changed deployment options and some fixes

2024-04-27 19:35:52 +02:00 · 2024-04-27 19:35:52 +02:00 · 82604fd3d2
parent e4fd5ee179
commit 82604fd3d2
10 changed files with 33 additions and 51 deletions
--- a/config/common/default.nix
+++ b/config/common/default.nix
@ -28,13 +28,7 @@ with lib; {
    fish.enable = true;
  };

-  kyouma.tags = [ "all" ];
-#  deployment = { 
-#    tags = [ "all" ];
-#    targetHost = mkDefault config.networking.fqdn;
-#    targetPort = mkDefault 22;
-#    targetUser = mkDefault null;
-#  };
+  kyouma.deployment.tags = [ "all" ];

  security.dhparams.defaultBitSize = 4096;

--- a/config/hosts/crime/nginx.nix
+++ b/config/hosts/crime/nginx.nix
@ -81,32 +81,32 @@ in {
        useACMEHost = "fentanyl.trade";
      };
    };
-    createHost = {
-      "watch.kyouma.net" = { redirectTo = "fentanyl.trade"; };
-      "redirect" = {
-        default = true;
-        reuseport = true;
-        useACMEHost = "fentanyl.trade";
-        extraConfig = ''
-          return 403;
-        '';
-      };
-      "crime.kyouma.net" = {
-        listenAddresses = [ "[2a0f:be01:0:100::1338]" ];
-        locations = {
-          "/".root = landingPage;
-          "/sonarr/" = {
-            proxyPass = "http://127.0.0.1:8989";
-            recommendedProxySettings = true;
-          };
-          "/radarr/" = {
-            proxyPass = "http://127.0.0.1:7878";
-            recommendedProxySettings = true;
-          };
-          "/prowlarr/" = {
-            proxyPass = "http://127.0.0.1:9696";
-            recommendedProxySettings = true;
-          };
+  };
+  kyouma.nginx.virtualHosts = {
+    "watch.kyouma.net" = { redirectTo = "fentanyl.trade"; };
+    "redirect" = {
+      default = true;
+      reuseport = true;
+      useACMEHost = "fentanyl.trade";
+      extraConfig = ''
+        return 403;
+      '';
+    };
+    "crime.kyouma.net" = {
+      listenAddresses = [ "[2a0f:be01:0:100::1338]" ];
+      locations = {
+        "/".root = landingPage;
+        "/sonarr/" = {
+          proxyPass = "http://127.0.0.1:8989";
+          recommendedProxySettings = true;
+        };
+        "/radarr/" = {
+          proxyPass = "http://127.0.0.1:7878";
+          recommendedProxySettings = true;
+        };
+        "/prowlarr/" = {
+          proxyPass = "http://127.0.0.1:9696";
+          recommendedProxySettings = true;
        };
      };
    };
--- a/config/hosts/girldick/configuration.nix
+++ b/config/hosts/girldick/configuration.nix
@ -7,9 +7,6 @@
    ../../services/nginx.nix
    ../../services/nyastodon.nix
  ];
-  deployment = {
-    targetUser = lib.mkForce "emily";
-  };
  networking = {
    domain = lib.mkForce "girldick.gay";
    hostName = "staging";
--- a/config/hosts/lain/configuration.nix
+++ b/config/hosts/lain/configuration.nix
@ -6,9 +6,7 @@
    ../../profiles/headless.nix
  ];

-  deployment = {
-    targetHost = "192.168.178.171";
-  };
+  kyouma.deployment.targetHost = "192.168.178.171";

  networking = {
    hostName = "lain";
--- a/config/hosts/ryuuko/configuration.nix
+++ b/config/hosts/ryuuko/configuration.nix
@ -27,11 +27,6 @@
    efi.canTouchEfiVariables = true;
  };

-  deployment = {
-    targetHost = null;
-    targetUser = "emily";
-  };
-
  hardware.bluetooth.enable = true;
  hardware.cpu.intel.updateMicrocode = true;
  hardware.gpgSmartcards.enable = true;
--- a/config/hosts/seras/configuration.nix
+++ b/config/hosts/seras/configuration.nix
@ -7,8 +7,6 @@
  ];
  boot.binfmt.emulatedSystems = ["aarch64-linux"];

-  deployment.targetUser = lib.mkForce "emily";
-
  networking = {
    hostName = "seras";
    nftables.enable = lib.mkForce false;
--- a/config/hosts/web-dus/configuration.nix
+++ b/config/hosts/web-dus/configuration.nix
@ -1,4 +1,4 @@
-{ config, inputs, pkgs, ... }: { 
+{ config, inputs, lib, pkgs, ... }: { 
  imports = [
    inputs.fernglas.nixosModules.default
    inputs.kyouma-www.nixosModules.default
@ -10,7 +10,7 @@
  ];
  networking = {
    hostName = "web-dus";
-    nftables.enable = mkForce false;
+    nftables.enable = lib.mkForce false;
    firewall.allowedTCPPorts = [ 80 443 11019 ];
    firewall.allowedUDPPorts = [ 443 ];
  };
--- a/config/profiles/graphical/default.nix
+++ b/config/profiles/graphical/default.nix
@ -7,7 +7,6 @@
  ];

  kyouma.machine-type.graphical = true;
-  deployment.allowLocalDeployment = true;

  hardware.opengl.enable = true;
  
--- a/config/profiles/lxc.nix
+++ b/config/profiles/lxc.nix
@ -9,7 +9,8 @@ with lib; {
    manageHostName = true;
  };
  kyouma.machine-type.virtual = true;
-  deployment.tags = [ "pve-lxc" ];
+  kyouma.deployment.tags = [ "pve-lxc" ];
+
  networking.useDHCP = false;
  networking.useHostResolvConf = false;
 }
--- a/config/services/nginx.nix
+++ b/config/services/nginx.nix
@ -1,5 +1,5 @@
 { config, pkgs, lib, ... }: with lib; {
-  deployment.tags = [ "web" ];
+  kyouma.deployment.tags = [ "web" ];
  security.dhparams.enable = true;
  security.dhparams.params.nginx = {};
  security.acme = {