From d49f58265f88a61fc186e2e428724b1d6242caa7 Mon Sep 17 00:00:00 2001 From: Fabian Hauser Date: Fri, 21 Mar 2025 19:19:37 +0200 Subject: [PATCH 1/8] Move all nixos-modules to options.qois --- nixos-configurations/calanda/networking.nix | 2 +- nixos-configurations/cyprianspitz/networking.nix | 2 +- nixos-configurations/lindberg/networking.nix | 2 +- nixos-configurations/stompert/default.nix | 2 +- nixos-modules/luks-ssh/default.nix | 4 ++-- nixos-modules/router-dhcp/default.nix | 6 +++--- nixos-modules/router-dns/default.nix | 8 ++++---- nixos-modules/router-wireless-ap/default.nix | 6 +++--- nixos-modules/router/default.nix | 6 +++--- nixos-modules/wwan/default.nix | 4 ++-- 10 files changed, 21 insertions(+), 21 deletions(-) diff --git a/nixos-configurations/calanda/networking.nix b/nixos-configurations/calanda/networking.nix index a96757d..46ac9cd 100644 --- a/nixos-configurations/calanda/networking.nix +++ b/nixos-configurations/calanda/networking.nix @@ -32,7 +32,7 @@ in qois.backplane-net.enable = true; # TODO: Metaize ips - services.qois.router = { + qois.router = { enable = true; wanInterface = "enp4s0"; wirelessInterfaces = [ "wlp5s0" ]; diff --git a/nixos-configurations/cyprianspitz/networking.nix b/nixos-configurations/cyprianspitz/networking.nix index 469c598..0d55ee9 100644 --- a/nixos-configurations/cyprianspitz/networking.nix +++ b/nixos-configurations/cyprianspitz/networking.nix @@ -73,7 +73,7 @@ in }; # Boot - services.qois.luks-ssh = { + qois.luks-ssh = { enable = true; interface = "eth0"; diff --git a/nixos-configurations/lindberg/networking.nix b/nixos-configurations/lindberg/networking.nix index 67f2b0b..fb06bc6 100644 --- a/nixos-configurations/lindberg/networking.nix +++ b/nixos-configurations/lindberg/networking.nix @@ -73,7 +73,7 @@ in # Boot boot.initrd.network.udhcpc.enable = true; - services.qois.luks-ssh = { + qois.luks-ssh = { enable = true; interface = "eth0"; sshPort = 2222; diff --git a/nixos-configurations/stompert/default.nix b/nixos-configurations/stompert/default.nix index 5eea848..e9b7249 100644 --- a/nixos-configurations/stompert/default.nix +++ b/nixos-configurations/stompert/default.nix @@ -35,7 +35,7 @@ # Define on which hard drive you want to install Grub. boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only - services.qois.luks-ssh = { + qois.luks-ssh = { enable = true; interface = "eth1"; sshPort = 2222; diff --git a/nixos-modules/luks-ssh/default.nix b/nixos-modules/luks-ssh/default.nix index 7f11b88..4b15363 100644 --- a/nixos-modules/luks-ssh/default.nix +++ b/nixos-modules/luks-ssh/default.nix @@ -8,10 +8,10 @@ with lib; let - cfg = config.services.qois.luks-ssh; + cfg = config.qois.luks-ssh; in { - options.services.qois.luks-ssh = { + options.qois.luks-ssh = { enable = mkEnableOption "luks-ssh service"; interface = mkOption { diff --git a/nixos-modules/router-dhcp/default.nix b/nixos-modules/router-dhcp/default.nix index 34d3b54..fed5e6b 100644 --- a/nixos-modules/router-dhcp/default.nix +++ b/nixos-modules/router-dhcp/default.nix @@ -8,11 +8,11 @@ with lib; let - routerCfg = config.services.qois.router; - cfg = config.services.qois.router.dhcp; + routerCfg = config.qois.router; + cfg = config.qois.router.dhcp; in { - options.services.qois.router.dhcp = { + options.qois.router.dhcp = { enable = mkEnableOption "router dhcp service"; localDomain = mkOption { diff --git a/nixos-modules/router-dns/default.nix b/nixos-modules/router-dns/default.nix index f1c13fc..ed8cbf2 100644 --- a/nixos-modules/router-dns/default.nix +++ b/nixos-modules/router-dns/default.nix @@ -8,12 +8,12 @@ with lib; let - routerCfg = config.services.qois.router; - dhcpCfg = config.services.qois.router.dhcp; - cfg = config.services.qois.router.recursiveDns; + routerCfg = config.qois.router; + dhcpCfg = config.qois.router.dhcp; + cfg = config.qois.router.recursiveDns; in { - options.services.qois.router.recursiveDns = { + options.qois.router.recursiveDns = { enable = mkEnableOption "router recursive dns service"; networkIdIp = mkOption { diff --git a/nixos-modules/router-wireless-ap/default.nix b/nixos-modules/router-wireless-ap/default.nix index 6c31b77..f18739d 100644 --- a/nixos-modules/router-wireless-ap/default.nix +++ b/nixos-modules/router-wireless-ap/default.nix @@ -8,11 +8,11 @@ with lib; let - routerCfg = config.services.qois.router; - cfg = config.services.qois.router.wireless; + routerCfg = config.qois.router; + cfg = config.qois.router.wireless; in { - options.services.qois.router.wireless = { + options.qois.router.wireless = { enable = mkEnableOption "router wireless service"; wleInterface24Ghz = mkOption { diff --git a/nixos-modules/router/default.nix b/nixos-modules/router/default.nix index c6bd125..c368bc8 100644 --- a/nixos-modules/router/default.nix +++ b/nixos-modules/router/default.nix @@ -8,10 +8,10 @@ with lib; let - cfg = config.services.qois.router; + cfg = config.qois.router; in { - options.services.qois.router = { + options.qois.router = { enable = mkEnableOption "router service"; wanInterface = mkOption { @@ -51,7 +51,7 @@ in type = types.str; example = "192.168.0.1"; description = '' - Internal IP of router. + Internal IP of router. ''; }; diff --git a/nixos-modules/wwan/default.nix b/nixos-modules/wwan/default.nix index 54b9555..7719eeb 100644 --- a/nixos-modules/wwan/default.nix +++ b/nixos-modules/wwan/default.nix @@ -10,7 +10,7 @@ with lib; let - cfg = config.services.qois.wwan; + cfg = config.qois.wwan; mbim-ip-configured = pkgs.writeScriptBin "mbim-ip-configured" ( '' @@ -34,7 +34,7 @@ let ''; in { - options.services.qois.wwan = { + options.qois.wwan = { enable = mkEnableOption "wwan client service"; apn = mkOption { -- 2.47.2 From 97d1a30329e3e352bde59b405d9f87f9842eb18f Mon Sep 17 00:00:00 2001 From: Fabian Hauser Date: Fri, 21 Mar 2025 19:20:28 +0200 Subject: [PATCH 2/8] Move all nixos-modules out of qois subfolder --- SUMMARY.md | 7 +++---- nixos-modules/{qois => }/attic/default.nix | 0 .../{qois => }/backplane-net.hosts/default.nix | 0 nixos-modules/{qois => }/backplane-net/README.md | 0 nixos-modules/{qois => }/backplane-net/default.nix | 0 nixos-modules/{qois => }/backup-client/README.md | 0 nixos-modules/{qois => }/backup-client/default.nix | 0 nixos-modules/{qois => }/backup-server/README.md | 0 nixos-modules/{qois => }/backup-server/default.nix | 0 nixos-modules/{qois => }/git-ci-runner/README.md | 0 nixos-modules/{qois => }/git-ci-runner/default.nix | 0 nixos-modules/{qois => }/git/README.md | 0 nixos-modules/{qois => }/git/default.nix | 0 nixos-modules/{qois => }/loadbalancer/default.nix | 0 nixos-modules/{qois => }/nginx/default.nix | 0 nixos-modules/qois/default.nix | 10 ---------- nixos-modules/{qois => }/renovate/default.nix | 0 nixos-modules/{qois => }/static-page/README.md | 0 nixos-modules/{qois => }/static-page/default-pages.nix | 0 nixos-modules/{qois => }/static-page/default.nix | 0 nixos-modules/{qois => }/vpn-exit-node/default.nix | 0 nixos-modules/{qois => }/vpn-server/default.nix | 0 22 files changed, 3 insertions(+), 14 deletions(-) rename nixos-modules/{qois => }/attic/default.nix (100%) rename nixos-modules/{qois => }/backplane-net.hosts/default.nix (100%) rename nixos-modules/{qois => }/backplane-net/README.md (100%) rename nixos-modules/{qois => }/backplane-net/default.nix (100%) rename nixos-modules/{qois => }/backup-client/README.md (100%) rename nixos-modules/{qois => }/backup-client/default.nix (100%) rename nixos-modules/{qois => }/backup-server/README.md (100%) rename nixos-modules/{qois => }/backup-server/default.nix (100%) rename nixos-modules/{qois => }/git-ci-runner/README.md (100%) rename nixos-modules/{qois => }/git-ci-runner/default.nix (100%) rename nixos-modules/{qois => }/git/README.md (100%) rename nixos-modules/{qois => }/git/default.nix (100%) rename nixos-modules/{qois => }/loadbalancer/default.nix (100%) rename nixos-modules/{qois => }/nginx/default.nix (100%) delete mode 100644 nixos-modules/qois/default.nix rename nixos-modules/{qois => }/renovate/default.nix (100%) rename nixos-modules/{qois => }/static-page/README.md (100%) rename nixos-modules/{qois => }/static-page/default-pages.nix (100%) rename nixos-modules/{qois => }/static-page/default.nix (100%) rename nixos-modules/{qois => }/vpn-exit-node/default.nix (100%) rename nixos-modules/{qois => }/vpn-server/default.nix (100%) diff --git a/SUMMARY.md b/SUMMARY.md index 498cc39..ac7ec7d 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -15,11 +15,11 @@ # Services - [E-mail](email.md) -- [Git CI Runner](nixos-modules/qois/git-ci-runner/README.md) -- [Git Hosting](nixos-modules/qois/git/README.md) +- [Git CI Runner](nixos-modules/git-ci-runner/README.md) +- [Git Hosting](nixos-modules/git/README.md) - [Nextcloud](defaults/nextcloud/README.md) - [Nix Caches](nixos-configurations/lindberg-build/applications/README.md) -- [Static Pages](nixos-modules/qois/static-page/README.md) +- [Static Pages](nixos-modules/static-page/README.md) - [VPN](defaults/vpn/README.md) - [Vaultwarden](nixos-modules/vault/README.md) @@ -29,4 +29,3 @@ - [cyprianspitz](nixos-configurations/cyprianspitz/README.md) - [lindberg](nixos-configurations/lindberg/README.md) - [stompert](nixos-configurations/stompert/README.md) - diff --git a/nixos-modules/qois/attic/default.nix b/nixos-modules/attic/default.nix similarity index 100% rename from nixos-modules/qois/attic/default.nix rename to nixos-modules/attic/default.nix diff --git a/nixos-modules/qois/backplane-net.hosts/default.nix b/nixos-modules/backplane-net.hosts/default.nix similarity index 100% rename from nixos-modules/qois/backplane-net.hosts/default.nix rename to nixos-modules/backplane-net.hosts/default.nix diff --git a/nixos-modules/qois/backplane-net/README.md b/nixos-modules/backplane-net/README.md similarity index 100% rename from nixos-modules/qois/backplane-net/README.md rename to nixos-modules/backplane-net/README.md diff --git a/nixos-modules/qois/backplane-net/default.nix b/nixos-modules/backplane-net/default.nix similarity