From 12e71839730c23086df9ec0a66f921c9a95324be Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 13:35:12 -0500 Subject: [PATCH 01/38] feat: opencloud test --- modules/config/instances/config/opencloud.nix | 38 +++++++++++++ .../userSettings/config/assistant/default.nix | 2 +- modules/home/gui/apps/code/zed/default.nix | 2 +- .../gui/desktop/hypr/land/config/bind.nix | 11 ++-- modules/nixos/services/acme/default.nix | 1 + modules/nixos/services/opencloud/default.nix | 56 +++++++++++++++++++ 6 files changed, 103 insertions(+), 7 deletions(-) create mode 100644 modules/config/instances/config/opencloud.nix create mode 100644 modules/nixos/services/opencloud/default.nix diff --git a/modules/config/instances/config/opencloud.nix b/modules/config/instances/config/opencloud.nix new file mode 100644 index 0000000..56f4e2b --- /dev/null +++ b/modules/config/instances/config/opencloud.nix @@ -0,0 +1,38 @@ +{ moduleFunctions }: +let + inherit (moduleFunctions.instancesFunctions) + domain0 + servicePath + sslPath + sopsPath + ; + + label = "OpenCloud"; + name = "opencloud"; + subdomain = "cloud"; + domain = "${subdomain}.${domain0}"; +in +{ + label = label; + name = name; + email = { + address0 = "noreply@${domain0}"; + }; + sops = { + path0 = "${sopsPath}/${name}"; + }; + domains = { + url0 = domain; + }; + subdomain = subdomain; + paths = { + path0 = "${servicePath}/${label}"; + }; + ports = { + port0 = 9200; + }; + ssl = { + cert = "${sslPath}/${subdomain}.${domain0}/fullchain.pem"; + key = "${sslPath}/${subdomain}.${domain0}/key.pem"; + }; +} diff --git a/modules/home/gui/apps/code/zed/config/userSettings/config/assistant/default.nix b/modules/home/gui/apps/code/zed/config/userSettings/config/assistant/default.nix index 729c207..71ff3aa 100755 --- a/modules/home/gui/apps/code/zed/config/userSettings/config/assistant/default.nix +++ b/modules/home/gui/apps/code/zed/config/userSettings/config/assistant/default.nix @@ -11,7 +11,7 @@ let localhost = web.localhost.address0; in { - assistant = { + agent = { enabled = true; default_model = { provider = "zed.dev"; diff --git a/modules/home/gui/apps/code/zed/default.nix b/modules/home/gui/apps/code/zed/default.nix index 142d84b..7d2d81f 100755 --- a/modules/home/gui/apps/code/zed/default.nix +++ b/modules/home/gui/apps/code/zed/default.nix @@ -23,7 +23,7 @@ in { programs.zed-editor = { enable = true; - package = packagePath; + # package = packagePath; extraPackages = extraPackagesPath; extensions = extensionsPath; userKeymaps = userKeymapsPath; diff --git a/modules/home/gui/desktop/hypr/land/config/bind.nix b/modules/home/gui/desktop/hypr/land/config/bind.nix index 82d2bd7..1df8cbc 100755 --- a/modules/home/gui/desktop/hypr/land/config/bind.nix +++ b/modules/home/gui/desktop/hypr/land/config/bind.nix @@ -84,11 +84,7 @@ let "3, movetoworkspacesilent, 3" "4, movetoworkspacesilent, 4" "5, movetoworkspacesilent, 5" - # Window Move - "C, movewindow, l" - "A, movewindow, u" - "E, movewindow, d" - "I, movewindow, r" + ]; shiftBinds = builtins.map (x: "SHIFT, " + x) [ @@ -108,10 +104,15 @@ let "3, movetoworkspacesilent, 3" "4, movetoworkspacesilent, 4" "5, movetoworkspacesilent, 5" + # Window Move "Left, movewindow, l" "Up, movewindow, u" "Down, movewindow, d" "Right, movewindow, r" + "C, movewindow, l" + "A, movewindow, u" + "E, movewindow, d" + "I, movewindow, r" ]; functionBinds = builtins.map (x: " , " + x) [ diff --git a/modules/nixos/services/acme/default.nix b/modules/nixos/services/acme/default.nix index 06fd49c..b02564c 100755 --- a/modules/nixos/services/acme/default.nix +++ b/modules/nixos/services/acme/default.nix @@ -41,6 +41,7 @@ in "searx" "syncthing" "vaultwarden" + "opencloud" ] ) ++ (map diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix new file mode 100644 index 0000000..4b2180c --- /dev/null +++ b/modules/nixos/services/opencloud/default.nix @@ -0,0 +1,56 @@ +{ flake, ... }: +let + inherit (flake.config.machines.devices) ceres; + inherit (flake.config.services.instances) opencloud web; + service = opencloud; + localhost = web.localhost.address1; + host = service.domains.url0; +in +{ + services = { + opencloud = { + enable = true; + url = "https://${host}:${service.ports.port0}"; + port = service.ports.port0; + address = localhost; + stateDir = "/var/lib/${service.name}"; + environment = { + OC_INSECURE = "false"; + }; + }; + caddy = { + virtualHosts = { + "${host}" = { + extraConfig = '' + reverse_proxy ${localhost}:${toString service.ports.port0} + + tls ${service.ssl.cert} ${service.ssl.key} + ''; + }; + }; + }; + }; + fileSystems."/var/lib/${service.name}" = { + device = service.paths.path0; + fsType = "none"; + options = [ + "bind" + ]; + depends = [ + ceres.storage0.mount + ]; + }; + + systemd.tmpfiles.rules = [ + "Z ${service.paths.path0} 755 ${service.name} ${service.name} -" + # "Z ${service.sops.path0} 755 ${service.name} ${service.name} -" + ]; + + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + ]; + }; + }; +} From 8b136c2c9c129675012a4a9dabde3ea1f219e912 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 13:38:50 -0500 Subject: [PATCH 02/38] feat: opencloud test --- modules/nixos/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index a84622f..8228d2f 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -58,6 +58,7 @@ in mastodon minecraft ollama + opencloud postgresql samba searx From df578da148d6253035cd6555e67dd6f735e7e5c3 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 13:39:57 -0500 Subject: [PATCH 03/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 4b2180c..77c6be8 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -11,7 +11,7 @@ in opencloud = { enable = true; url = "https://${host}:${service.ports.port0}"; - port = service.ports.port0; + port = builtins.toString service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; environment = { From c6db591e36c25743ce805d3aab4942de57610c5c Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 13:40:40 -0500 Subject: [PATCH 04/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 77c6be8..fa4d8b2 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,7 +10,7 @@ in services = { opencloud = { enable = true; - url = "https://${host}:${service.ports.port0}"; + url = "https://${host}:${builtins.toString service.ports.port0}"; port = builtins.toString service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; From aa0e210939260de1c92bb6a38f6fbe50cd109b23 