = domain; }; - subdomain = mastodonSubdomain; + subdomain = subdomain; sops = { - path0 = "${sopsPath}/${mastodonName}"; + path0 = "${sopsPath}/${name}"; }; paths = { - path0 = "${servicePath}/${mastodonLabel}"; + path0 = "${servicePath}/${label}"; path1 = ""; path2 = ""; }; ssl = { - cert = "${sslPath}/${mastodonSubdomain}.${domain3}/fullchain.pem"; - key = "${sslPath}/${mastodonSubdomain}.${domain3}/key.pem"; + cert = "${sslPath}/${subdomain}.${domain3}/fullchain.pem"; + key = "${sslPath}/${subdomain}.${domain3}/key.pem"; }; } diff --git a/modules/config/instances/config/matrix.nix b/modules/config/instances/config/matrix.nix index 60584e1..c9c4c73 100755 --- a/modules/config/instances/config/matrix.nix +++ b/modules/config/instances/config/matrix.nix @@ -5,18 +5,18 @@ let sopsPath ; - matrixLabel = "Matrix"; - matrixName = "matrix"; + label = "Matrix"; + name = "matrix"; in { - label = matrixLabel; - name = matrixName; + label = label; + name = name; sops = { - path0 = "${sopsPath}/${matrixName}"; + path0 = "${sopsPath}/${name}"; }; - subdomain = matrixName; + subdomain = name; paths = { - path0 = "${servicePath}/${matrixLabel}"; + path0 = "${servicePath}/${label}"; path1 = ""; path2 = ""; }; diff --git a/modules/config/instances/config/minecraft.nix b/modules/config/instances/config/minecraft.nix index a31fda9..08d5f56 100755 --- a/modules/config/instances/config/minecraft.nix +++ b/modules/config/instances/config/minecraft.nix @@ -7,24 +7,24 @@ let sopsPath ; - minecraftLabel = "Minecraft"; - minecraftName = "minecraft"; + label = "Minecraft"; + name = "minecraft"; in { - label = minecraftLabel; - name = minecraftName; + label = label; + name = name; sops = { - path0 = "${sopsPath}/${minecraftName}"; + path0 = "${sopsPath}/${name}"; }; - subdomain = minecraftName; + subdomain = name; paths = { - path0 = "${servicePath}/${minecraftLabel}"; + path0 = "${servicePath}/${label}"; }; ports = { port0 = 43000; # Minecraft (Brix on Nix) }; ssl = { - cert = "${sslPath}/${minecraftName}.${domain0}/fullchain.pem"; - key = "${sslPath}/${minecraftName}.${domain0}/key.pem"; + cert = "${sslPath}/${name}.${domain0}/fullchain.pem"; + key = "${sslPath}/${name}.${domain0}/key.pem"; }; } diff --git a/modules/config/instances/config/nextcloud.nix b/modules/config/instances/config/nextcloud.nix index 76c83a1..76db639 100755 --- a/modules/config/instances/config/nextcloud.nix +++ b/modules/config/instances/config/nextcloud.nix @@ -7,31 +7,31 @@ let sopsPath ; - nextcloudLabel = "Nextcloud"; - nextcloudName = "nextcloud"; - nextcloudDomain = "${nextcloudName}.${domain0}"; + label = "Nextcloud"; + name = "nextcloud"; + domain = "${name}.${domain0}"; in { - label = nextcloudLabel; - name = nextcloudName; + label = label; + name = name; email = { - address0 = "noreply@${nextcloudName}.${domain0}"; + address0 = "noreply@${name}.${domain0}"; }; sops = { - path0 = "${sopsPath}/${nextcloudName}"; + path0 = "${sopsPath}/${name}"; }; domains = { - url0 = nextcloudDomain; + url0 = domain; }; - subdomain = nextcloudName; + subdomain = name; paths = { - path0 = "${servicePath}/${nextcloudLabel}"; + path0 = "${servicePath}/${label}"; }; ports = { port0 = 8354; # Nextcloud }; ssl = { - cert = "${sslPath}/${nextcloudName}.