index 100% rename from nixos-modules/qois/backplane-net/default.nix rename to nixos-modules/backplane-net/default.nix diff --git a/nixos-modules/qois/backup-client/README.md b/nixos-modules/backup-client/README.md similarity index 100% rename from nixos-modules/qois/backup-client/README.md rename to nixos-modules/backup-client/README.md diff --git a/nixos-modules/qois/backup-client/default.nix b/nixos-modules/backup-client/default.nix similarity index 100% rename from nixos-modules/qois/backup-client/default.nix rename to nixos-modules/backup-client/default.nix diff --git a/nixos-modules/qois/backup-server/README.md b/nixos-modules/backup-server/README.md similarity index 100% rename from nixos-modules/qois/backup-server/README.md rename to nixos-modules/backup-server/README.md diff --git a/nixos-modules/qois/backup-server/default.nix b/nixos-modules/backup-server/default.nix similarity index 100% rename from nixos-modules/qois/backup-server/default.nix rename to nixos-modules/backup-server/default.nix diff --git a/nixos-modules/qois/git-ci-runner/README.md b/nixos-modules/git-ci-runner/README.md similarity index 100% rename from nixos-modules/qois/git-ci-runner/README.md rename to nixos-modules/git-ci-runner/README.md diff --git a/nixos-modules/qois/git-ci-runner/default.nix b/nixos-modules/git-ci-runner/default.nix similarity index 100% rename from nixos-modules/qois/git-ci-runner/default.nix rename to nixos-modules/git-ci-runner/default.nix diff --git a/nixos-modules/qois/git/README.md b/nixos-modules/git/README.md similarity index 100% rename from nixos-modules/qois/git/README.md rename to nixos-modules/git/README.md diff --git a/nixos-modules/qois/git/default.nix b/nixos-modules/git/default.nix similarity index 100% rename from nixos-modules/qois/git/default.nix rename to nixos-modules/git/default.nix diff --git a/nixos-modules/qois/loadbalancer/default.nix b/nixos-modules/loadbalancer/default.nix similarity index 100% rename from nixos-modules/qois/loadbalancer/default.nix rename to nixos-modules/loadbalancer/default.nix diff --git a/nixos-modules/qois/nginx/default.nix b/nixos-modules/nginx/default.nix similarity index 100% rename from nixos-modules/qois/nginx/default.nix rename to nixos-modules/nginx/default.nix diff --git a/nixos-modules/qois/default.nix b/nixos-modules/qois/default.nix deleted file mode 100644 index 6a72f9f..0000000 --- a/nixos-modules/qois/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - config, - pkgs, - inputs, - ... -}: -{ - - imports = inputs.self.lib.loadSubmodulesFrom ./.; -} diff --git a/nixos-modules/qois/renovate/default.nix b/nixos-modules/renovate/default.nix similarity index 100% rename from nixos-modules/qois/renovate/default.nix rename to nixos-modules/renovate/default.nix diff --git a/nixos-modules/qois/static-page/README.md b/nixos-modules/static-page/README.md similarity index 100% rename from nixos-modules/qois/static-page/README.md rename to nixos-modules/static-page/README.md diff --git a/nixos-modules/qois/static-page/default-pages.nix b/nixos-modules/static-page/default-pages.nix similarity index 100% rename from nixos-modules/qois/static-page/default-pages.nix rename to nixos-modules/static-page/default-pages.nix diff --git a/nixos-modules/qois/static-page/default.nix b/nixos-modules/static-page/default.nix similarity index 100% rename from nixos-modules/qois/static-page/default.nix rename to nixos-modules/static-page/default.nix diff --git a/nixos-modules/qois/vpn-exit-node/default.nix b/nixos-modules/vpn-exit-node/default.nix similarity index 100% rename from nixos-modules/qois/vpn-exit-node/default.nix rename to nixos-modules/vpn-exit-node/default.nix diff --git a/nixos-modules/qois/vpn-server/default.nix b/nixos-modules/vpn-server/default.nix similarity index 100% rename from nixos-modules/qois/vpn-server/default.nix rename to nixos-modules/vpn-server/default.nix -- 2.47.2 From d216ee6f3f95f62847119513038fac91d6674956 Mon Sep 17 00:00:00 2001 From: Fabian Hauser Date: Fri, 21 Mar 2025 19:39:48 +0200 Subject: [PATCH 3/8] Move vpn docs to nixos-module --- SUMMARY.md | 2 +- {defaults/vpn => nixos-modules/vpn-server}/README.md | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename {defaults/vpn => nixos-modules/vpn-server}/README.md (100%) diff --git a/SUMMARY.md b/SUMMARY.md index ac7ec7d..e1304e8 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -20,7 +20,7 @@ - [Nextcloud](defaults/nextcloud/README.md) - [Nix Caches](nixos-configurations/lindberg-build/applications/README.md) - [Static Pages](nixos-modules/static-page/README.md) -- [VPN](defaults/vpn/README.md) +- [VPN](nixos-modules/vpn-server/README.md) - [Vaultwarden](nixos-modules/vault/README.md) # Nixos Configurations diff --git a/defaults/vpn/README.md b/nixos-modules/vpn-server/README.md similarity index 100% rename from defaults/vpn/README.md rename to nixos-modules/vpn-server/README.md -- 2.47.2 From 0abeadc533e524c2d2787982270d6305b7492405 Mon Sep 17 00:00:00 2001 From: Fabian Hauser