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 13:42:03 -0500 Subject: [PATCH 05/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index fa4d8b2..38ef7d4 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -11,7 +11,7 @@ in opencloud = { enable = true; url = "https://${host}:${builtins.toString service.ports.port0}"; - port = builtins.toString service.ports.port0; + port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; environment = { From 8cf23010b73c0d92a4f9a4e07f4a4f811e298bcc Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:04:06 -0500 Subject: [PATCH 06/38] feat: opencloud test --- modules/nixos/services/nextcloud/default.nix | 1 - modules/nixos/services/opencloud/default.nix | 26 +++++++++++++++++++- secrets/secrets.yaml | 5 ++-- 3 files changed, 28 insertions(+), 4 deletions(-) diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index e51bbff..ce7bce6 100755 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -107,7 +107,6 @@ in }) [ "pass" - "smtp" ] ); }; diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 38ef7d4..899171c 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -1,4 +1,4 @@ -{ flake, ... }: +{ config, flake, ... }: let inherit (flake.config.machines.devices) ceres; inherit (flake.config.services.instances) opencloud web; @@ -17,6 +17,7 @@ in environment = { OC_INSECURE = "false"; }; + environmentFile = config.sops.secrets."${service.name}-pass".path; }; caddy = { virtualHosts = { @@ -30,6 +31,29 @@ in }; }; }; + + sops = + let + sopsPath = secret: { + path = "${service.sops.path0}/${service.name}-${secret}"; + owner = service.name; + mode = "600"; + }; + in + { + secrets = builtins.listToAttrs ( + map + (secret: { + name = "${service.name}-${secret}"; + value = sopsPath secret; + }) + [ + "smtp" + "database" + ] + ); + }; + fileSystems."/var/lib/${service.name}" = { device = service.paths.path0; fsType = "none"; diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index a682cf8..592834e 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -47,6 +47,7 @@ kanboard-smtp: ENC[AES256_GCM,data:eOIEGwJZlvbJaTfDRU3IFQ==,iv:Jex01WlHG3uxqUnTS podgrab-pass: ENC[AES256_GCM,data:DVmJDb4VqcZDKNcedSaRA5dqKOzx1tSzDiK3i23+a6v3nK+4Kh7n8EA=,iv:SiiUjJLHkCOO1VKCmubftKx06laFqNv79tIPnkVYrJU=,tag:kdkT+03DemlNAsuzps8fnw==,type:str] firefly-iii-key: ENC[AES256_GCM,data:tLJfwB8De1vdGeccr4SxifU7KYAfnasoXISvz5mSR28=,iv:vknG+h2D04lECHE/PPA53aZqWk4ouYcH+WfP7WooPYU=,tag:HKma2cydw58pAnvOFH53fA==,type:str] firefly-iii-pass: ENC[AES256_GCM,data:eJwIM4YHnXTqTOUfU/0CKMSS534VEZIxkBviI1pd7R4=,iv:pUv8ok5nLDGeCcP2hsTculk+MPPAjkupidQO0Jkc3Wc=,tag:zq7+lFjdOr5ORpthqXW8EA==,type:str] +opencloud-pass: ENC[AES256_GCM,data:NWdv0aPdimCl3UUz1SBkWo1FjFJv9LkZEwWhsvvU40NdAvRwpLdY7cTUcP2Rigs=,iv:iDk/67ifxDkoiYP4MncsVNCXJck27mPzBtRBqnzc7Co=,tag:Ma3nBAL0X08241AtZE41DA==,type:str] sops: age: - recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0 @@ -58,7 +59,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-04T00:40:18Z" - mac: ENC[AES256_GCM,data:N2BwAzga2/Ig96p49rqNhhZ2udYWt7mQ9JD8DFXuxa3HOh3gtx7FWeWpGjvLnLWCgGcT4R61RKmgZQZRADNxYPE3vtdpPOFz0XvgcYSDlwslzBdSsVc08sh77P0LDgZsCzE1MxYynQ6nzFcc6gW5sorInLarsHoCCBC+Z5YpOVg=,iv:H6d3VrERM02/1zI5boFemEpMYD3greYZRqlSpBqROzM=,tag:TEakUvOlKoZYo/XPS6HVnA==,type:str] + lastmodified: "2025-07-07T18:59:54Z" + mac: ENC[AES256_GCM,data:Lk5YZ6dt0A1sVfz3dw6ATdm0sGQAV/6I2lN0wYtw3ZiILqzPe9Sr2yLxAmvoSWP9MzERGd7WXKZXa0+bKCsJlYYSElx+CBfabKMxj3CFxpy+SZnwdKUU3PMWIsD6TW0G0+gFGS/r8iBMmgY6uL5lN6cK2vAAR7zU2UB33S6RLCA=,iv:dXIvA6rp/F/Y1v6FdI4DFKb2bsP0kWWQ1j1wDnAhNSo=,tag:uthcpHfn/7SIzPAiQq1LWA==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 From e763a580ca481a2848655de26756fc4dfe0fd289 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:09:12 -0500 Subject: [PATCH 07/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 899171c..dbfb3a7 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -48,8 +48,7 @@ in value = sopsPath secret; }) [ - "smtp" - "database" + "pass" ] ); }; From 1535f418b5f91560649431a8919b37353b1c20c8 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:15:30 -0500 Subject: [PATCH 08/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index dbfb3a7..af4ce03 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,7 +10,8 @@ in services = { opencloud = { enable = true; - url = "https://${host}:${builtins.toString service.ports.port0}"; + url = host; + # url = "https://${host}:${builtins.toString service.ports.port0}"; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; From 9a37c3b357b8f1dd853f9b0705cfa04c08078901 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:18:07 -0500 Subject: [PATCH 09/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index af4ce03..a455b3a 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,8 +10,7 @@ in services = { opencloud = { enable = true; - url = host; - # url = "https://${host}:${builtins.toString service.ports.port0}"; + url = "https://${host}:${builtins.toString service.ports.port0}"; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; @@ -67,7 +66,7 @@ in systemd.tmpfiles.rules = [ "Z ${service.paths.path0} 755 ${service.name} ${service.name} -" - # "Z ${service.sops.path0} 755 ${service.name} ${service.name} -" + "Z ${service.sops.path0} 755 ${service.name} ${service.name} -" ]; networking = { From 3ab2ef86b9b3bc2af8f55a13d5a6b41291fd8924 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:22:36 -0500 Subject: [PATCH 10/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index a455b3a..b2f3d06 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,7 +10,7 @@ in services = { opencloud = { enable = true; - url = "https://${host}:${builtins.toString service.ports.port0}"; + url = "http://${host}:${builtins.toString service.ports.port0}"; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; From 9c65eb3d719da84b7dc412844d6641dbb20045f4 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:28:42 -0500 Subject: [PATCH 11/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index b2f3d06..64be85f 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -15,7 +15,7 @@ in address = localhost; stateDir = "/var/lib/${service.name}"; environment = { - OC_INSECURE = "false"; + OC_INSECURE = "true"; }; environmentFile = config.sops.secrets."