uh

hosts/iso/default.nix

@@ -1,7 +1,7 @@
 {modulesPath, ...}: {
   imports = [
     "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
-    ../../modules/programs/norm/misc
+    ../../modules
   ];
 
   nixpkgs.hostPlatform = "x86_64-linux";

hosts/server/default.nix

@@ -8,8 +8,10 @@
     ./hardware.nix
     ../../modules/programs
     ../../modules/system
+    ../../modules/secrets
     ../../modules/services
     ../../modules/services/invidious
     ../../modules/services/forgejo
+    ../../modules/services/syncthing
   ];
 }

modules/programs/bat/default.nix

@@ -1,8 +1,5 @@
 {lib, ...}: {
   programs.bat = {
     enable = true;
-    config = {
-      theme = lib.mkForce "base16-stylix";
-    };
   };
 }

modules/secrets/default.nix

@@ -13,12 +13,4 @@
   sops.secrets.contact = {
     owner = "joy";
   };
-
-  users.users.sometestservice = {
-    home = "/var/lib/sometestservice";
-    createHome = true;
-    isSystemUser = true;
-    group = "sometestservice";
-  };
-  users.groups.sometestservice = {};
 }

modules/secrets/secrets.yaml

@@ -1,7 +1,6 @@
 mail: ENC[AES256_GCM,data:fczs+TGhEprQIq90Mj6b+7YMcdc=,iv:VDPWXJ4j0lCB/lGPEav7tc2UyDSeP4pWjwc1GdJaRvc=,tag:dcegyG0iWTNHWwiok9LeCw==,type:str]
 spyware: ENC[AES256_GCM,data:qMIq9wxQEWQ12yv3TS5L+vKJ7k0=,iv:4CcYjHu5P/NG2TJHIQGrHxGLpvJkJQwi43vEUTuHzcc=,tag:IkEBbib9sCEYvplLSK6FaQ==,type:str]
 contact: ENC[AES256_GCM,data:Ar1oEaGVJrzk2tZjjC1oJevP3ms=,iv:W0ZZe1Okk2DgTRsNaDfwpdUhkXZHdVdENOudUZarhm0=,tag:xUgtoxMkO4WBVn2Ly2ADtA==,type:str]
-sync: ENC[AES256_GCM,data:0kfXpI6hOIowLCtvoEi9Kh2KSUg=,iv:FrR3H+9Mpz3r7QUqsAVOYc72TRqfWqjUG/2Pby4XTxo=,tag:+1CxjAZaWkfC5nvTT45RBw==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -17,8 +16,8 @@ sops:
             OFFGTHdpNmpvU0NxRkZKakp6d1ZQOHcKlyLSgKBK3W6uRlkFpTTrbClwAmEx7DPL
             KpxncKiz0MoFsnlIP2evqPrxS/K9RP3EYRmdSKKr9VuLeWTIg+/nJA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-10-23T16:07:07Z"
+    lastmodified: "2024-10-23T18:00:17Z"
-    mac: ENC[AES256_GCM,data:6obWmz9HdOT3Rp4Ue+AtaBS2fIz5SpjgZBPJMF9FAyGNTWiEi2xCHLZ1cu89wgfZCRTYh900KU4Iatk7yp2kdAX6dNKM/HzTuqsJreCEm/08Gg3Pl8RitJTSGMtHZ2NPNVRjKf3JOl9Tgr5zzO17+xdcBc21z7KieJVN3voyaJs=,iv:Xvjvuv/g3qH3soOTbGiY6x5nHTKT+iJVe6odygaVVQs=,tag:w+FS7/aUdRAyCcJNIlyd0w==,type:str]
+    mac: ENC[AES256_GCM,data:skJj/3pvaKOwVIoJbCDXbpX41zLQMczKw46uPGFfY0ZzRTaZlf2Gn4pruJq064/lwuXxWy3ckvSO3la9epCY+B64g4GiszkHqoxNy94ALK18wF/zokLCqt5MtSZUEhcqiUlcw/86msyCeHTH8dkbMX8GvQ83824LWmaqpG0aZNg=,iv:lat6ZqUbSbcOykTmFHjXFPMVWuOZzm4uJeBNwNO2beE=,tag:azqjPRjxZSqHngIEZP7fWw==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.9.1

modules/services/default.nix

@@ -1,7 +1,6 @@
 {
   imports = [
     ./vm
-    ./syncthing
     ./docker
     ./ssh
     ./misc

modules/services/syncthing/default.nix

@@ -1,9 +1,27 @@
 {
-  services = {
+  services.syncthing = {
-    syncthing = {
+    enable = true;
-      enable = true;
+    dataDir = "/home/joy";
-      user = "joy";
+    openDefaultPorts = true;
-      configDir = "/home/joy/.config/syncthing";
+    configDir = "/home/joy/.config/syncthing";
+    user = "joy";
+    group = "users";
+    guiAddress = "0.0.0.0:8384";
+  };
+  services.nginx = {
+    enable = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+    virtualHosts."sync.joygnu.org" = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = {
+        proxyPass = "http://127.0.0.1:8384";
+        proxyWebsockets = true;
+        extraConfig =
+          "proxy_ssl_server_name on;"
+          + "proxy_pass_header Authorization;";
+      };
     };
   };
 }

modules/wm/default.nix

@@ -4,6 +4,7 @@
     ./theme
     ./gnome
     ./polkit
+    ./syncthing
     ./gdm
   ];
   home-manager = {

modules/wm/syncthing/default.nix

@@ -0,0 +1,10 @@
+{
+  services.syncthing = {
+    enable = true;
+    dataDir = "/home/joy";
+    openDefaultPorts = true;
+    configDir = "/home/joy/.config/syncthing";
+    user = "joy";
+    group = "users";
+  };
+}