Date: Fri, 21 Mar 2025 19:50:44 +0200 Subject: [PATCH 4/8] Move nextcloud to nixos-modules --- SUMMARY.md | 2 +- defaults/nextcloud/default.nix | 99 ------------- .../lindberg-nextcloud/applications/cloud.nix | 21 --- .../applications/default.nix | 10 +- .../cloud}/README.md | 0 nixos-modules/cloud/default.nix | 134 ++++++++++++++++++ 6 files changed, 141 insertions(+), 125 deletions(-) delete mode 100644 defaults/nextcloud/default.nix delete mode 100644 nixos-configurations/lindberg-nextcloud/applications/cloud.nix rename {defaults/nextcloud => nixos-modules/cloud}/README.md (100%) create mode 100644 nixos-modules/cloud/default.nix diff --git a/SUMMARY.md b/SUMMARY.md index e1304e8..11fabb0 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -17,7 +17,7 @@ - [E-mail](email.md) - [Git CI Runner](nixos-modules/git-ci-runner/README.md) - [Git Hosting](nixos-modules/git/README.md) -- [Nextcloud](defaults/nextcloud/README.md) +- [Nextcloud](nixos-modules/cloud/README.md) - [Nix Caches](nixos-configurations/lindberg-build/applications/README.md) - [Static Pages](nixos-modules/static-page/README.md) - [VPN](nixos-modules/vpn-server/README.md) diff --git a/defaults/nextcloud/default.nix b/defaults/nextcloud/default.nix deleted file mode 100644 index 3d43d43..0000000 --- a/defaults/nextcloud/default.nix +++ /dev/null @@ -1,99 +0,0 @@ -# Default configuration for hosts -{ - config, - lib, - pkgs, - ... -}: - -{ - - sops.secrets."nextcloud/admin" = with config.users.users.nextcloud; { - inherit group; - owner = name; - }; - - services.postgresql.enable = true; - qois.backup-client.includePaths = [ config.services.nextcloud.home ]; - - services.nextcloud = { - enable = true; - https = true; - webfinger = true; - maxUploadSize = "10G"; - - database.createLocally = true; - - config = { - adminpassFile = config.sops.secrets."nextcloud/admin".path; - adminuser = "root"; - dbtype = "pgsql"; - }; - - appstoreEnable = false; - extraApps = { - inherit (config.services.nextcloud.package.passthru.packages.apps) - calendar - contacts - deck - groupfolders - maps - memories - music - news - notes - notify_push - tasks - twofactor_webauthn - ; - }; - - phpOptions = { - "opcache.interned_strings_buffer" = "23"; - }; - - poolSettings = { - "pm" = "dynamic"; - "pm.max_children" = "256"; - "pm.max_requests" = "500"; - "pm.max_spare_servers" = "16"; - "pm.min_spare_servers" = "2"; - "pm.start_servers" = "8"; - }; - - configureRedis = true; - caching.redis = true; - - notify_push = { - enable = true; - bendDomainToLocalhost = true; - }; - - settings = { - log_type = "syslog"; - syslog_tag = "nextcloud"; - "memories.exiftool" = "${lib.getExe pkgs.exiftool}"; - "memories.vod.ffmpeg" = "${lib.getExe pkgs.ffmpeg-headless}"; - "memories.vod.ffprobe" = "${pkgs.ffmpeg-headless}/bin/ffprobe"; - preview_ffmpeg_path = "${lib.getExe pkgs.ffmpeg-headless}"; - mail_smtpmode = "sendmail"; - mail_domain = "qo.is"; - }; - }; - - services.phpfpm.pools.nextcloud.settings = { - "pm.max_children" = lib.mkForce "256"; - "pm.max_spare_servers" = lib.mkForce "16"; - "pm.start_servers" = lib.mkForce "8"; - }; - - users.users.nextcloud.extraGroups = [ "postdrop" ]; - - systemd.services.nextcloud-cron = { - path = [ pkgs.perl ]; - }; - - environment.systemPackages = with pkgs; [ - nodejs # required for Recognize - ]; -} diff --git a/nixos-configurations/lindberg-nextcloud/applications/cloud.nix b/nixos-configurations/lindberg-nextcloud/applications/cloud.nix deleted file mode 100644 index 8e6b4ff..0000000 --- a/nixos-configurations/lindberg-nextcloud/applications/cloud.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, pkgs, ... }: -let - host = "cloud.qo.is"; -in -{ - - imports = [ ../../../defaults/nextcloud ]; - - services.postgresql.enable = true; - - services.nextcloud = { - hostName = host; - package = pkgs.nextcloud30; - settings.default_phone_region = "CH"; - }; - services.nginx.virtualHosts."${host}" = { - forceSSL = true; - enableACME = true; - kTLS = true; - }; -} diff --git a/nixos-configurations/lindberg-nextcloud/applications/default.nix b/nixos-configurations/lindberg-nextcloud/applications/default.nix index d872c18..9ffe05c 100644 --- a/nixos-configurations/lindberg-nextcloud/applications/default.nix +++ b/nixos-configurations/lindberg-nextcloud/applications/default.nix @@ -1,7 +1,9 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { - - imports = [ ./cloud.nix ]; - qois.postgresql.package = pkgs.postgresql_14; + + qois.cloud = { + enable = true; + package = pkgs.nextcloud30; + }; } diff --git a/defaults/nextcloud/README.md b/nixos-modules/cloud/README.md similarity index 100% rename from defaults/nextcloud/README.md rename to nixos-modules/cloud/README.md diff --git a/nixos-modules/cloud/default.nix b/nixos-modules/cloud/default.nix new file mode 100644 index 0000000..243df13 --- /dev/null +++ b/nixos-modules/cloud/default.nix @@ -0,0 +1,134 @@ +# Default configuration for hosts +{ + config, + lib, + pkgs, + ... +}: + +let + cfg = config.qois.cloud; +in +with lib; +{ + options.qois.cloud = { + enable = mkEnableOption "Enable qois cloud service"; + + domain = mkOption { + type = types.str; + default = "cloud.qo.is"; + description = "Domain, under which the service is served."; + }; + + package = mkOption { + type = types.package; + description = "Which package to use for the Nextcloud instance."; + relatedPackages = [ + "nextcloud28" + "nextcloud29" + "nextcloud30" + ]; + }; + }; + + config = mkIf cfg.enable { + + services.nginx.virtualHosts."