${service.name}-pass".path; }; From 6905ba746b595ef11219d95c5a745ac56f118c22 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:29:41 -0500 Subject: [PATCH 12/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 64be85f..6654e8c 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,7 +10,7 @@ in services = { opencloud = { enable = true; - url = "http://${host}:${builtins.toString service.ports.port0}"; + url = "https://${host}:${builtins.toString service.ports.port0}"; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; From c40d8064d54f471d27a949dde9ab50e5cc735c93 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:31:50 -0500 Subject: [PATCH 13/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 6654e8c..45a0f6b 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,7 +10,7 @@ in services = { opencloud = { enable = true; - url = "https://${host}:${builtins.toString service.ports.port0}"; + url = "https://${config.services.opencloud.address}:${builtins.toString config.services.opencloud.port}"; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; From c6911defae4b5329bacb9e80966e135349332c2b Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:33:52 -0500 Subject: [PATCH 14/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 45a0f6b..9863722 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,7 +10,7 @@ in services = { opencloud = { enable = true; - url = "https://${config.services.opencloud.address}:${builtins.toString config.services.opencloud.port}"; + url = "https://${localhost}:${builtins.toString service.ports.port0}"; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; @@ -23,7 +23,7 @@ in virtualHosts = { "${host}" = { extraConfig = '' - reverse_proxy ${localhost}:${toString service.ports.port0} + reverse_proxy https://${localhost}:${toString service.ports.port0} tls ${service.ssl.cert} ${service.ssl.key} ''; From 625e1ffd2f5bddfc0a18d9cee51ac70afae05482 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:35:03 -0500 Subject: [PATCH 15/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 9863722..22844c6 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,7 +10,7 @@ in services = { opencloud = { enable = true; - url = "https://${localhost}:${builtins.toString service.ports.port0}"; + url = "${localhost}:${builtins.toString service.ports.port0}"; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; @@ -23,7 +23,7 @@ in virtualHosts = { "${host}" = { extraConfig = '' - reverse_proxy https://${localhost}:${toString service.ports.port0} + reverse_proxy ${localhost}:${toString service.ports.port0} tls ${service.ssl.cert} ${service.ssl.key} ''; From da32d963460b14e9890eab11437047a9ff8172c3 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:36:01 -0500 Subject: [PATCH 16/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 22844c6..6cdd7a6 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -15,7 +15,7 @@ in address = localhost; stateDir = "/var/lib/${service.name}"; environment = { - OC_INSECURE = "true"; + OC_INSECURE = "false"; }; environmentFile = config.sops.secrets."${service.name}-pass".path; }; From 6e3ce364a5a0bc8d592aea84ac8da34d5633468a Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:39:12 -0500 Subject: [PATCH 17/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 6cdd7a6..6654e8c 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,12 +10,12 @@ in services = { opencloud = { enable = true; - url = "${localhost}:${builtins.toString service.ports.port0}"; + url = "https://${host}:${builtins.toString service.ports.port0}"; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; environment = { - OC_INSECURE = "false"; + OC_INSECURE = "true"; }; environmentFile = config.sops.secrets."${service.name}-pass".path; }; From fa54767e7fa9909930551173e8ac1c918a699b8d Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:40:12 -0500 Subject: [PATCH 18/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 6654e8c..a455b3a 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -15,7 +15,7 @@ in address = localhost; stateDir = "/var/lib/${service.name}"; environment = { - OC_INSECURE = "true"; + OC_INSECURE = "false"; }; environmentFile = config.sops.secrets."${service.name}-pass".path; }; From 537619237ed0278d270e6811faac61699742375e Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:48:08 -0500 Subject: [PATCH 19/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index a455b3a..cb6a2d4 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,7 +10,7 @@ in services = { opencloud = { enable = true; - url = "https://${host}:${builtins.toString service.ports.port0}"; + url = "${host}:${builtins.toString service.ports.port0}"; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; From d33328926e333e1e0b7c20ec070944e15354d477 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:49:37 -0500 Subject: [PATCH 20/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index cb6a2d4..cea9e89 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -15,7 +15,7 @@ in address = localhost; stateDir = "/var/lib/${service.name}"; environment = { - OC_INSECURE = "false"; + OC_INSECURE = "true"; }; environmentFile = config.sops.secrets."${service.name}-pass".path; }; From 89e4a72dae634996514b0e7eb4b8134382b305a3 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:51:19 -0500 Subject: [PATCH 21/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index cea9e89..7f242f2 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,7 +10,7 @@ in services = { opencloud = { enable = true; - url = "${host}:${builtins.toString service.ports.port0}"; + url = host; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; From 7b7e2f85ff4fa1b6167c0c76582e8fd3ebdfd063 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:52:37 -0500 Subject: [PATCH 22/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 7f242f2..b4e989a 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -53,19 +53,8 @@ in ); }; - fileSystems."/var/lib/${service.name}" = { - device = service.paths.path0; - fsType = "none"; - options = [ - "bind" - ]; - depends = [ - ceres.storage0.mount - ]; - }; - systemd.tmpfiles.rules = [ - "Z ${service.paths.path0} 755 ${service.name} ${service.name} -" + # "Z ${service.paths.path0} 755 ${service.name} ${service.name} -" "Z ${service.sops.path0} 755 ${service.name} ${service.name} -" ]; From 954a7d83bc3008ae483bc840df7f4bc31cc2f4e2 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:53:49 -0500 Subject: [PATCH 23/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index b4e989a..58aab80 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -3,7 +3,7 @@ let inherit (flake.config.machines.devices) ceres; inherit (flake.config.services.instances) opencloud web; service = opencloud; - localhost = web.localhost.address1; + localhost = web.localhost.address0; host = service.domains.url0; in { @@ -53,8 +53,19 @@ in ); }; + fileSystems."