diff options
| author | sinanmohd <sinan@sinanmohd.com> | 2025-10-17 08:31:18 +0530 |
|---|---|---|
| committer | sinanmohd <sinan@sinanmohd.com> | 2025-10-17 08:45:14 +0530 |
| commit | 84c39b405972516a9be2e8be8729097f8691050f (patch) | |
| tree | 5a63186f3004e36a0f7560ee90ef358bd3662aa9 /os | |
| parent | 5fd8a7084e907f4c1b4c2c86cfd69f622b4c294a (diff) | |
chore(os/kay): refactor
Diffstat (limited to 'os')
| -rw-r--r-- | os/kay/configuration.nix | 30 | ||||
| -rw-r--r-- | os/kay/modules/internal/acme.nix (renamed from os/kay/modules/acme.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/internal/postgresql.nix (renamed from os/kay/modules/postgresql.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/internal/www.nix (renamed from os/kay/modules/www.nix) | 5 | ||||
| -rw-r--r-- | os/kay/modules/network/default.nix (renamed from os/kay/modules/network.nix) | 2 | ||||
| -rw-r--r-- | os/kay/modules/network/headscale.nix (renamed from os/kay/modules/headscale.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/network/hurricane.nix (renamed from os/kay/modules/hurricane.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/network/router.nix (renamed from os/kay/modules/router.nix) | 5 | ||||
| -rw-r--r-- | os/kay/modules/network/wireguard.nix (renamed from os/kay/modules/wireguard.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/alina.nix (renamed from os/kay/modules/alina.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/cgit.nix (renamed from os/kay/modules/cgit.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/github-runner.nix (renamed from os/kay/modules/github-runner.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/home-assistant.nix (renamed from os/kay/modules/home-assistant.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/immich.nix (renamed from os/kay/modules/immich.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/iperf3.nix (renamed from os/kay/modules/iperf3.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/mail.nix (renamed from os/kay/modules/mail.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/matrix/default.nix (renamed from os/kay/modules/matrix/default.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/matrix/dendrite.nix (renamed from os/kay/modules/matrix/dendrite.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/matrix/matrix-sliding-sync.nix (renamed from os/kay/modules/matrix/matrix-sliding-sync.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/minio.nix (renamed from os/kay/modules/minio.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/nix-cache.nix (renamed from os/kay/modules/nix-cache.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/services/sftp.nix (renamed from os/kay/modules/sftp.nix) | 0 | ||||
| -rw-r--r-- | os/kay/modules/sshfwd.nix | 32 |
23 files changed, 18 insertions, 56 deletions
diff --git a/os/kay/configuration.nix b/os/kay/configuration.nix index 6c2c618..1bc5f37 100644 --- a/os/kay/configuration.nix +++ b/os/kay/configuration.nix @@ -5,22 +5,24 @@ ../server/configuration.nix ./hardware-configuration.nix - ./modules/network.nix - ./modules/www.nix - ./modules/sftp.nix - ./modules/acme.nix - ./modules/mail.nix ./modules/dns - ./modules/sshfwd.nix - ./modules/home-assistant.nix - ./modules/postgresql.nix - ./modules/github-runner.nix - ./modules/nix-cache.nix - ./modules/immich.nix + ./modules/network ./modules/observability - ./modules/alina.nix - ./modules/minio.nix - ./modules/headscale.nix + + ./modules/internal/www.nix + ./modules/internal/acme.nix + ./modules/internal/postgresql.nix + + ./modules/services/sftp.nix + ./modules/services/mail.nix + ./modules/services/home-assistant.nix + ./modules/services/github-runner.nix + ./modules/services/nix-cache.nix + ./modules/services/immich.nix + ./modules/services/alina.nix + ./modules/services/minio.nix + ./modules/services/matrix + ./modules/services/cgit.nix ]; networking.hostName = "kay"; diff --git a/os/kay/modules/acme.nix b/os/kay/modules/internal/acme.nix index 60e40a8..60e40a8 100644 --- a/os/kay/modules/acme.nix +++ b/os/kay/modules/internal/acme.nix diff --git a/os/kay/modules/postgresql.nix b/os/kay/modules/internal/postgresql.nix index 6ba5398..6ba5398 100644 --- a/os/kay/modules/postgresql.nix +++ b/os/kay/modules/internal/postgresql.nix diff --git a/os/kay/modules/www.nix b/os/kay/modules/internal/www.nix index e64c65c..dd0a1ef 100644 --- a/os/kay/modules/www.nix +++ b/os/kay/modules/internal/www.nix @@ -10,11 +10,6 @@ let storage = "/hdd/users/sftp/shr"; in { - imports = [ - ./matrix - ./cgit.nix - ]; - security.acme.certs.