${domain0}/fullchain.pem"; - key = "${sslPath}/${nextcloudName}.${domain0}/key.pem"; + cert = "${sslPath}/${name}.${domain0}/fullchain.pem"; + key = "${sslPath}/${name}.${domain0}/key.pem"; }; } diff --git a/modules/config/instances/config/nginx.nix b/modules/config/instances/config/nginx.nix index fa9bce9..07e640c 100755 --- a/modules/config/instances/config/nginx.nix +++ b/modules/config/instances/config/nginx.nix @@ -4,14 +4,14 @@ let sopsPath ; - nginxLabel = "Nginx"; - nginxName = "nginx"; + label = "Nginx"; + name = "nginx"; in { - label = nginxLabel; - name = nginxName; + label = label; + name = name; sops = { - path0 = "${sopsPath}/${nginxName}"; + path0 = "${sopsPath}/${name}"; }; ports = { port0 = 8080; diff --git a/modules/config/instances/config/ollama.nix b/modules/config/instances/config/ollama.nix index ad5e009..2262b14 100755 --- a/modules/config/instances/config/ollama.nix +++ b/modules/config/instances/config/ollama.nix @@ -7,30 +7,30 @@ let sopsPath ; - ollamaLabel = "Ollama"; - ollamaName = "ollama"; - ollamaDomain = "${ollamaName}.${domain0}"; + label = "Ollama"; + name = "ollama"; + domain = "${name}.${domain0}"; in { - label = ollamaLabel; - name = ollamaName; + label = label; + name = name; sops = { - path0 = "${sopsPath}/${ollamaName}"; + path0 = "${sopsPath}/${name}"; }; domains = { - url0 = ollamaDomain; + url0 = domain; }; - subdomain = ollamaName; + subdomain = name; paths = { - path0 = "${servicePath}/${ollamaLabel}"; - path1 = "/mnt/media/storage/${ollamaName}"; + path0 = "${servicePath}/${label}"; + path1 = "/mnt/media/storage/${name}"; }; ports = { port0 = 8088; # Open-WebUI (Ollama Front End) port1 = 11434; # Ollama API }; ssl = { - cert = "${sslPath}/${ollamaName}.${domain0}/fullchain.pem"; - key = "${sslPath}/${ollamaName}.${domain0}/key.pem"; + cert = "${sslPath}/${name}.${domain0}/fullchain.pem"; + key = "${sslPath}/${name}.${domain0}/key.pem"; }; } diff --git a/modules/config/instances/config/owncast.nix b/modules/config/instances/config/owncast.nix index 79484dc..126edbd 100755 --- a/modules/config/instances/config/owncast.nix +++ b/modules/config/instances/config/owncast.nix @@ -7,31 +7,31 @@ let sopsPath ; - owncastLabel = "Owncast"; - owncastName = "owncast"; - owncastSubdomain = "stream"; - owncastDomain = "${owncastSubdomain}.${domain1}"; + label = "Owncast"; + name = "owncast"; + subdomain = "stream"; + domain = "${subdomain}.${domain1}"; in { - label = owncastLabel; - name = owncastName; + label = label; + name = name; sops = { - path0 = "${sopsPath}/${owncastName}"; + path0 = "${sopsPath}/${name}"; }; domains = { - url0 = owncastDomain; + url0 = domain; }; - subdomain = owncastSubdomain; + subdomain = subdomain; paths = { - path0 = "${servicePath}/${owncastLabel}"; - path1 = "/mnt/media/storage/${owncastName}"; + path0 = "${servicePath}/${label}"; + path1 = "/mnt/media/storage/${name}"; }; ports = { port0 = 9454; port1 = 1935; }; ssl = { - cert = "${sslPath}/${owncastSubdomain}.