lyes/nixfiles
1
0
Fork 0
Code Issues Pull requests 1 Activity Actions

Fixing all warnings

Browse source
This commit is contained in:
Lyes Saadi 2026-03-06 20:34:14 +01:00
parent 32720ae712
commit 169912a47b
Signed by: lyes
GPG key ID: 55A1D803917CF39A
15 changed files with 124 additions and 92 deletions
Download patch file Download diff file Expand all files Collapse all files

5
modules/server/baba/default.nix
View file

@ -7,7 +7,7 @@
services.nextcloud = {
enable = true;
package = pkgs.nextcloud32;
package = pkgs.nextcloud33;
hostName = "cloud.lyes.eu";
https = true;
configureRedis = true;
@ -15,7 +15,8 @@
extraAppsEnable = true;
extraApps = {
inherit (config.services.nextcloud.package.packages.apps) mail calendar contacts cospend user_oidc notes richdocuments tasks news dav_push repod gpoddersync phonetrack music;
inherit (config.services.nextcloud.package.packages.apps) mail calendar contacts cospend user_oidc notes richdocuments tasks dav_push repod gpoddersync phonetrack music;
# inherit (config.services.nextcloud.package.packages.apps) mail calendar contacts cospend user_oidc notes richdocuments tasks news dav_push repod gpoddersync phonetrack music;
# gpoddersync = pkgs.fetchNextcloudApp {
# hash = "sha256-EQVs1fe0ierjqFZ5+KVc1Yj67zrwjLBAzY5A+QsC7AU=";
# url = "https://github.com/thrillfall/nextcloud-gpodder/releases/download/3.13.2r/gpoddersync.tar.gz";

2
modules/server/lanayru/default.nix
View file

@ -42,6 +42,8 @@
};
};
networking.vpn-netns.encapsulatedServices.suwayomi-server.enable = true;
age.secrets = {
suwayomi-pass = {
file = ../../../secrets/zora/services/lanayru-pass.age;

11
modules/server/link/client.nix
View file

@ -2,12 +2,13 @@
{
services.kanidm = {
package = pkgs.kanidmWithSecretProvisioning_1_8;
package = pkgs.kanidmWithSecretProvisioning_1_9;
enableClient = true;
clientSettings = {
uri = "https://auth.lyes.eu";
client = {
enable = true;
settings = {
uri = "https://auth.lyes.eu";
};
};
};
}

26
modules/server/link/default.nix
View file

@ -13,19 +13,21 @@ in
services.kanidm = {
# package = pkgs.kanidmWithSecretProvisioning_1_7;
enableServer = true;
serverSettings = {
bindaddress = "127.0.0.1:${port}";
ldapbindaddress = "0.0.0.0:636";
domain = hostname;
origin = "https://${hostname}";
tls_chain = "/var/lib/acme/${hostname}/cert.pem";
tls_key = "/var/lib/acme/${hostname}/key.pem";
server = {
enable = true;
settings = {
bindaddress = "127.0.0.1:${port}";
ldapbindaddress = "0.0.0.0:636";
domain = hostname;
origin = "https://${hostname}";
tls_chain = "/var/lib/acme/${hostname}/cert.pem";
tls_key = "/var/lib/acme/${hostname}/key.pem";
online_backup = {
path = "/var/data/backups/kanidm";
schedule = "00 06 * * *";
versions = 5;
online_backup = {
path = "/var/data/backups/kanidm";
schedule = "00 06 * * *";
versions = 5;
};
};
};

6
modules/server/mogma/forwarding.nix
View file

@ -32,6 +32,8 @@ let
} forwardedServices;
serviceList = lib.mapAttrsToList (name: _: name + ".service") forwardedServices;
encServicesList = lib.mapAttrsToList (name: _: name + ".service") cfg.encapsulatedServices;
in
lib.mkIf (forwardedServices != { } && cfg.portForwarding.enable) {
assertions = [
@ -49,8 +51,8 @@ lib.mkIf (forwardedServices != { } && cfg.portForwarding.enable) {
services.natpmpc-lease = {
description = "Request VPN port forwarding leases.";
wantedBy = serviceList;
after = [ "wireguard.target" ];
# wantedBy = serviceList;
after = [ "wireguard.target" ] ++ encServicesList;
wants = [ "wireguard.target" ];
# preStart = "sleep 3";