${cfg.domain}" = { + forceSSL = true; + enableACME = true; + kTLS = true; + }; + + sops.secrets."nextcloud/admin" = with config.users.users.nextcloud; { + inherit group; + owner = name; + }; + + services.postgresql.enable = true; + qois.backup-client.includePaths = [ config.services.nextcloud.home ]; + + services.nextcloud = { + inherit (cfg) package; + enable = true; + hostName = cfg.domain; + https = true; + webfinger = true; + maxUploadSize = "10G"; + + database.createLocally = true; + + config = { + adminpassFile = config.sops.secrets."nextcloud/admin".path; + adminuser = "root"; + dbtype = "pgsql"; + }; + + appstoreEnable = false; + extraApps = { + inherit (config.services.nextcloud.package.passthru.packages.apps) + calendar + contacts + deck + groupfolders + maps + memories + music + news + notes + notify_push + tasks + twofactor_webauthn + ; + }; + + phpOptions = { + "opcache.interned_strings_buffer" = "23"; + }; + + poolSettings = { + "pm" = "dynamic"; + "pm.max_children" = "256"; + "pm.max_requests" = "500"; + "pm.max_spare_servers" = "16"; + "pm.min_spare_servers" = "2"; + "pm.start_servers" = "8"; + }; + + configureRedis = true; + caching.redis = true; + + notify_push = { + enable = true; + bendDomainToLocalhost = true; + }; + + settings = { + log_type = "syslog"; + syslog_tag = "nextcloud"; + "memories.exiftool" = "${lib.getExe pkgs.exiftool}"; + "memories.vod.ffmpeg" = "${lib.getExe pkgs.ffmpeg-headless}"; + "memories.vod.ffprobe" = "${pkgs.ffmpeg-headless}/bin/ffprobe"; + preview_ffmpeg_path = "${lib.getExe pkgs.ffmpeg-headless}"; + mail_smtpmode = "sendmail"; + mail_domain = "qo.is"; + default_phone_region = "CH"; + }; + }; + + services.phpfpm.pools.nextcloud.settings = { + "pm.max_children" = lib.mkForce "256"; + "pm.max_spare_servers" = lib.mkForce "16"; + "pm.start_servers" = lib.mkForce "8"; + }; + + users.users.nextcloud.extraGroups = [ "postdrop" ]; + + systemd.services.nextcloud-cron = { + path = [ pkgs.perl ]; + }; + + environment.systemPackages = with pkgs; [ + nodejs # required for Recognize + ]; + }; +} -- 2.47.2 From 94510a8cd9d2c46ce30e7cc9a1f78fd03c26e4dd Mon Sep 17 00:00:00 2001 From: Fabian Hauser Date: Fri, 21 Mar 2025 19:54:39 +0200 Subject: [PATCH 5/8] Move defaults/base-minimal to nixos-modules/system --- defaults/base-vm/default.nix | 1 - defaults/base/default.nix | 1 - {defaults/base-minimal => nixos-modules/system}/applications.nix | 0 {defaults/base-minimal => nixos-modules/system}/default.nix | 0 {defaults/base-minimal => nixos-modules/system}/etc/gitconfig | 0 {defaults/base-minimal => nixos-modules/system}/etc/vimrc | 0 {defaults/base-minimal => nixos-modules/system}/overlays.nix | 0 {defaults/base-minimal => nixos-modules/system}/security.nix | 0 {defaults/base-minimal => nixos-modules/system}/unfree.nix | 0 9 files changed, 2 deletions(-) rename {defaults/base-minimal => nixos-modules/system}/applications.nix (100%) rename {defaults/base-minimal => nixos-modules/system}/default.nix (100%) rename {defaults/base-minimal => nixos-modules/system}/etc/gitconfig (100%) rename {defaults/base-minimal => nixos-modules/system}/etc/vimrc (100%) rename {defaults/base-minimal => nixos-modules/system}/overlays.nix (100%) rename {defaults/base-minimal => nixos-modules/system}/security.nix (100%) rename {defaults/base-minimal => nixos-modules/system}/unfree.nix (100%) diff --git a/defaults/base-vm/default.nix b/defaults/base-vm/default.nix index c48196f..b0d624b 100644 --- a/defaults/base-vm/default.nix +++ b/defaults/base-vm/default.nix @@ -9,7 +9,6 @@ { imports = [ - ../base-minimal (modulesPath + "/profiles/qemu-guest.nix") ]; diff --git a/defaults/base/default.nix b/defaults/base/default.nix index 99a64fc..7b21c01 100644 --- a/defaults/base/default.nix +++ b/defaults/base/default.nix @@ -6,7 +6,6 @@ }: { imports = [ - ../base-minimal ./applications.nix ]; diff --git a/defaults/base-minimal/applications.nix b/nixos-modules/system/applications.nix similarity index 100% rename from defaults/base-minimal/applications.nix rename to nixos-modules/system/applications.nix diff --git a/defaults/base-minimal/default.nix b/nixos-modules/system/default.nix similarity index 100% rename from defaults/base-minimal/default.nix rename to nixos-modules/system/default.nix diff --git a/defaults/base-minimal/etc/gitconfig b/nixos-modules/system/etc/gitconfig similarity index 100% rename from defaults/base-minimal/etc/gitconfig rename to nixos-modules/system/etc/gitconfig diff --git a/defaults/base-minimal/etc/vimrc