${domain1}/fullchain.pem"; - key = "${sslPath}/${owncastSubdomain}.${domain1}/key.pem"; + cert = "${sslPath}/${subdomain}.${domain1}/fullchain.pem"; + key = "${sslPath}/${subdomain}.${domain1}/key.pem"; }; } diff --git a/modules/config/instances/config/peertube.nix b/modules/config/instances/config/peertube.nix index a6daf36..21f54fb 100755 --- a/modules/config/instances/config/peertube.nix +++ b/modules/config/instances/config/peertube.nix @@ -7,26 +7,26 @@ let sopsPath ; - peertubeLabel = "PeerTube"; - peertubeName = "peertube"; - peertubeSubdomain = "video"; - peertubeDomain = "${peertubeSubdomain}.${domain3}"; + label = "PeerTube"; + name = "peertube"; + subdomain = "video"; + domain = "${subdomain}.${domain3}"; in { - label = peertubeLabel; - name = peertubeName; + label = label; + name = name; email = { address0 = "noreply@${domain3}"; }; sops = { - path0 = "${sopsPath}/${peertubeName}"; + path0 = "${sopsPath}/${name}"; }; domains = { - url0 = peertubeDomain; + url0 = domain; }; - subdomain = peertubeSubdomain; + subdomain = subdomain; paths = { - path0 = "${servicePath}/${peertubeLabel}"; + path0 = "${servicePath}/${label}"; }; ports = { port0 = 9000; # HTTP @@ -36,7 +36,7 @@ in port4 = 52800; }; ssl = { - cert = "${sslPath}/${peertubeSubdomain}.${domain3}/fullchain.pem"; - key = "${sslPath}/${peertubeSubdomain}.${domain3}/key.pem"; + cert = "${sslPath}/${subdomain}.${domain3}/fullchain.pem"; + key = "${sslPath}/${subdomain}.${domain3}/key.pem"; }; } diff --git a/modules/config/instances/config/podgrab.nix b/modules/config/instances/config/podgrab.nix new file mode 100644 index 0000000..363218b --- /dev/null +++ b/modules/config/instances/config/podgrab.nix @@ -0,0 +1,35 @@ +{ instancesFunctions }: +let + inherit (instancesFunctions) + domain0 + servicePath + sslPath + sopsPath + ; + + label = "Podgrab"; + name = "podgrab"; + subdomain = "podcasts"; + domain = "${subdomain}.${domain0}"; +in +{ + label = label; + name = name; + sops = { + path0 = "${sopsPath}/${name}"; + }; + domains = { + url0 = domain; + }; + subdomain = name; + paths = { + path0 = "${servicePath}/${label}"; + }; + ports = { + port0 = 4242; + }; + ssl = { + cert = "${sslPath}/${name}.${domain0}/fullchain.pem"; + key = "${sslPath}/${name}.${domain0}/key.pem"; + }; +} diff --git a/modules/config/instances/config/postfix.nix b/modules/config/instances/config/postfix.nix index d00765f..59938df 100755 --- a/modules/config/instances/config/postfix.nix +++ b/modules/config/instances/config/postfix.nix @@ -7,22 +7,22 @@ let sopsPath ; - postfixLabel = "Postfix"; - postfixName = "postfix"; - postfixDomain = "${postfixName}.${domain3}"; + label = "Postfix"; + name = "postfix"; + domain = "${name}.