${domain}.postRun = "systemctl reload nginx.service"; networking.firewall = { allowedTCPPorts = [ diff --git a/os/kay/modules/network.nix b/os/kay/modules/network/default.nix index 1315289..56371c7 100644 --- a/os/kay/modules/network.nix +++ b/os/kay/modules/network/default.nix @@ -12,6 +12,8 @@ in imports = [ ./router.nix ./hurricane.nix + ./wireguard.nix + ./headscale.nix ]; sops.secrets = { diff --git a/os/kay/modules/headscale.nix b/os/kay/modules/network/headscale.nix index 24df170..24df170 100644 --- a/os/kay/modules/headscale.nix +++ b/os/kay/modules/network/headscale.nix diff --git a/os/kay/modules/hurricane.nix b/os/kay/modules/network/hurricane.nix index e815136..e815136 100644 --- a/os/kay/modules/hurricane.nix +++ b/os/kay/modules/network/hurricane.nix diff --git a/os/kay/modules/router.nix b/os/kay/modules/network/router.nix index 7280401..aeb008c 100644 --- a/os/kay/modules/router.nix +++ b/os/kay/modules/network/router.nix @@ -18,11 +18,6 @@ let wapIp = "192.168.43.2"; in { - imports = [ - ./wireguard.nix - ./iperf3.nix - ]; - networking = { bridges.${bridgeInterface}.interfaces = [ lanInterface ]; diff --git a/os/kay/modules/wireguard.nix b/os/kay/modules/network/wireguard.nix index fd00804..fd00804 100644 --- a/os/kay/modules/wireguard.nix +++ b/os/kay/modules/network/wireguard.nix diff --git a/os/kay/modules/alina.nix b/os/kay/modules/services/alina.nix index c567953..c567953 100644 --- a/os/kay/modules/alina.nix +++ b/os/kay/modules/services/alina.nix diff --git a/os/kay/modules/cgit.nix b/os/kay/modules/services/cgit.nix index 254cc80..254cc80 100644 --- a/os/kay/modules/cgit.nix +++ b/os/kay/modules/services/cgit.nix diff --git a/os/kay/modules/github-runner.nix b/os/kay/modules/services/github-runner.nix index dd4d48d..dd4d48d 100644 --- a/os/kay/modules/github-runner.nix +++ b/os/kay/modules/services/github-runner.nix diff --git a/os/kay/modules/home-assistant.nix b/os/kay/modules/services/home-assistant.nix index 65807f7..65807f7 100644 --- a/os/kay/modules/home-assistant.nix +++ b/os/kay/modules/services/home-assistant.nix diff --git a/os/kay/modules/immich.nix b/os/kay/modules/services/immich.nix index 5e5eaf4..5e5eaf4 100644 --- a/os/kay/modules/immich.nix +++ b/os/kay/modules/services/immich.nix diff --git a/os/kay/modules/iperf3.nix b/os/kay/modules/services/iperf3.nix index 2c8afef..2c8afef 100644 --- a/os/kay/modules/iperf3.nix +++ b/os/kay/modules/services/iperf3.nix diff --git a/os/kay/modules/mail.nix b/os/kay/modules/services/mail.nix index 685461f..685461f 100644 --- a/os/kay/modules/mail.nix +++ b/os/kay/modules/services/mail.nix diff --git a/os/kay/modules/matrix/default.nix b/os/kay/modules/services/matrix/default.nix index 1b9564d..1b9564d 100644 --- a/os/kay/modules/matrix/default.nix +++ b/os/kay/modules/services/matrix/default.nix diff --git a/os/kay/modules/matrix/dendrite.nix b/os/kay/modules/services/matrix/dendrite.nix index e66c5a5..e66c5a5 100644 --- a/os/kay/modules/matrix/dendrite.nix +++ b/os/kay/modules/services/matrix/dendrite.nix diff --git a/os/kay/modules/matrix/matrix-sliding-sync.nix b/os/kay/modules/services/matrix/matrix-sliding-sync.nix index 63d95ad..63d95ad 100644 --- a/os/kay/modules/matrix/matrix-sliding-sync.nix +++ b/os/kay/modules/services/matrix/matrix-sliding-sync.nix diff --git a/os/kay/modules/minio.nix b/os/kay/modules/services/minio.nix index d440e50..d440e50 100644 --- a/os/kay/modules/minio.nix +++ b/os/kay/modules/services/minio.nix diff --git a/os/kay/modules/nix-cache.nix b/os/kay/modules/services/nix-cache.nix index 9c81b56..9c81b56 100644 --- a/os/kay/modules/nix-cache.nix +++ b/os/kay/modules/services/nix-cache.nix diff --git a/os/kay/modules/sftp.nix b/os/kay/modules/services/sftp.nix index f75abc4..f75abc4 100644 --- a/os/kay/modules/sftp.nix +++ b/os/kay/modules/services/sftp.nix diff --git a/os/kay/modules/sshfwd.nix b/os/kay/modules/sshfwd.nix deleted file mode 100644 index fcafd17..0000000 --- a/os/kay/modules/sshfwd.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ ... }: -let - group = "sshfwd"; -in -{ - networking.firewall.allowedTCPPorts = [ 2222 ]; - - users = { - groups.${group}.members = [ ]; - - users."lia" = { - inherit group; - isSystemUser = true; - - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAe7fJlh9L+9JSq0+hK7jNZjszmZqNXwzqcZ+zx0yJyU lia" - ]; - }; - }; - - services.openssh.extraConfig = '' - Match Group ${group} - ForceCommand echo 'this account is only usable for remote forwarding' - PermitTunnel no - AllowAgentForwarding no - X11Forwarding no - - AllowTcpForwarding remote - GatewayPorts clientspecified - PermitListen *:2222 - ''; -} |