/var/lib/${service.name}" = { + device = service.paths.path0; + fsType = "none"; + options = [ + "bind" + ]; + depends = [ + ceres.storage0.mount + ]; + }; + systemd.tmpfiles.rules = [ - # "Z ${service.paths.path0} 755 ${service.name} ${service.name} -" + "Z ${service.paths.path0} 755 ${service.name} ${service.name} -" "Z ${service.sops.path0} 755 ${service.name} ${service.name} -" ]; From 10961d5dbaa4428c1782283aff7ca78271ae2a2e Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:57:39 -0500 Subject: [PATCH 24/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 58aab80..a55e8c3 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -3,14 +3,14 @@ let inherit (flake.config.machines.devices) ceres; inherit (flake.config.services.instances) opencloud web; service = opencloud; - localhost = web.localhost.address0; + localhost = web.localhost.address1; host = service.domains.url0; in { services = { opencloud = { enable = true; - url = host; + url = "https://${localhost}:${builtins.toString service.ports.port0}"; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; From d557f2c07c7f368493d95a478489e0300e86ea17 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 14:59:43 -0500 Subject: [PATCH 25/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index a55e8c3..7f242f2 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,7 +10,7 @@ in services = { opencloud = { enable = true; - url = "https://${localhost}:${builtins.toString service.ports.port0}"; + url = host; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; From 34828ec16bb52187140bd3ff8c55608f1f2dec29 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 15:28:44 -0500 Subject: [PATCH 26/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 19 ++++++++++++++----- secrets/secrets.yaml | 6 +++--- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 7f242f2..108aa14 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -1,10 +1,22 @@ -{ config, flake, ... }: +{ + config, + flake, + pkgs, + ... +}: let inherit (flake.config.machines.devices) ceres; inherit (flake.config.services.instances) opencloud web; service = opencloud; localhost = web.localhost.address1; host = service.domains.url0; + + secretValue = builtins.readFile config.sops.secrets."${service.name}-pass".path; + + envFile = pkgs.writeText "${service.sops.path0}/opencloud.env" '' + ADMIN_PASSWORD=${secretValue} + OC_INSECURE=true + ''; in { services = { @@ -14,10 +26,7 @@ in port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; - environment = { - OC_INSECURE = "true"; - }; - environmentFile = config.sops.secrets."${service.name}-pass".path; + environmentFile = envFile; }; caddy = { virtualHosts = { diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 592834e..ef3b678 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -47,7 +47,7 @@ kanboard-smtp: ENC[AES256_GCM,data:eOIEGwJZlvbJaTfDRU3IFQ==,iv:Jex01WlHG3uxqUnTS podgrab-pass: ENC[AES256_GCM,data:DVmJDb4VqcZDKNcedSaRA5dqKOzx1tSzDiK3i23+a6v3nK+4Kh7n8EA=,iv:SiiUjJLHkCOO1VKCmubftKx06laFqNv79tIPnkVYrJU=,tag:kdkT+03DemlNAsuzps8fnw==,type:str] firefly-iii-key: ENC[AES256_GCM,data:tLJfwB8De1vdGeccr4SxifU7KYAfnasoXISvz5mSR28=,iv:vknG+h2D04lECHE/PPA53aZqWk4ouYcH+WfP7WooPYU=,tag:HKma2cydw58pAnvOFH53fA==,type:str] firefly-iii-pass: ENC[AES256_GCM,data:eJwIM4YHnXTqTOUfU/0CKMSS534VEZIxkBviI1pd7R4=,iv:pUv8ok5nLDGeCcP2hsTculk+MPPAjkupidQO0Jkc3Wc=,tag:zq7+lFjdOr5ORpthqXW8EA==,type:str] -opencloud-pass: ENC[AES256_GCM,data:NWdv0aPdimCl3UUz1SBkWo1FjFJv9LkZEwWhsvvU40NdAvRwpLdY7cTUcP2Rigs=,iv:iDk/67ifxDkoiYP4MncsVNCXJck27mPzBtRBqnzc7Co=,tag:Ma3nBAL0X08241AtZE41DA==,type:str] +opencloud-pass: ENC[AES256_GCM,data:3uqiScqTMZVRwivjT5hQayhiJQEJtyBT/zjt2bhJnZg=,iv:PuRHr+zONwsO9K0RcaQYGTY3zR4RDLWU5jpFbf9Icrw=,tag:9ccUJszOTUzgEYfWYJDcmg==,type:str] sops: age: - recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0 @@ -59,7 +59,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-07T18:59:54Z" - mac: ENC[AES256_GCM,data:Lk5YZ6dt0A1sVfz3dw6ATdm0sGQAV/6I2lN0wYtw3ZiILqzPe9Sr2yLxAmvoSWP9MzERGd7WXKZXa0+bKCsJlYYSElx+CBfabKMxj3CFxpy+SZnwdKUU3PMWIsD6TW0G0+gFGS/r8iBMmgY6uL5lN6cK2vAAR7zU2UB33S6RLCA=,iv:dXIvA6rp/F/Y1v6FdI4DFKb2bsP0kWWQ1j1wDnAhNSo=,tag:uthcpHfn/7SIzPAiQq1LWA==,type:str] + lastmodified: "2025-07-07T20:26:28Z" + mac: ENC[AES256_GCM,data:nQOoDH2GB37F/xahme6cD8+tFm5hBnz2m7kpTz/CA+RcoDawPAYaoCy6Jn6per+3c/PuFEKMxnQSu5R+gNcRybdDUK23bKfM5qGZ3I03CqTqanqVZlwK8eMYFE4c1/lMhO8UGycYnUuYumWnm8nrepay+4TlM6O5Eh1kYwzFSmo=,iv:40BXvzijdMGwZP43oC4b08HncdeH3Q5knZUk7YrnPnA=,tag:KW8yEdmXtLGTe/a9DgYG9g==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 From 9a32cc9f7297b5292e310f3627ce987af1b356d5 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 15:29:42 -0500 Subject: [PATCH 27/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 108aa14..e372188 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -45,7 +45,7 @@ in let sopsPath = secret: { path = "${service.sops.path0}/${service.name}-${secret}"; - owner = service.name; + owner = "root"; mode = "600"; }; in From 1e99a5aff9ecc421f1ebdce3a3dd53e94d7a1655 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 15:38:48 -0500 Subject: [PATCH 28/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 18 +++--------------- 1 file changed, 3 insertions(+), 15 deletions(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index e372188..8ec1976 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -1,22 +1,10 @@ -{ - config, - flake, - pkgs, - ... -}: +{ config, flake, ... }: let inherit (flake.config.machines.devices) ceres; inherit (flake.config.services.instances) opencloud web; service = opencloud; localhost = web.localhost.address1; host = service.domains.url0; - - secretValue = builtins.readFile config.sops.secrets."${service.name}-pass".path; - - envFile = pkgs.writeText "${service.sops.path0}/opencloud.env" '' - ADMIN_PASSWORD=${secretValue} - OC_INSECURE=true - ''; in { services = { @@ -26,7 +14,7 @@ in port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; - environmentFile = envFile; + environmentFile = config.sops.secrets."