${domain3}"; in { - label = postfixLabel; - name = postfixName; + label = label; + name = name; sops = { - path0 = "${sopsPath}/${postfixName}"; + path0 = "${sopsPath}/${name}"; }; domains = { - url0 = postfixDomain; + url0 = domain; }; - subdomain = postfixName; + subdomain = name; paths = { - path0 = "${servicePath}/${postfixLabel}"; + path0 = "${servicePath}/${label}"; }; ssl = { cert = "${sslPath}/${domain3}/fullchain.pem"; diff --git a/modules/config/instances/config/postgresql.nix b/modules/config/instances/config/postgresql.nix index b03a623..51d9042 100755 --- a/modules/config/instances/config/postgresql.nix +++ b/modules/config/instances/config/postgresql.nix @@ -5,17 +5,17 @@ let sopsPath ; - postgresLabel = "PostgreSQL"; - postgresName = "postgres"; + label = "PostgreSQL"; + name = "postgres"; in { - label = postgresLabel; - name = postgresName; + label = label; + name = name; sops = { - path0 = "${sopsPath}/${postgresName}"; + path0 = "${sopsPath}/${name}"; }; paths = { - path0 = "${servicePath}/${postgresLabel}"; + path0 = "${servicePath}/${label}"; }; ports = { port0 = 5432; diff --git a/modules/config/instances/config/samba.nix b/modules/config/instances/config/samba.nix index f364d9c..2f672f1 100755 --- a/modules/config/instances/config/samba.nix +++ b/modules/config/instances/config/samba.nix @@ -4,14 +4,14 @@ let sopsPath ; - sambaLabel = "Samba"; - sambaName = "samba"; + label = "Samba"; + name = "samba"; in { - label = sambaLabel; - name = sambaName; + label = label; + name = name; sops = { - path0 = "${sopsPath}/${sambaName}"; + path0 = "${sopsPath}/${name}"; }; paths = { }; diff --git a/modules/config/instances/config/searx.nix b/modules/config/instances/config/searx.nix index d46e892..be18191 100755 --- a/modules/config/instances/config/searx.nix +++ b/modules/config/instances/config/searx.nix @@ -7,32 +7,32 @@ let sopsPath ; - searxLabel = "SearXNG"; - searxName = "searx"; - searxSubdomain = "search"; - searxDomain = "${searxSubdomain}.${domain0}"; + label = "SearXNG"; + name = "searx"; + subdomain = "search"; + domain = "${subdomain}.${domain0}"; in { - label = searxLabel; - name = searxName; + label = label; + name = name; email = { address0 = "noreply@${domain0}"; }; sops = { - path0 = "${sopsPath}/${searxName}"; + path0 = "${sopsPath}/${name}"; }; domains = { - url0 = searxDomain; + url0 = domain; }; - subdomain = searxSubdomain; + subdomain = subdomain; paths = { - path0 = "${servicePath}/${searxLabel}"; + path0 = "${servicePath}/${label}"; }; ports = { port0 = 8888; }; ssl = { - cert = "${sslPath}/${searxSubdomain}.${domain0}/fullchain.pem"; - key = "${sslPath}/${searxSubdomain}.${domain0}/key.pem"; + cert = "${sslPath}/${subdomain}.${domain0}/fullchain.pem"; + key = "${sslPath}/${subdomain}.${domain0}/key.pem"; }; } diff --git a/modules/config/instances/config/syncthing.nix b/modules/config/instances/config/syncthing.nix index 5d24953..cdfb9ae 100755 --- a/modules/config/instances/config/syncthing.nix +++ b/modules/config/instances/config/syncthing.nix @@ -6,27 +6,27 @@ let sopsPath ; - syncthingLabel = "Syncthing"; - syncthingName = "syncthing"; - syncthingDomain = "${syncthingName}.${domain0}"; + label = "Syncthing"; + name = "syncthing"; + domain = "${name}.