b/nixos-modules/system/etc/vimrc similarity index 100% rename from defaults/base-minimal/etc/vimrc rename to nixos-modules/system/etc/vimrc diff --git a/defaults/base-minimal/overlays.nix b/nixos-modules/system/overlays.nix similarity index 100% rename from defaults/base-minimal/overlays.nix rename to nixos-modules/system/overlays.nix diff --git a/defaults/base-minimal/security.nix b/nixos-modules/system/security.nix similarity index 100% rename from defaults/base-minimal/security.nix rename to nixos-modules/system/security.nix diff --git a/defaults/base-minimal/unfree.nix b/nixos-modules/system/unfree.nix similarity index 100% rename from defaults/base-minimal/unfree.nix rename to nixos-modules/system/unfree.nix -- 2.47.2 From 24b4b04df94b52f8b14ba208973923c1f01a088e Mon Sep 17 00:00:00 2001 From: Fabian Hauser Date: Fri, 21 Mar 2025 19:58:29 +0200 Subject: [PATCH 6/8] Move defaults/base-vm to nixos-modules/system/virtual-machine.nix --- defaults/base-vm/default.nix | 38 ------------ .../lindberg-build/default.nix | 2 +- .../lindberg-nextcloud/default.nix | 3 +- .../lindberg-webapps/default.nix | 3 +- nixos-modules/cloud/default.nix | 1 + nixos-modules/system/default.nix | 3 +- nixos-modules/system/virtual-machine.nix | 58 +++++++++++++++++++ 7 files changed, 66 insertions(+), 42 deletions(-) delete mode 100644 defaults/base-vm/default.nix create mode 100644 nixos-modules/system/virtual-machine.nix diff --git a/defaults/base-vm/default.nix b/defaults/base-vm/default.nix deleted file mode 100644 index b0d624b..0000000 --- a/defaults/base-vm/default.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ - config, - lib, - modulesPath, - pkgs, - ... -}: - -{ - - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot.loader.grub.enable = true; - - system.autoUpgrade.allowReboot = true; - - services.qemuGuest.enable = true; - - boot.initrd.availableKernelModules = [ - "ahci" - "xhci_pci" - "sr_mod" - ]; - - # Taken from https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/minimal.nix - documentation.enable = lib.mkDefault false; - - documentation.doc.enable = lib.mkDefault false; - - documentation.info.enable = lib.mkDefault false; - - documentation.man.enable = lib.mkDefault false; - - documentation.nixos.enable = lib.mkDefault false; - -} diff --git a/nixos-configurations/lindberg-build/default.nix b/nixos-configurations/lindberg-build/default.nix index 1cbfd2f..b0f1911 100644 --- a/nixos-configurations/lindberg-build/default.nix +++ b/nixos-configurations/lindberg-build/default.nix @@ -2,7 +2,6 @@ { imports = [ - ../../defaults/base-vm ../../defaults/meta ./applications @@ -10,6 +9,7 @@ ./networking.nix ./secrets.nix ]; + qois.system.virtual-machine.enable = true; # Set your time zone. time.timeZone = "Europe/Amsterdam"; diff --git a/nixos-configurations/lindberg-nextcloud/default.nix b/nixos-configurations/lindberg-nextcloud/default.nix index 78fc78d..d9ccc62 100644 --- a/nixos-configurations/lindberg-nextcloud/default.nix +++ b/nixos-configurations/lindberg-nextcloud/default.nix @@ -2,13 +2,14 @@ { imports = [ - ../../defaults/base-vm ../../defaults/meta ./applications ./backup.nix ./secrets.nix ]; + qois.system.virtual-machine.enable = true; + boot.loader.grub.device = "/dev/vda"; fileSystems."/" = { device = "/dev/disk/by-uuid/5b6823ec-921f-400a-a7c0-3fe34d56ae12"; diff --git a/nixos-configurations/lindberg-webapps/default.nix b/nixos-configurations/lindberg-webapps/default.nix index 1cbfd2f..f875d44 100644 --- a/nixos-configurations/lindberg-webapps/default.nix +++ b/nixos-configurations/lindberg-webapps/default.nix @@ -2,7 +2,6 @@ { imports = [ - ../../defaults/base-vm ../../defaults/meta ./applications @@ -11,6 +10,8 @@ ./secrets.nix ]; + qois.system.virtual-machine.enable = true; + # Set your time zone. time.timeZone = "Europe/Amsterdam"; diff --git a/nixos-modules/cloud/default.nix b/nixos-modules/cloud/default.nix index 243df13..db516bd 100644 --- a/nixos-modules/cloud/default.nix +++ b/nixos-modules/cloud/default.nix @@ -11,6 +11,7 @@ let in with lib; { + options.qois.cloud = { enable = mkEnableOption "Enable qois cloud service"; diff --git a/nixos-modules/system/default.nix b/nixos-modules/system/default.nix index ce133f9..7fd1b21 100644 --- a/nixos-modules/system/default.nix +++ b/nixos-modules/system/default.nix @@ -7,10 +7,11 @@ }: { imports = [ - ./unfree.nix ./applications.nix ./overlays.nix ./security.nix + ./unfree.nix + ./virtual-machine.nix ]; boot.loader.timeout = 2; diff --git a/nixos-modules/system/virtual-machine.nix b/nixos-modules/system/virtual-machine.nix new file mode 100644 index 0000000..5e5a8ae --- /dev/null +++ b/nixos-modules/system/virtual-machine.nix @@ -0,0 +1,58 @@ +{ + config, + lib, + ... +}: +let + cfg = config.qois.system.virtual-machine; +in +with lib; +{ + options.qois.system.virtual-machine.enable = + mkEnableOption "Enable qois system vm default configuration"; + + config = lib.mkIf cfg.enable { + + boot.loader.grub.enable = true; + + system.autoUpgrade.allowReboot = true; + + services.qemuGuest.enable = true; + + boot.initrd.availableKernelModules = + [ + "ahci" + "xhci_pci" + "sr_mod" + ] + ++ + # Taken from https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/qemu-guest.nix + [ + "virtio_net" + "virtio_pci" + "virtio_mmio" + "virtio_blk" + "virtio_scsi" + "9p" + "9pnet_virtio" + ]; + boot.initrd.kernelModules = [ + "virtio_balloon" + "virtio_console" + "virtio_rng" + "virtio_gpu" + ]; + + # Taken from https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/minimal.nix + documentation.enable = lib.mkDefault false; + + documentation.doc.enable = lib.mkDefault false; + + documentation.info.enable = lib.mkDefault false; + + documentation.man.enable = lib.mkDefault false; + + documentation.nixos.enable = lib.mkDefault false; + + }; +} -- 2.47.2 From b4cd63afe8185b2318772d810322001c03fe6df4 Mon Sep 17 00:00:00 2001 From: Fabian Hauser Date: Fri, 21 Mar 2025 20:19:29 +0200 Subject: [PATCH 7/8] Move defaults/base to nixos-modules/system/physical.nix --- defaults/base/applications.nix | 32 ------------ defaults/base/default.nix | 24 --------- nixos-configurations/calanda/default.nix | 3 +- nixos-configurations/cyprianspitz/default.nix | 3 +- nixos-configurations/lindberg/default.nix | 3 +- nixos-configurations/stompert/default.nix | 4 +- nixos-modules/system/default.nix | 1 + nixos-modules/system/physical.nix | 52 +++++++++++++++++++ 8 files changed, 62 insertions(+), 60 deletions(-) delete mode 100644 defaults/base/applications.nix delete mode 100644 defaults/base/default.nix create mode 100644 nixos-modules/system/physical.nix diff --git a/defaults/base/applications.nix b/defaults/base/applications.nix deleted file mode 100644 index 2829400..0000000 --- a/defaults/base/applications.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -{ - environment.systemPackages = - with pkgs; - [ - pciutils - dmidecode - smartmontools - iw - efibootmgr - efitools - efivar - pwgen - powertop - lm_sensors - ] - ++ [ - # Filesystem & Disk Utilities - hdparm - smartmontools - ] - ++ [ - # Networking Utilities - tcpdump - ]; -} diff --git a/defaults/base/default.nix b/defaults/base/default.nix deleted file mode 100644 index 7b21c01..0000000 --- a/defaults/base/default.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -{ - imports = [ - ./applications.nix - ]; - - # System Services - services.fwupd.enable = true; - - services.smartd = { - enable = true; - notifications.mail = { - enable = true; - mailer = "${pkgs.msmtp}/bin/sendmail"; - sender = "system@qo.is"; - recipient = "sysadmin@qo.is"; - }; - }; -} diff --git a/nixos-configurations/calanda/default.nix b/nixos-configurations/calanda/default.nix index dcc9bff..18bd0e2 100644 --- a/nixos-configurations/calanda/default.nix +++ b/nixos-configurations/calanda/default.nix @@ -7,10 +7,11 @@ ../../defaults/hardware/apu.nix - ../../defaults/base ../../defaults/meta ]; + qois.system.physical.enable = true; + # This value determines the NixOS release from which the default # settings for stateful data, like fi:le locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos-configurations/cyprianspitz/default.nix b/nixos-configurations/cyprianspitz/default.nix index 66ff7e7..a306350 100644 --- a/nixos-configurations/cyprianspitz/default.nix +++ b/nixos-configurations/cyprianspitz/default.nix @@ -11,10 +11,11 @@ ../../defaults/hardware/asrock-z790m.nix - ../../defaults/base ../../defaults/meta ]; + qois.system.physical.enable = true; + # Set your time zone. time.timeZone = "Europe/Amsterdam"; diff --git a/nixos-configurations/lindberg/default.nix b/nixos-configurations/lindberg/default.nix index 74a84b6..6c26cca 100644 --- a/nixos-configurations/lindberg/default.nix +++ b/nixos-configurations/lindberg/default.nix @@ -12,10 +12,11 @@ ../../defaults/hardware/asrock.nix - ../../defaults/base ../../defaults/meta ]; + qois.system.physical.enable = true; + # Set your time zone. time.timeZone = "Europe/Amsterdam"; diff --git a/nixos-configurations/stompert/default.nix b/nixos-configurations/stompert/default.nix index e9b7249..7419b91 100644 --- a/nixos-configurations/stompert/default.nix +++ b/nixos-configurations/stompert/default.nix @@ -7,10 +7,12 @@ { imports = [ ../../defaults/hardware/apu.nix - ../../defaults/base + ../../defaults/meta ]; + qois.system.physical.enable = true; + boot.initrd.luks.devices."systems".device = "/dev/disk/by-uuid/5718bd19-cb7a-4728-9ec4-6b2be48215fc"; diff --git a/nixos-modules/system/default.nix b/nixos-modules/system/default.nix index 7fd1b21..ed0dfb5 100644 --- a/nixos-modules/system/default.nix +++ b/nixos-modules/system/default.nix @@ -9,6 +9,7 @@ imports = [ ./applications.nix ./overlays.nix + ./physical.nix ./security.nix ./unfree.nix ./virtual-machine.nix diff --git a/nixos-modules/system/physical.nix b/nixos-modules/system/physical.nix new file mode 100644 index 0000000..2597bde --- /dev/null +++ b/nixos-modules/system/physical.nix @@ -0,0 +1,52 @@ +{ + config, + lib, + pkgs, + ... +}: +let + cfg = config.qois.system.physical; +in +with lib; +{ + options.qois.system.physical.enable = mkEnableOption "Enable qois physical system configuration"; + + config = lib.mkIf cfg.enable { + environment.systemPackages = + with pkgs; + [ + pciutils + dmidecode + smartmontools + iw + efibootmgr + efitools + efivar + pwgen + powertop + lm_sensors + ] + ++ [ + # Filesystem & Disk Utilities + hdparm + smartmontools + ] + ++ [ + # Networking Utilities + tcpdump + ]; + + # System Services + services.fwupd.enable = true; + + services.smartd = { + enable = true; + notifications.mail = { + enable = true; + mailer = "${pkgs.msmtp}/bin/sendmail"; + sender = "system@qo.is"; + recipient = "sysadmin@qo.is"; + }; + }; + }; +} -- 2.47.2 From c3962b9738312eb488011f1f0aee780f72e8a8ef Mon Sep 17 00:00:00 2001 From: Fabian Hauser Date: Fri, 21 Mar 2025 20:22:43 +0200 Subject: [PATCH 8/8] Remove outdated hardware configurations --- defaults/hardware/README.md | 4 -- defaults/hardware/nuc.nix | 33 --------------- ...0k-override-eeprom-regulatory-domain.patch | 40 ------------------- .../wle-regulatory-domain/default.nix | 23 ----------- defaults/hardware/wle200nx.nix | 11 ----- 5 files changed, 111 deletions(-) delete mode 100644 defaults/hardware/nuc.nix delete mode 100644 defaults/hardware/wle-regulatory-domain/ath10k-override-eeprom-regulatory-domain.patch delete mode 100644 defaults/hardware/wle-regulatory-domain/default.nix delete mode 100644 defaults/hardware/wle200nx.nix diff --git a/defaults/hardware/README.md b/defaults/hardware/README.md index 03a63cb..f59f745 100644 --- a/defaults/hardware/README.md +++ b/defaults/hardware/README.md @@ -9,7 +9,3 @@ To boot the nixos installer with the console port, add `console=ttyS0,115200n8` `F2`: Boot into BIOS `F11`: Select boot device - -# NUC - -- [Boot Keybindings](https://www.intel.com/content/www/us/en/support/articles/000005672/boards-and-kits/desktop-boards.html) diff --git a/defaults/hardware/nuc.nix b/defaults/hardware/nuc.nix deleted file mode 100644 index c90c220..0000000 --- a/defaults/hardware/nuc.nix +++ /dev/null @@ -1,33 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: - -{ - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - boot.initrd.availableKernelModules = [ - "xhci_pci" - "ahci" - "usbhid" - "usb_storage" - "sd_mod" - "e1000e" - "virtio-pci" - ]; - boot.initrd.kernelModules = [ ]; - # boot.kernelModules = [ "kvm-intel" "virtio" "tun" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - # boot.kernelParams = [ "console=ttyS0,115200n8" ]; - - hardware.cpu.intel.updateMicrocode = true; - powerManagement.cpuFreqGovernor = "ondemand"; - nix.settings.max-jobs = lib.mkDefault 8; -} diff --git a/defaults/hardware/wle-regulatory-domain/ath10k-override-eeprom-regulatory-domain.patch b/defaults/hardware/wle-regulatory-domain/ath10k-override-eeprom-regulatory-domain.patch deleted file mode 100644 index 1b1f775..0000000 --- a/defaults/hardware/wle-regulatory-domain/ath10k-override-eeprom-regulatory-domain.patch +++ /dev/null @@ -1,40 +0,0 @@ -diff --unified --recursive --text archlinux-linux/drivers/net/wireless/ath/regd.c archlinux-linux-patched/drivers/net/wireless/ath/regd.c ---- a/drivers/net/wireless/ath/regd.c 2019-08-29 18:31:52.749909030 +0200 -+++ b/drivers/net/wireless/ath/regd.c 2019-08-29 18:33:33.318773763 +0200 -@@ -345,6 +345,8 @@ - struct ieee80211_channel *ch; - unsigned int i; - -+ return; -+ - for (band = 0; band < NUM_NL80211_BANDS; band++) { - if (!wiphy->bands[band]) - continue; -@@ -378,6 +380,8 @@ - { - struct ieee80211_supported_band *sband; - -+ return; -+ - sband = wiphy->bands[NL80211_BAND_2GHZ]; - if (!sband) - return; -@@ -407,6 +411,8 @@ - struct ieee80211_channel *ch; - unsigned int i; - -+ return; -+ - if (!wiphy->bands[NL80211_BAND_5GHZ]) - return; - -@@ -639,6 +645,9 @@ - const struct ieee80211_regdomain *regd; - - wiphy->reg_notifier = reg_notifier; -+ -+ return 0; -+ - wiphy->regulatory_flags |= REGULATORY_STRICT_REG | - REGULATORY_CUSTOM_REG; - diff --git a/defaults/hardware/wle-regulatory-domain/default.nix b/defaults/hardware/wle-regulatory-domain/default.nix deleted file mode 100644 index fbf2cc7..0000000 --- a/defaults/hardware/wle-regulatory-domain/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -{ - boot.kernelPatches = [ - { - name = "ath10k-override-eeprom-regulatory-domain"; - patch = ./ath10k-override-eeprom-regulatory-domain.patch; - extraConfig = '' - EXPERT y - CFG80211_CERTIFICATION_ONUS y - ATH_REG_DYNAMIC_USER_REG_HINTS y - ATH_REG_DYNAMIC_USER_CERT_TESTING y - ATH_REG_DYNAMIC_USER_CERT_TESTING y - ATH9K_DFS_CERTIFIED y - ATH10K_DFS_CERTIFIED y - ''; - } - ]; -} diff --git a/defaults/hardware/wle200nx.nix b/defaults/hardware/wle200nx.nix deleted file mode 100644 index a8cf0f6..0000000 --- a/defaults/hardware/wle200nx.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -{ - services.hostapd.extraConfig = '' - ht_capab=[HT40-][HT40+][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40] - ''; -} -- 2.47.2