${service.name}-pass".path; }; caddy = { virtualHosts = { @@ -45,7 +33,7 @@ in let sopsPath = secret: { path = "${service.sops.path0}/${service.name}-${secret}"; - owner = "root"; + owner = service.name; mode = "600"; }; in From 11b3634d5622654e8210eabade97521355169513 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 15:40:51 -0500 Subject: [PATCH 29/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 8ec1976..11f3bd1 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -3,7 +3,7 @@ let inherit (flake.config.machines.devices) ceres; inherit (flake.config.services.instances) opencloud web; service = opencloud; - localhost = web.localhost.address1; + localhost = web.localhost.address0; host = service.domains.url0; in { From 17b17a866eb0389b01ee6d12802fc141b46d1fea Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 15:50:45 -0500 Subject: [PATCH 30/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 11f3bd1..c42939e 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -10,7 +10,7 @@ in services = { opencloud = { enable = true; - url = host; + url = "https://${host}"; port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; From 6804acfc28ef5aa17b1f93d1982d43d662bb20d5 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 15:59:14 -0500 Subject: [PATCH 31/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index c42939e..82a4fd9 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -20,8 +20,11 @@ in virtualHosts = { "${host}" = { extraConfig = '' - reverse_proxy ${localhost}:${toString service.ports.port0} - + reverse_proxy https://${localhost}:${toString service.ports.port0} { + transport http { + tls_insecure_skip_verify + } + } tls ${service.ssl.cert} ${service.ssl.key} ''; }; From 42fa5f15a18c11535b09a8ccb16963151718a3e5 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 16:10:44 -0500 Subject: [PATCH 32/38] feat: opencloud test --- secrets/secrets.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index ef3b678..4b8e758 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -47,7 +47,7 @@ kanboard-smtp: ENC[AES256_GCM,data:eOIEGwJZlvbJaTfDRU3IFQ==,iv:Jex01WlHG3uxqUnTS podgrab-pass: ENC[AES256_GCM,data:DVmJDb4VqcZDKNcedSaRA5dqKOzx1tSzDiK3i23+a6v3nK+4Kh7n8EA=,iv:SiiUjJLHkCOO1VKCmubftKx06laFqNv79tIPnkVYrJU=,tag:kdkT+03DemlNAsuzps8fnw==,type:str] firefly-iii-key: ENC[AES256_GCM,data:tLJfwB8De1vdGeccr4SxifU7KYAfnasoXISvz5mSR28=,iv:vknG+h2D04lECHE/PPA53aZqWk4ouYcH+WfP7WooPYU=,tag:HKma2cydw58pAnvOFH53fA==,type:str] firefly-iii-pass: ENC[AES256_GCM,data:eJwIM4YHnXTqTOUfU/0CKMSS534VEZIxkBviI1pd7R4=,iv:pUv8ok5nLDGeCcP2hsTculk+MPPAjkupidQO0Jkc3Wc=,tag:zq7+lFjdOr5ORpthqXW8EA==,type:str] -opencloud-pass: ENC[AES256_GCM,data:3uqiScqTMZVRwivjT5hQayhiJQEJtyBT/zjt2bhJnZg=,iv:PuRHr+zONwsO9K0RcaQYGTY3zR4RDLWU5jpFbf9Icrw=,tag:9ccUJszOTUzgEYfWYJDcmg==,type:str] +opencloud-pass: ENC[AES256_GCM,data:5jvia3t/s1B38rbPn9z+AxIGuoKXYQxf6uXCsrKBQgIRgXtp5R+yFa7u3IpFpIQ=,iv:rPHUqr988mtCBYgzhLzhnv79UbDrkAHnj57gaAxGXP8=,tag:hDXdUkRITU7lmC0hV1071A==,type:str] sops: age: - recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0 @@ -59,7 +59,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-07T20:26:28Z" - mac: ENC[AES256_GCM,data:nQOoDH2GB37F/xahme6cD8+tFm5hBnz2m7kpTz/CA+RcoDawPAYaoCy6Jn6per+3c/PuFEKMxnQSu5R+gNcRybdDUK23bKfM5qGZ3I03CqTqanqVZlwK8eMYFE4c1/lMhO8UGycYnUuYumWnm8nrepay+4TlM6O5Eh1kYwzFSmo=,iv:40BXvzijdMGwZP43oC4b08HncdeH3Q5knZUk7YrnPnA=,tag:KW8yEdmXtLGTe/a9DgYG9g==,type:str] + lastmodified: "2025-07-07T21:10:16Z" + mac: ENC[AES256_GCM,data:3hp1i12elk70IzRGpgAB0SO6a5OVNLLUL2u863D0KVySPu+spYfC0f659FCfwsDAfu3MFQHiNFjXyyMuV9w2HYejcw5D1cakbkWaUnEOcqofz5Jn7pby29ilOzYmtqIt35aynSdXzM335CWomlvtETnXMpFoAqUHrdQ26dt2lvw=,iv:a/CBmA3RnwKeKZOz+HRWOykiumQfphvrHAMkCT7OKBM=,tag:s1FCJrjdYqZtb9yZxspPMA==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 From f67c2794d60748af5527b3d17595d20e39db91e9 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 16:33:07 -0500 Subject: [PATCH 33/38] feat: opencloud test --- modules/config/instances/config/opencloud.nix | 0 .../home/gui/desktop/hypr/land/config/bind.nix | 18 ++++++++---------- modules/nixos/default.nix | 2 +- modules/nixos/services/opencloud/default.nix | 0 4 files changed, 9 insertions(+), 11 deletions(-) mode change 100644 => 100755 modules/config/instances/config/opencloud.nix mode change 100644 => 100755 modules/nixos/services/opencloud/default.nix diff --git a/modules/config/instances/config/opencloud.nix b/modules/config/instances/config/opencloud.nix old mode 100644 new mode 100755 diff --git a/modules/home/gui/desktop/hypr/land/config/bind.nix b/modules/home/gui/desktop/hypr/land/config/bind.nix index 1df8cbc..d0f8d9d 100755 --- a/modules/home/gui/desktop/hypr/land/config/bind.nix +++ b/modules/home/gui/desktop/hypr/land/config/bind.nix @@ -84,7 +84,14 @@ let "3, movetoworkspacesilent, 3" "4, movetoworkspacesilent, 4" "5, movetoworkspacesilent, 5" - + "C, movewindow, l" + "A, movewindow, u" + "E, movewindow, d" + "I, movewindow, r" + "Left, movewindow, l" + "Up, movewindow, u" + "Down, movewindow, d" + "Right, movewindow, r" ]; shiftBinds = builtins.map (x: "SHIFT, " + x) [ @@ -104,15 +111,6 @@ let "3, movetoworkspacesilent, 3" "4, movetoworkspacesilent, 4" "5, movetoworkspacesilent, 5" - # Window Move - "Left, movewindow, l" - "Up, movewindow, u" - "Down, movewindow, d" - "Right, movewindow, r" - "C, movewindow, l" - "A, movewindow, u" - "E, movewindow, d" - "I, movewindow, r" ]; functionBinds = builtins.map (x: " , " + x) [ diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 8228d2f..0b3045e 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -58,7 +58,7 @@ in mastodon minecraft ollama - opencloud + # opencloud postgresql samba searx diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix old mode 100644 new mode 100755 From 60b1d395d4e3e58a0c5d994ff5f0ce3101efbdde Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 16:40:04 -0500 Subject: [PATCH 34/38] feat: opencloud test --- modules/nixos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 0b3045e..8228d2f 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -58,7 +58,7 @@ in mastodon minecraft ollama - # opencloud + opencloud postgresql samba searx From 9fc9a411d87690884e5d85baec5f47bf54c70ad5 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 17:00:24 -0500 Subject: [PATCH 35/38] feat: opencloud test --- modules/nixos/services/opencloud/default.nix | 6 +++--- secrets/secrets.yaml | 7 ++++--- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index 82a4fd9..9c415ee 100755 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -14,7 +14,7 @@ in port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; - environmentFile = config.sops.secrets."