${domain0}"; in { - label = syncthingLabel; - name = syncthingName; + label = label; + name = name; sops = { - path0 = "${sopsPath}/${syncthingName}"; + path0 = "${sopsPath}/${name}"; }; domains = { - url0 = syncthingDomain; + url0 = domain; }; - subdomain = syncthingName; + subdomain = name; ports = { port0 = 8388; # Syncthing (WebUI) port1 = 21027; # Syncthing (Discovery) port2 = 22000; # Syncthing (Transfer) }; ssl = { - cert = "${sslPath}/${syncthingName}.${domain0}/fullchain.pem"; - key = "${sslPath}/${syncthingName}.${domain0}/key.pem"; + cert = "${sslPath}/${name}.${domain0}/fullchain.pem"; + key = "${sslPath}/${name}.${domain0}/key.pem"; }; } diff --git a/modules/config/instances/config/synology.nix b/modules/config/instances/config/synology.nix index 48d4c11..b18d264 100755 --- a/modules/config/instances/config/synology.nix +++ b/modules/config/instances/config/synology.nix @@ -4,14 +4,14 @@ let sopsPath ; - synologyLabel = "Synology"; - synologyName = "synology"; + label = "Synology"; + name = "synology"; in { - label = synologyLabel; - name = synologyName; + label = label; + name = name; sops = { - path0 = "${sopsPath}/${synologyName}"; + path0 = "${sopsPath}/${name}"; }; ports = { port0 = 5001; # Synology HTTPS diff --git a/modules/config/instances/config/upRootNutrition.nix b/modules/config/instances/config/upRootNutrition.nix index 059f8f0..6e38aa0 100755 --- a/modules/config/instances/config/upRootNutrition.nix +++ b/modules/config/instances/config/upRootNutrition.nix @@ -6,17 +6,17 @@ let sopsPath ; - upRootNutritionLabel = "upRootNutrition"; - upRootNutritionName = "uprootnutrition"; + label = "upRootNutrition"; + name = "uprootnutrition"; in { - label = upRootNutritionLabel; - name = upRootNutritionName; + label = label; + name = name; email = { address0 = "nick@${domain3}"; }; sops = { - path0 = "${sopsPath}/${upRootNutritionName}"; + path0 = "${sopsPath}/${name}"; }; paths = { path0 = "/var/lib/website/dist"; diff --git a/modules/config/instances/config/vaultwarden.nix b/modules/config/instances/config/vaultwarden.nix index e84a5b3..3805bfd 100755 --- a/modules/config/instances/config/vaultwarden.nix +++ b/modules/config/instances/config/vaultwarden.nix @@ -7,31 +7,31 @@ let sopsPath ; - vaultwardenLabel = "Vaultwarden"; - vaultwardenName = "vaultwarden"; - vaultwardenDomain = "${vaultwardenName}.${domain0}"; + label = "Vaultwarden"; + name = "vaultwarden"; + domain = "${name}.${domain0}"; in { - label = vaultwardenLabel; - name = vaultwardenName; + label = label; + name = name; email = { - address0 = "noreply@${vaultwardenName}.${domain0}"; + address0 = "noreply@${name}.${domain0}"; }; sops = { - path0 = "${sopsPath}/${vaultwardenName}"; + path0 = "${sopsPath}/${name}"; }; domains = { - url0 = vaultwardenDomain; + url0 = domain; }; - subdomain = vaultwardenName; + subdomain = name; paths = { - path0 = "${servicePath}/${vaultwardenLabel}/BackupDir"; + path0 = "${servicePath}/${label}/BackupDir"; }; ports = { port0 = 8085; # Vaultwarden WebUI }; ssl = { - cert = "${sslPath}/${vaultwardenName}.${domain0}/fullchain.pem"; - key = "${sslPath}/${vaultwardenName}.${domain0}/key.pem"; + cert = "${sslPath}/${name}.${domain0}/fullchain.pem"; + key = "${sslPath}/${name}.