diff --git a/modules/homelab/services/gitea/default.nix b/modules/homelab/services/gitea/default.nix index a38e640..38793b5 100644 --- a/modules/homelab/services/gitea/default.nix +++ b/modules/homelab/services/gitea/default.nix @@ -23,7 +23,7 @@ in }; url = lib.mkOption { type = lib.types.str; - default = "${service}.${homelab.base_domain}"; + default = "git.${homelab.base_domain}"; description = "set domain for ${service}"; }; data_dir = lib.mkOption { diff --git a/modules/homelab/services/jellyfin/default_temp.nix b/modules/homelab/services/jellyfin/default_temp.nix deleted file mode 100644 index b816f17..0000000 --- a/modules/homelab/services/jellyfin/default_temp.nix +++ /dev/null @@ -1,108 +0,0 @@ -{ pkgs, config, lib, ... }: - -let - service = ""; - cfg = config.modules.services.${service}; - sec = config.sops.secrets; - homelab = config.modules.homelab; -in -{ - options.modules.services.${service} = { - enable = lib.mkEnableOption "enables ${service}"; - - # set port options - port = lib.mkOption { - type = lib.types.int; - default = ; - description = "set port for ${service} (default: ${toString cfg.port}"; - }; - url = lib.mkOption { - type = lib.types.str; - default = "${service}.${homelab.base_domain}"; - description = "set domain for ${service}"; - }; - data_dir = lib.mkOption { - type = lib.types.str; - default = "/var/lib/${service}"; - description = "set data directory for ${service}"; - }; - ids = lib.mkOption { - type = lib.types.int; - default = cfg.port; - description = "set uid and pid of ${service} user (matches port by default)"; - }; - backup = lib.mkOption { - type = lib.types.bool; - default = true; - description = "enable backups for ${service}"; - }; - }; - - config = lib.mkIf cfg.enable { - - # declare ${service} group - users.groups.${service} = { gid = lib.mkForce cfg.ids; }; - - # declare ${service} user - users.users.${service} = { - description = "${service} server user"; - uid = lib.mkForce cfg.ids; - isSystemUser = true; - home = cfg.data_dir; - createHome = true; - group = "${service}"; - extraGroups = [ "media" ]; - }; - - # enable the ${service} service - services.${service} = { - enable = true; - openFirewall = true; - user = "${service}"; - group = "${service}"; - dataDir = cfg.data_dir; - settings = { - server.port = cfg.port; - }; - }; - - # override umask to make permissions work out - systemd.services.${service}.serviceConfig = { - UMask = lib.mkForce "0007"; -# User = "${service}"; -# Group = "${service}"; - }; - -# # open firewall -# networking.firewall.allowedTCPPorts = [ cfg.port ]; - - # internal reverse proxy entry - services.nginx.virtualHosts."${cfg.url}" = { - forceSSL = true; - sslCertificate = sec."ssl_blakedheld_crt".path; - sslCertificateKey = sec."ssl_blakedheld_key".path; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.port}"; - }; - }; -# # external reverse proxy entry -# services.nginx.virtualHosts."${service}.blakedheld.xyz" = { -# forceSSL = true; -# sslCertificate = sec."ssl_blakedheld_crt".path; -# sslCertificateKey = sec."ssl_blakedheld_key".path; -# locations."/" = { -# proxyPass = "http://127.0.0.1:${toString cfg.port}"; -# }; -# }; -# -# sops.secrets = { -# "${service}_" = { -# owner = "${service}"; -# group = "${service}"; -# }; -# }; - - # add to backups - modules.system.backups.paths = lib.mkIf cfg.backup [ cfg.data_dir ]; - }; -} diff --git a/modules/homelab/services/qbittorrent/default_temp.nix b/modules/homelab/services/qbittorrent/default_temp.nix deleted file mode 100644 index b816f17..0000000 --- a/modules/homelab/services/qbittorrent/default_temp.nix +++ /dev/null @@ -1,108 +0,0 @@ -{ pkgs, config, lib, ... }: - -let - service = ""; - cfg = config.modules.services.${service}; - sec = config.sops.secrets; - homelab = config.modules.homelab; -in -{ - options.modules.services.${service} = { - enable = lib.mkEnableOption "enables ${service}"; - - # set port options - port = lib.mkOption { - type = lib.types.int; - default = ; - description = "set port for ${service} (default: ${toString cfg.port}"; - }; - url = lib.mkOption { - type = lib.types.str; - default = "${service}.${homelab.base_domain}"; - description = "set domain for ${service}"; - }; - data_dir = lib.mkOption { - type = lib.types.str; - default = "/var/lib/${service}"; - description = "set data directory for ${service}"; - }; - ids = lib.mkOption { - type = lib.types.int; - default = cfg.port; - description = "set uid and pid of ${service} user (matches port by default)"; - }; - backup = lib.mkOption { - type = lib.types.bool; - default = true; - description = "enable backups for ${service}"; - }; - }; - - config = lib.mkIf cfg.enable { - - # declare ${service} group - users.groups.${service} = { gid = lib.mkForce cfg.ids; }; - - # declare ${service} user - users.users.${service} = { - description = "${service} server user"; - uid = lib.mkForce cfg.ids; - isSystemUser = true; - home = cfg.data_dir; - createHome = true; - group = "${service}"; - extraGroups = [ "media" ]; - }; - - # enable the ${service} service - services.${service} = { - enable = true; - openFirewall = true; - user = "${service}"; - group = "${service}"; - dataDir = cfg.data_dir; - settings = { - server.port = cfg.port; - }; - }; - - # override umask to make permissions work out - systemd.services.${service}.serviceConfig = { - UMask = lib.mkForce "0007"; -# User = "${service}"; -# Group = "${service}"; - }; - -# # open firewall -# networking.firewall.allowedTCPPorts = [ cfg.port ]; - - # internal reverse proxy entry - services.nginx.virtualHosts."${cfg.url}" = { - forceSSL = true; - sslCertificate = sec."ssl_blakedheld_crt".path; - sslCertificateKey = sec."ssl_blakedheld_key".path; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.port}"; - }; - }; -# # external reverse proxy entry -# services.nginx.virtualHosts."${service}.blakedheld.xyz" = { -# forceSSL = true; -# sslCertificate = sec."ssl_blakedheld_crt".path; -# sslCertificateKey = sec."ssl_blakedheld_key".path; -# locations."/" = { -# proxyPass = "http://127.0.0.1:${toString cfg.port}"; -# }; -# }; -# -# sops.secrets = { -# "${service}_" = { -# owner = "${service}"; -# group = "${service}"; -# }; -# }; - - # add to backups - modules.system.backups.paths = lib.mkIf cfg.backup [ cfg.data_dir ]; - }; -}