Shove system services into base/system.nix where they belong
This commit is contained in:
parent
065d116d2a
commit
072ee60680
|
@ -250,11 +250,11 @@
|
|||
"nix-secrets": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1716252757,
|
||||
"narHash": "sha256-gTTs8PX/Rh6XNrglcVokmyee6kqAIZ2JL8W89n5aau0=",
|
||||
"lastModified": 1716406677,
|
||||
"narHash": "sha256-pzZcg9qu/TfrzKiKGffKi5PqruNWZceuFe5Ceg6x/p8=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "1bc67c9f5e4cfc11ff664b9d8a447276408638bd",
|
||||
"revCount": 30,
|
||||
"rev": "60462223ede840d1fc3996b18cbee2b7809dcc73",
|
||||
"revCount": 31,
|
||||
"type": "git",
|
||||
"url": "file:///home/aires/Development/nix-configuration/nix-secrets"
|
||||
},
|
||||
|
|
|
@ -48,7 +48,6 @@ in
|
|||
};
|
||||
airsonic = {
|
||||
enable = true;
|
||||
domain = config.secrets.networking.primaryDomain;
|
||||
home = "/storage/services/airsonic-advanced";
|
||||
};
|
||||
boinc.enable = true;
|
||||
|
@ -59,7 +58,6 @@ in
|
|||
};
|
||||
forgejo = {
|
||||
enable = true;
|
||||
domain = config.secrets.networking.primaryDomain;
|
||||
home = "/storage/services/forgejo";
|
||||
};
|
||||
msmtp.enable = true;
|
||||
|
@ -72,7 +70,7 @@ in
|
|||
enableACME = true; # Enable Let's Encrypt
|
||||
locations."/" = {
|
||||
# Catchall vhost, will redirect users to Forgejo
|
||||
return = "301 https://code.${config.secrets.networking.primaryDomain}";
|
||||
return = "301 https://${config.secrets.services.forgejo.url}";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,5 +1,10 @@
|
|||
# System options
|
||||
{ pkgs, config, ... }:
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{
|
||||
# Set up the environment
|
||||
environment = {
|
||||
|
@ -30,8 +35,32 @@
|
|||
operation = "switch";
|
||||
};
|
||||
|
||||
# Enable fwupd (firmware updater)
|
||||
services.fwupd.enable = true;
|
||||
services = {
|
||||
# Enable fwupd (firmware updater)
|
||||
fwupd.enable = true;
|
||||
|
||||
# Autoscrub BTRFS partitions
|
||||
btrfs.autoScrub = lib.mkIf (config.fileSystems."/".fsType == "btrfs") {
|
||||
enable = true;
|
||||
interval = "weekly";
|
||||
fileSystems = [ "/" ];
|
||||
};
|
||||
|
||||
# Allow systemd user services to keep running after the user has logged out
|
||||
logind.killUserProcesses = false;
|
||||
|
||||
# Enable disk monitoring
|
||||
smartd = {
|
||||
enable = true;
|
||||
autodetect = true;
|
||||
notifications.wall.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
# Reduce logout stop timer duration
|
||||
systemd.extraConfig = ''
|
||||
DefaultTimeoutStopSec=30s
|
||||
'';
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "America/New_York";
|
||||
|
|
|
@ -6,7 +6,6 @@
|
|||
}:
|
||||
let
|
||||
cfg = config.host.services.airsonic;
|
||||
subdomain = "music";
|
||||
in
|
||||
{
|
||||
options = {
|
||||
|
@ -18,10 +17,6 @@ in
|
|||
type = lib.types.str;
|
||||
description = "Where to store Airsonic's files";
|
||||
};
|
||||
domain = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "FQDN for the host server";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -30,8 +25,8 @@ in
|
|||
users.users.airsonic.extraGroups = [ "media" ];
|
||||
|
||||
services = {
|
||||
nginx.virtualHosts."${subdomain}.${cfg.domain}" = {
|
||||
useACMEHost = cfg.domain;
|
||||
nginx.virtualHosts."${config.secrets.services.airsonic.url}" = {
|
||||
useACMEHost = config.secrets.networking.primaryDomain;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:4040";
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
# Services to run on BTRFS filesystems.
|
||||
# Only run if the root partition is BTRFS.
|
||||
{ config, lib, ... }:
|
||||
{
|
||||
services.btrfs.autoScrub = lib.mkIf (config.fileSystems."/".fsType == "btrfs") {
|
||||
enable = true;
|
||||
interval = "weekly";
|
||||
fileSystems = [ "/" ];
|
||||
};
|
||||
}
|
|
@ -5,9 +5,7 @@
|
|||
...
|
||||
}:
|
||||
let
|
||||
subdomain = "code";
|
||||
cfg = config.host.services.forgejo;
|
||||
|
||||
cli-cfg = config.services.forgejo;
|
||||
|
||||
forgejo-cli = pkgs.writeScriptBin "forgejo-cli" ''
|
||||
|
@ -33,18 +31,14 @@ in
|
|||
type = lib.types.str;
|
||||
description = "Where to store Forgejo's files";
|
||||
};
|
||||
domain = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "FQDN for the host server";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.systemPackages = [ forgejo-cli ];
|
||||
services = {
|
||||
nginx.virtualHosts."${subdomain}.${cfg.domain}" = {
|
||||
useACMEHost = cfg.domain;
|
||||
nginx.virtualHosts."${config.secrets.services.forgejo.url}" = {
|
||||
useACMEHost = config.secrets.networking.primaryDomain;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:3000";
|
||||
|
|
|
@ -1,8 +0,0 @@
|
|||
# Configure SMART monitoring
|
||||
_: {
|
||||
services.smartd = {
|
||||
enable = true;
|
||||
autodetect = true;
|
||||
notifications.wall.enable = true;
|
||||
};
|
||||
}
|
|
@ -1,17 +0,0 @@
|
|||
# Configure systemD
|
||||
_: {
|
||||
services = {
|
||||
# Allow systemd user services to keep running after the user has logged out
|
||||
logind.killUserProcesses = false;
|
||||
};
|
||||
|
||||
# Reduce systemd logout time to 30s
|
||||
environment.etc = {
|
||||
"systemd/system.conf.d/10-reduce-logout-wait-time.conf" = {
|
||||
text = ''
|
||||
[Manager]
|
||||
DefaultTimeoutStopSec=30s
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1 +1 @@
|
|||
Subproject commit 1bc67c9f5e4cfc11ff664b9d8a447276408638bd
|
||||
Subproject commit 60462223ede840d1fc3996b18cbee2b7809dcc73
|
Loading…
Reference in a new issue