${domain0}/key.pem"; }; } diff --git a/modules/config/instances/config/wireGuard.nix b/modules/config/instances/config/wireGuard.nix index 49d6824..c9509d1 100755 --- a/modules/config/instances/config/wireGuard.nix +++ b/modules/config/instances/config/wireGuard.nix @@ -4,14 +4,14 @@ let sopsPath ; - wireGuardLabel = "WireGuard"; - wireGuardName = "wireguard"; + label = "WireGuard"; + name = "wireguard"; in { - label = wireGuardLabel; - name = wireGuardName; + label = label; + name = name; sops = { - path0 = "${sopsPath}/${wireGuardName}"; + path0 = "${sopsPath}/${name}"; }; ports = { }; diff --git a/modules/config/instances/default.nix b/modules/config/instances/default.nix index bfd67c3..f492911 100755 --- a/modules/config/instances/default.nix +++ b/modules/config/instances/default.nix @@ -2,10 +2,6 @@ let configPath = ./config; instancesFunctions = { - jellyfinLabel = "Jellyfin"; - jellyfinName = "jellyfin"; - audiobookshelfLabel = "Audiobookshelf"; - audiobookshelfName = "audiobookshelf"; domain0 = "cloudbert.fun"; domain1 = "the-nutrivore.social"; domain2 = "the-nutrivore.com"; diff --git a/modules/nixos/services/acme/default.nix b/modules/nixos/services/acme/default.nix index d6e1073..659eff6 100755 --- a/modules/nixos/services/acme/default.nix +++ b/modules/nixos/services/acme/default.nix @@ -38,8 +38,8 @@ in "nextcloud" "syncthing" "searx" + "podgrab" "vaultwarden" - "kanboard" "audiobookshelf" ] ) diff --git a/modules/nixos/services/podgrab/default.nix b/modules/nixos/services/podgrab/default.nix new file mode 100644 index 0000000..f2c9c25 --- /dev/null +++ b/modules/nixos/services/podgrab/default.nix @@ -0,0 +1,77 @@ +{ config, flake, ... }: +let + inherit (flake.config.services.instances) podgrab web; + inherit (flake.config.machines.devices) ceres; + service = podgrab; + localhost = web.localhost.address0; + host = service.domains.url0; +in +{ + services = { + podgrab = { + enable = true; + port = service.ports.port0; + passwordFile = config.sops.secrets."${service.name}-pass".path; + dataDirectory = service.paths.path0; + }; + caddy = { + virtualHosts = { + "${host}" = { + extraConfig = '' + redir /.well-known/carddav /remote.php/dav/ 301 + redir /.well-known/caldav /remote.php/dav/ 301 + + reverse_proxy ${localhost}:${toString service.ports.port1} + + tls ${service.ssl.cert} ${service.ssl.key} + ''; + }; + }; + }; + }; + + sops = + let + sopsPath = secret: { + path = "${service.sops.path0}/${service.name}-${secret}"; + owner = service.name; + mode = "600"; + }; + in + { + secrets = builtins.listToAttrs ( + map + (secret: { + name = "${service.name}-${secret}"; + value = sopsPath secret; + }) + [ + "pass" + ] + ); + }; + + fileSystems."/var/lib/${service.name}" = { + device = service.paths.path0; + fsType = "none"; + options = [ + "bind" + ]; + depends = [ + ceres.storage0.mount + ]; + }; + + systemd.tmpfiles.rules = [ + "Z ${service.paths.path0} 0755 ${service.name} ${service.name} -" + "Z ${service.sops.path0} 0755 ${service.name} ${service.name} -" + ]; + + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + ]; + }; + }; +} diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 0a6b517..3d45502 