${service.name}-pass".path; + environmentFile = config.sops.secrets."${service.name}/env".path; }; caddy = { virtualHosts = { @@ -44,11 +44,11 @@ in secrets = builtins.listToAttrs ( map (secret: { - name = "${service.name}-${secret}"; + name = "${service.name}/${secret}"; value = sopsPath secret; }) [ - "pass" + "env" ] ); }; diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 4b8e758..88e1e7e 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -47,7 +47,8 @@ kanboard-smtp: ENC[AES256_GCM,data:eOIEGwJZlvbJaTfDRU3IFQ==,iv:Jex01WlHG3uxqUnTS podgrab-pass: ENC[AES256_GCM,data:DVmJDb4VqcZDKNcedSaRA5dqKOzx1tSzDiK3i23+a6v3nK+4Kh7n8EA=,iv:SiiUjJLHkCOO1VKCmubftKx06laFqNv79tIPnkVYrJU=,tag:kdkT+03DemlNAsuzps8fnw==,type:str] firefly-iii-key: ENC[AES256_GCM,data:tLJfwB8De1vdGeccr4SxifU7KYAfnasoXISvz5mSR28=,iv:vknG+h2D04lECHE/PPA53aZqWk4ouYcH+WfP7WooPYU=,tag:HKma2cydw58pAnvOFH53fA==,type:str] firefly-iii-pass: ENC[AES256_GCM,data:eJwIM4YHnXTqTOUfU/0CKMSS534VEZIxkBviI1pd7R4=,iv:pUv8ok5nLDGeCcP2hsTculk+MPPAjkupidQO0Jkc3Wc=,tag:zq7+lFjdOr5ORpthqXW8EA==,type:str] -opencloud-pass: ENC[AES256_GCM,data:5jvia3t/s1B38rbPn9z+AxIGuoKXYQxf6uXCsrKBQgIRgXtp5R+yFa7u3IpFpIQ=,iv:rPHUqr988mtCBYgzhLzhnv79UbDrkAHnj57gaAxGXP8=,tag:hDXdUkRITU7lmC0hV1071A==,type:str] +opencloud: + env: ENC[AES256_GCM,data:Mqs1QfUW9+ApD7YfAWKE5r6gsCK4i5CUAqGRRg7C3ZrFXWXEVDNumPV18hpSMLfftIxNHw35nz9PuXiNrdPASt7rO1PXgNSCfKDHe3vSV4TT20OfhsL4HKN6CI8hzsdbqvGLo572SoDNK6Obmg==,iv:TbSrRUlaojl4RrfouwN07MEIz32dl9S0k9B0v2Cqb84=,tag:/QeqnQaruwQcy9ppELCZEg==,type:str] sops: age: - recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0 @@ -59,7 +60,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-07T21:10:16Z" - mac: ENC[AES256_GCM,data:3hp1i12elk70IzRGpgAB0SO6a5OVNLLUL2u863D0KVySPu+spYfC0f659FCfwsDAfu3MFQHiNFjXyyMuV9w2HYejcw5D1cakbkWaUnEOcqofz5Jn7pby29ilOzYmtqIt35aynSdXzM335CWomlvtETnXMpFoAqUHrdQ26dt2lvw=,iv:a/CBmA3RnwKeKZOz+HRWOykiumQfphvrHAMkCT7OKBM=,tag:s1FCJrjdYqZtb9yZxspPMA==,type:str] + lastmodified: "2025-07-07T21:59:57Z" + mac: ENC[AES256_GCM,data:KSpETXFgHhWNUwHZH/0Tk4TSLfFqBPe0Pu3IdJYFszwA1nFKsR3uI6t3Jd7pNEobd2vDfCSgId3rtQbqn4nl3Sh5AcNAl3lmlH2lu3WhgdKlS9uPWcCijwIt4bZ/C+oVnQg99Dj+tdSWgVlp8eZ58eOmiDTHXQNy1ME5GItfv8o=,iv:Sud4CG4o2r8MsCPK3htsXK3rF/X0Y4TVbQs7b0QNsHQ=,tag:z5p6UujhgZ0vaD/Th7yJ1A==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 From da476c8d833b7e8d3db56d2339321622429ba407 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 17:09:28 -0500 Subject: [PATCH 36/38] feat: opencloud test --- secrets/secrets.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 88e1e7e..7cdd045 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -48,7 +48,7 @@ podgrab-pass: ENC[AES256_GCM,data:DVmJDb4VqcZDKNcedSaRA5dqKOzx1tSzDiK3i23+a6v3nK firefly-iii-key: ENC[AES256_GCM,data:tLJfwB8De1vdGeccr4SxifU7KYAfnasoXISvz5mSR28=,iv:vknG+h2D04lECHE/PPA53aZqWk4ouYcH+WfP7WooPYU=,tag:HKma2cydw58pAnvOFH53fA==,type:str] firefly-iii-pass: ENC[AES256_GCM,data:eJwIM4YHnXTqTOUfU/0CKMSS534VEZIxkBviI1pd7R4=,iv:pUv8ok5nLDGeCcP2hsTculk+MPPAjkupidQO0Jkc3Wc=,tag:zq7+lFjdOr5ORpthqXW8EA==,type:str] opencloud: - env: ENC[AES256_GCM,data:Mqs1QfUW9+ApD7YfAWKE5r6gsCK4i5CUAqGRRg7C3ZrFXWXEVDNumPV18hpSMLfftIxNHw35nz9PuXiNrdPASt7rO1PXgNSCfKDHe3vSV4TT20OfhsL4HKN6CI8hzsdbqvGLo572SoDNK6Obmg==,iv:TbSrRUlaojl4RrfouwN07MEIz32dl9S0k9B0v2Cqb84=,tag:/QeqnQaruwQcy9ppELCZEg==,type:str] + env: ENC[AES256_GCM,data:m4B3SUiQb/1blpfk021Cety1osGWS+vxuQDXk2M5mqNRmLMqyGMgXk1AKHyAQwocTdKkBX+YAF6AazDjva2IlFrREHzq18184WZrFje2QbRrQSfbanE93Sdb0d1B/bopSA==,iv:ejfOG+voYUy5pd5qVlmxBZdIeYzI+G7GZ6UVuq9b/u0=,tag:gIBULBCAfzVwsTLq70wBNQ==,type:str] sops: age: - recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0 @@ -60,7 +60,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-07T21:59:57Z" - mac: ENC[AES256_GCM,data:KSpETXFgHhWNUwHZH/0Tk4TSLfFqBPe0Pu3IdJYFszwA1nFKsR3uI6t3Jd7pNEobd2vDfCSgId3rtQbqn4nl3Sh5AcNAl3lmlH2lu3WhgdKlS9uPWcCijwIt4bZ/C+oVnQg99Dj+tdSWgVlp8eZ58eOmiDTHXQNy1ME5GItfv8o=,iv:Sud4CG4o2r8MsCPK3htsXK3rF/X0Y4TVbQs7b0QNsHQ=,tag:z5p6UujhgZ0vaD/Th7yJ1A==,type:str] + lastmodified: "2025-07-07T22:09:23Z" + mac: ENC[AES256_GCM,data:3iYCGYuYsazlDvUHGLBBNPKVnJ7bLiMnPraPup3cl61UlfieJQVug8AF04/lwIj8GfLQsIQhVnzQOyRt6kB0iCwwTD6XoUWlX4iSG+Tu4GfT0P4U+dqyzfaoeIB1v1+ITlU400pOrQ1c5gbnUDG1PMZPDNJ98AfLX89uReisKss=,iv:EiBCzcN2EfT2Ed6tmHilq/fWRlLCv7FN+IABgXAy+lo=,tag:4LaJgF1Awoudn410tB++rw==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 From 85117d2dca6e755454f3a83e48e3119eacbb811d Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 17:29:12 -0500 Subject: [PATCH 37/38] feat: opencloud test --- secrets/secrets.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 7cdd045..6e0daa0 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -48,7 +48,7 @@ podgrab-pass: ENC[AES256_GCM,data:DVmJDb4VqcZDKNcedSaRA5dqKOzx1tSzDiK3i23+a6v3nK firefly-iii-key: ENC[AES256_GCM,data:tLJfwB8De1vdGeccr4SxifU7KYAfnasoXISvz5mSR28=,iv:vknG+h2D04lECHE/PPA53aZqWk4ouYcH+WfP7WooPYU=,tag:HKma2cydw58pAnvOFH53fA==,type:str] firefly-iii-pass: ENC[AES256_GCM,data:eJwIM4YHnXTqTOUfU/0CKMSS534VEZIxkBviI1pd7R4=,iv:pUv8ok5nLDGeCcP2hsTculk+MPPAjkupidQO0Jkc3Wc=,tag:zq7+lFjdOr5ORpthqXW8EA==,type:str] opencloud: - env: ENC[AES256_GCM,data:m4B3SUiQb/1blpfk021Cety1osGWS+vxuQDXk2M5mqNRmLMqyGMgXk1AKHyAQwocTdKkBX+YAF6AazDjva2IlFrREHzq18184WZrFje2QbRrQSfbanE93Sdb0d1B/bopSA==,iv:ejfOG+voYUy5pd5qVlmxBZdIeYzI+G7GZ6UVuq9b/u0=,tag:gIBULBCAfzVwsTLq70wBNQ==,type:str] + env: ENC[AES256_GCM,data:JZOs+86/jhHtXuOb4fsk4ceZuFpSa6PAMN2/vmGlvlXvsx/Yk2ZXeZZU0jtwweN8Sk61A2538OdPpfKynBgwsZ2SgoxAIyJtQl3HZWdZzNZ6+/t+AFvvav/x9nUv1O5704FP5OYOMniQAmqu0ds0JIX3YV/cstoo+rNhNW2emlVhj2ABYhTxy0BFJ8A+Re9y5FN5WT4tmloF/21ZrIwtTw8ULQPCksJfTFwEE+cCN3aIWZn00/4zUuv6CEtZeKeOeLxgQL+G2pPhNrQzG+lw+AKLzXA2mJM+3Zfq0MplyXeFCLkV1GCHksrMPp2w5j2RdtfcdE9IP+tXoD/fZNfYgCK1Pk/JhkXcV9EPbz4KUL/+OpgFqh+RvKGPXH2iTV0B8t2Ag7NowxULI2jKw0c=,iv:1ClzjY1n48cQ9bdBewM5A5Lr/c13HbSSYJ7xYCwZDzA=,tag:FavwE2sX+wSgKOEpywFeMw==,type:str] sops: age: - recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0 @@ -60,7 +60,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-07T22:09:23Z" - mac: ENC[AES256_GCM,data:3iYCGYuYsazlDvUHGLBBNPKVnJ7bLiMnPraPup3cl61UlfieJQVug8AF04/lwIj8GfLQsIQhVnzQOyRt6kB0iCwwTD6XoUWlX4iSG+Tu4GfT0P4U+dqyzfaoeIB1v1+ITlU400pOrQ1c5gbnUDG1PMZPDNJ98AfLX89uReisKss=,iv:EiBCzcN2EfT2Ed6tmHilq/fWRlLCv7FN+IABgXAy+lo=,tag:4LaJgF1Awoudn410tB++rw==,type:str] + lastmodified: "2025-07-07T22:29:06Z" + mac: ENC[AES256_GCM,data:MmVn9KJcM92hiubQti6vbw5sg4NldFU7uxAgX4b6lL7+6LaaIznrqBcplIAcelVWCvZhcQ25L4oQP0da7JgJDzMsiPYawy33MsSWatdST3PPr7ozvQqSgucbUcPja7Fyl6Yr0ijqkH2d8EdOg5km15LaEGir2jkDi+lBRmL2Msc=,iv:VYsheWRXrih4SYgtS5qVa9ZM8kw0k7ZOlKpEkCmBsHQ=,tag:eByH+iVgznc7A0F3HSX9/g==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 From 77a31e96885c84e3d4ae6d6e8d6b02b976bc3239 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 7 Jul 2025 18:57:55 -0500 Subject: [PATCH 38/38] refactor: abstracting out bookmark info --- modules/config/default.nix | 2 + .../instances/config/audiobookshelf.nix | 3 + modules/config/instances/config/forgejo.nix | 5 ++ modules/config/instances/config/glance.nix | 6 ++ modules/config/instances/config/jellyfin.nix | 8 ++ modules/config/instances/config/mastodon.nix | 5 ++ modules/config/instances/config/matrix.nix | 3 + modules/config/instances/config/nextcloud.nix | 6 ++ modules/config/instances/config/ollama.nix | 5 ++ modules/config/instances/config/opencloud.nix | 5 ++ modules/config/instances/config/owncast.nix | 3 + modules/config/instances/config/peertube.nix | 3 + modules/config/instances/config/searx.nix | 5 ++ modules/config/instances/config/syncthing.nix | 7 ++ modules/config/instances/config/synology.nix | 8 +- .../instances/config/upRootNutrition.nix | 7 ++ .../config/instances/config/vaultwarden.nix | 7 ++ modules/config/instances/config/web.nix | 6 ++ .../bookmarks/config/flake/selfHosted.nix | 84 +++++-------------- 19 files changed, 114 insertions(+), 64 deletions(-) diff --git a/modules/config/default.nix b/modules/config/default.nix index 5c7cb29..746948e 100755 --- a/modules/config/default.nix +++ b/modules/config/default.nix @@ -57,6 +57,7 @@ let label = stringType; name = stringType; hostname = stringType; + tags = listType; domains = genOptions stringType "url"; dns = genOptions stringType "provider"; localhost = genOptions stringType "address"; @@ -241,6 +242,7 @@ in sopsPath = "/var/lib/secrets"; sslPath = "/var/lib/acme"; varLib = "/var/lib"; + synologyName = "synology"; dummy = ""; }; diff --git a/modules/config/instances/config/audiobookshelf.nix b/modules/config/instances/config/audiobookshelf.nix index 1d6eab9..b548863 100755 --- a/modules/config/instances/config/audiobookshelf.nix +++ b/modules/config/instances/config/audiobookshelf.nix @@ -21,6 +21,9 @@ in url0 = audiobookshelfDomain; }; subdomain = audiobookshelfSubdomain; + tags = [ + + ]; paths = { path0 = "${servicePath}/${audiobookshelfLabel}"; }; diff --git a/modules/config/instances/config/forgejo.nix b/modules/config/instances/config/forgejo.nix index dd82743..d769152 100755 --- a/modules/config/instances/config/forgejo.nix +++ b/modules/config/instances/config/forgejo.nix @@ -25,6 +25,11 @@ in url0 = domain; }; subdomain = subdomain; + tags = [ + name + "forge" + "git" + ]; paths = { path0 = "${servicePath}/${label}"; }; diff --git a/modules/config/instances/config/glance.nix b/modules/config/instances/config/glance.nix index 783049d..9d76723 100755 --- a/modules/config/instances/config/glance.nix +++ b/modules/config/instances/config/glance.nix @@ -25,6 +25,12 @@ in url0 = domain; }; subdomain = subdomain; + tags = [ + "glance" + "dashboard" + "weather" + "podcasts" + ]; paths = { path0 = "${servicePath}/${label}"; }; diff --git a/modules/config/instances/config/jellyfin.nix b/modules/config/instances/config/jellyfin.nix index 4b6eb3e..31c1b48 100755 --- a/modules/config/instances/config/jellyfin.nix +++ b/modules/config/instances/config/jellyfin.nix @@ -19,6 +19,14 @@ in domains = { url0 = domain; }; + tags = [ + "jelly" + "video" + "streaming" + "movies" + "shows" + "music" + ]; subdomain = name; paths = { path0 = "${servicePath}/${label}"; diff --git a/modules/config/instances/config/mastodon.nix b/modules/config/instances/config/mastodon.nix index 589ad64..cf7095a 100755 --- a/modules/config/instances/config/mastodon.nix +++ b/modules/config/instances/config/mastodon.nix @@ -22,6 +22,11 @@ in url0 = domain; }; subdomain = subdomain; + tags = [ + name + "mast" + "md" + ]; sops = { path0 = "${sopsPath}/${name}"; }; diff --git a/modules/config/instances/config/matrix.nix b/modules/config/instances/config/matrix.nix index 679708d..a3efe24 100755 --- a/modules/config/instances/config/matrix.nix +++ b/modules/config/instances/config/matrix.nix @@ -15,6 +15,9 @@ in path0 = "${sopsPath}/${name}"; }; subdomain = name; + tags = [ + + ]; paths = { path0 = "${servicePath}/${label}"; path1 = ""; diff --git a/modules/config/instances/config/nextcloud.nix b/modules/config/instances/config/nextcloud.nix index 6538cca..233a213 100755 --- a/modules/config/instances/config/nextcloud.nix +++ b/modules/config/instances/config/nextcloud.nix @@ -24,6 +24,12 @@ in url0 = domain; }; subdomain = name; + tags = [ + name + "next" + "cloud" + "calendar" + ]; paths = { path0 = "${servicePath}/${label}"; }; diff --git a/modules/config/instances/config/ollama.nix b/modules/config/instances/config/ollama.nix index b1bcd66..643f7ab 100755 --- a/modules/config/instances/config/ollama.nix +++ b/modules/config/instances/config/ollama.nix @@ -21,6 +21,11 @@ in url0 = domain; }; subdomain = name; + tags = [ + name + "chat" + "ai" + ]; paths = { path0 = "${servicePath}/${label}"; path1 = "/mnt/media/storage/${name}"; diff --git a/modules/config/instances/config/opencloud.nix b/modules/config/instances/config/opencloud.nix index 56f4e2b..179a3d0 100755 --- a/modules/config/instances/config/opencloud.nix +++ b/modules/config/instances/config/opencloud.nix @@ -25,6 +25,11 @@ in url0 = domain; }; subdomain = subdomain; + tags = [ + name + "opencloud" + "cloud" + ]; paths = { path0 = "${servicePath}/${label}"; }; diff --git a/modules/config/instances/config/owncast.nix b/modules/config/instances/config/owncast.nix index a18ce48..5d7f072 100755 --- a/modules/config/instances/config/owncast.nix +++ b/modules/config/instances/config/owncast.nix @@ -22,6 +22,9 @@ in url0 = domain; }; subdomain = subdomain; + tags = [ + + ]; paths = { path0 = "${servicePath}/${label}"; path1 = "/mnt/media/storage/${name}"; diff --git a/modules/config/instances/config/peertube.nix b/modules/config/instances/config/peertube.nix index 81a4ab0..93b0a73 100755 --- a/modules/config/instances/config/peertube.nix +++ b/modules/config/instances/config/peertube.nix @@ -25,6 +25,9 @@ in url0 = domain; }; subdomain = subdomain; + tags = [ + + ]; paths = { path0 = "${servicePath}/${label}"; }; diff --git a/modules/config/instances/config/searx.nix b/modules/config/instances/config/searx.nix index 82e793b..087f75b 100755 --- a/modules/config/instances/config/searx.nix +++ b/modules/config/instances/config/searx.nix @@ -25,6 +25,11 @@ in url0 = domain; }; subdomain = subdomain; + tags = [ + "search" + "sear" + "searx" + ]; paths = { path0 = "${servicePath}/${label}"; }; diff --git a/modules/config/instances/config/syncthing.nix b/modules/config/instances/config/syncthing.nix index 3795acb..22badb1 100755 --- a/modules/config/instances/config/syncthing.nix +++ b/modules/config/instances/config/syncthing.nix @@ -4,6 +4,7 @@ let domain0 sslPath sopsPath + synologyName ; label = "Syncthing"; @@ -20,6 +21,12 @@ in url0 = domain; }; subdomain = name; + tags = [ + name + synologyName + "sync" + "thing" + ]; ports = { port0 = 8388; # Syncthing (WebUI) port1 = 21027; # Syncthing (Discovery) diff --git a/modules/config/instances/config/synology.nix b/modules/config/instances/config/synology.nix index 3138ac0..0af590d 100755 --- a/modules/config/instances/config/synology.nix +++ b/modules/config/instances/config/synology.nix @@ -2,14 +2,20 @@ let inherit (moduleFunctions.instancesFunctions) sopsPath + synologyName ; label = "Synology"; - name = "synology"; + name = synologyName; in { label = label; name = name; + tags = [ + name + "dsm" + "cloud" + ]; sops = { path0 = "${sopsPath}/${name}"; }; diff --git a/modules/config/instances/config/upRootNutrition.nix b/modules/config/instances/config/upRootNutrition.nix index 3702b08..5748123 100755 --- a/modules/config/instances/config/upRootNutrition.nix +++ b/modules/config/instances/config/upRootNutrition.nix @@ -18,6 +18,13 @@ in sops = { path0 = "${sopsPath}/${name}"; }; + domains = { + url0 = domain3; + }; + tags = [ + name + "blog" + ]; paths = { path0 = "/var/lib/website/dist"; path1 = ""; diff --git a/modules/config/instances/config/vaultwarden.nix b/modules/config/instances/config/vaultwarden.nix index 5ea9dd2..a2bf140 100755 --- a/modules/config/instances/config/vaultwarden.nix +++ b/modules/config/instances/config/vaultwarden.nix @@ -24,6 +24,13 @@ in url0 = domain; }; subdomain = name; + tags = [ + name + "bitwarden" + "vault" + "bit" + "warden" + ]; paths = { path0 = "${servicePath}/${label}/BackupDir"; }; diff --git a/modules/config/instances/config/web.nix b/modules/config/instances/config/web.nix index 4f8a1c9..beedbf9 100755 --- a/modules/config/instances/config/web.nix +++ b/modules/config/instances/config/web.nix @@ -8,6 +8,8 @@ let ; in { + name = "router"; + label = "Router"; domains = { url0 = domain0; url1 = domain1; @@ -17,6 +19,10 @@ in dns = { provider0 = "namecheap"; }; + tags = [ + "router" + "asus" + ]; localhost = { address0 = "127.0.0.1"; # Local address1 = "0.0.0.0"; # All diff --git a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix index 8650db2..48f7fe3 100755 --- a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix +++ b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix @@ -15,25 +15,6 @@ let instances ; - jellyfinTags = [ - "jelly" - "video" - "streaming" - "movies" - "shows" - "music" - ]; - ollamaTags = [ - instances.ollama.name - "chat" - "ai" - ]; - syncthingTags = [ - instances.syncthing.name - "sync" - "thing" - instances.synology.name - ]; in { name = "Self Hosted"; @@ -49,35 +30,39 @@ in ]; keyword = "Website"; } + { + name = instances.opencloud.label; + url = "https://${instances.opencloud.domains.url0}"; + tags = [ + + ]; + keyword = "Cloud"; + } { name = instances.forgejo.label; url = "https://${instances.forgejo.domains.url0}"; tags = [ - instances.forgejo.name - "forge" - "git" + ]; keyword = instances.forgejo.label; } { name = "${instances.jellyfin.label} (Internet)"; url = "https://${instances.jellyfin.domains.url0}"; - tags = jellyfinTags; + tags = [ ]; keyword = instances.jellyfin.label; } { name = "${instances.jellyfin.label} (Local)"; url = "http://${ceres.ip.address0}:${toString instances.jellyfin.ports.port1}"; - tags = jellyfinTags; + tags = [ ]; keyword = instances.jellyfin.label; } { name = instances.mastodon.label; url = "https://${instances.mastodon.domains.url0}"; tags = [ - instances.mastodon.name - "mast" - "md" + ]; keyword = instances.mastodon.label; } @@ -96,51 +81,34 @@ in name = instances.nextcloud.label; url = "https://${instances.nextcloud.domains.url0}"; tags = [ - instances.nextcloud.name - "next" - "cloud" - "calendar" + ]; keyword = instances.nextcloud.label; } - { - name = aliases.name2; - url = instances.web.domains.url2; - tags = [ - aliases.name3 - "blog" - ]; - keyword = aliases.name2; - } { name = "${instances.glance.label} (Local)"; url = "https://${instances.glance.domains.url0}"; tags = [ - "glance" - "dashboard" - "weather" - "podcasts" + ]; keyword = instances.glance.label; } { name = "${instances.ollama.label} (Server)"; url = "https://${instances.ollama.domains.url0}"; - tags = ollamaTags; + tags = [ ]; keyword = instances.ollama.label; } { name = "${instances.ollama.label} (Desktop)"; url = "http://${mars.ip.address0}:${toString instances.ollama.ports.port0}"; - tags = ollamaTags; + tags = [ ]; keyword = instances.ollama.label; } { name = "Router"; url = "http://${instances.web.localhost.address2}"; tags = [ - "router" - "asus" ]; keyword = "Router"; } @@ -148,9 +116,7 @@ in name = "${instances.searx.label} (Internet)"; url = "https://${instances.searx.domains.url0}"; tags = [ - "search" - "sear" - "searx" + ]; keyword = instances.searx.label; } @@ -158,25 +124,21 @@ in name = "${instances.syncthing.label} (${instances.synology.label})"; url = "http://${synology.ip.address0}:${toString instances.syncthing.ports.port0}"; tags = [ - "synology" - ] ++ syncthingTags; + ]; keyword = instances.syncthing.label; } { name = "${instances.syncthing.label} (Desktop)"; url = "http://localhost:${toString instances.syncthing.ports.port0}"; tags = [ - "desktop" - ] ++ syncthingTags; + ]; keyword = instances.syncthing.label; } { name = instances.synology.label; url = "https://${synology.ip.address0}:${toString instances.synology.ports.port0}"; tags = [ - instances.synology.name - "dsm" - "cloud" + ]; keyword = instances.synology.label; } @@ -184,11 +146,7 @@ in name = instances.vaultwarden.label; url = "https://${instances.vaultwarden.domains.url0}"; tags = [ - instances.vaultwarden.name - "bitwarden" - "vault" - "bit" - "warden" + ]; keyword = instances.vaultwarden.label; }