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -36,6 +36,7 @@ wireguard-CA358: ENC[AES256_GCM,data:/VewmiNfRc9/wSE7TT+z1F9LLIvr/5wPsQZ/zBwAh3d wireguard-CA627: ENC[AES256_GCM,data:chmDsH2nE0nagjFRZWuxX08/Ykt+rIgCHYkMHd+7nIqihK5SebF7MJlrp84=,iv:NVOlGE7W70nQ0UM/i5WixJvDULO3Y4cLf8h+OAGHhQQ=,tag:L123ShCnr9+kIg1itIoqBA==,type:str] glance-jellyfin: ENC[AES256_GCM,data:ozdDKgAWkA88J2j8RtiOP/aQPAt/neUOSlAZF20g510=,iv:x+VhYlnA9F/VPrzVcma4/oPelCc8kjWoTZvOs4L9Uqo=,tag:crdSDjr8Y5GH/JAF6t8Yeg==,type:str] kanboard-smtp: ENC[AES256_GCM,data:eOIEGwJZlvbJaTfDRU3IFQ==,iv:Jex01WlHG3uxqUnTSF+v1BgnNcIu4cS9OwHBCFl1m28=,tag:3Eld1FkI6AftlCyC3419BA==,type:str] +podgrab-pass: ENC[AES256_GCM,data:Dg2eI0+yufvwfs6b3iNXtuyZR0ivL4U5LeC23isHZO4=,iv:ORB8xIBnNeJ6eQvm6Gb972Qv5xxY+cldwfUNYXaz6GA=,tag:ANAC/oyF6hqOGopYvpzaPQ==,type:str] sops: age: - recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0 @@ -47,7 +48,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-06-09T22:48:59Z" - mac: ENC[AES256_GCM,data:NDH6wnmCs/D4SPJW5UaI96dfH0LrNG3H6khNUndFg8qWn8AG8/QJjsanSkEs+OnOE/l4nO84qAr9k9mEeqtYxDQsPehrBroSNPZQLsmB9EWCM7mHX4f9aeadm7liWWRf8ay96F3zl8PrxJNEus8cO57FKDVDqUgcldSzdaHxI00=,iv:1Jbhr61vUmByPfGquSrHWiytgasjmGMw+aXPZnuCLN8=,tag:UzgVLK+wsFSwAUKmIImN/g==,type:str] + lastmodified: "2025-06-22T16:48:14Z" + mac: ENC[AES256_GCM,data:qmfkuAvJuDSyWRFuEyp1Kb2Ba4QrMAHN1WrMaN3FIbpEm/jWAw6yyEiZ5fEwr5XMkBczjkg7ioG+IFf28I6TEgZVrgAv3NKm2wkIw2SCU0Fo7+s5Hbv4vT0pra6rHwL+b9ND6K32Z7hbanGytqLtv99Y9YxyVplzPaEIa0CP4v0=,iv:1lU5vKoAV4vr1lFv1dxqJrGu5fUsQQtzsSKOc+BhnVA=,tag:r/7gli4X5UpejJTe6UQywQ==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 diff --git a/templates/elm/frontend/.gitignore b/templates/elm/frontend/.gitignore old mode 100644 new mode 100755 diff --git a/templates/elm/frontend/README.md b/templates/elm/frontend/README.md old mode 100644 new mode 100755 diff --git a/templates/elm/frontend/elm-land.json b/templates/elm/frontend/elm-land.json old mode 100644 new mode 100755 diff --git a/templates/elm/frontend/elm.json b/templates/elm/frontend/elm.json old mode 100644 new mode 100755 diff --git a/templates/elm/frontend/src/Effect.elm b/templates/elm/frontend/src/Effect.elm old mode 100644 new mode 100755 diff --git a/templates/elm/frontend/src/Pages/Home_.elm b/templates/elm/frontend/src/Pages/Home_.elm old mode 100644 new mode 100755 diff --git a/templates/elm/frontend/src/Pages/NotFound_.elm b/templates/elm/frontend/src/Pages/NotFound_.elm old mode 100644 new mode 100755 diff --git a/templates/elm/frontend/src/Shared.elm b/templates/elm/frontend/src/Shared.elm old mode 100644 new mode 100755 diff --git a/templates/elm/frontend/src/Shared/Model.elm b/templates/elm/frontend/src/Shared/Model.elm old mode 100644 new mode 100755 diff --git a/templates/elm/frontend/src/Shared/Msg.elm b/templates/elm/frontend/src/Shared/Msg.elm old mode 100644 new mode 100755 diff --git a/templates/elm/frontend/src/View.elm b/templates/elm/frontend/src/View.elm old mode 100644 new mode 100755 diff --git a/templates/elm/frontend/src/interop.ts b/templates/elm/frontend/src/interop.ts old mode 100644 new mode 100755