diff --git a/hm/desktop/bspwm.nix b/hm/desktop/bspwm.nix index 302d6b8..b92376e 100644 --- a/hm/desktop/bspwm.nix +++ b/hm/desktop/bspwm.nix @@ -37,7 +37,7 @@ xsession = { enable = true; - xsession.windowManager.bspwm = { + windowManager.bspwm = { enable = true; # Démarrages au login X diff --git a/hm/users/lomig-desktop.nix b/hm/users/lomig-desktop.nix index b0c7d7a..9be4152 100644 --- a/hm/users/lomig-desktop.nix +++ b/hm/users/lomig-desktop.nix @@ -3,7 +3,6 @@ ../desktop/bspwm.nix ./lomig.nix ]; - home.stateVersion = "25.05"; # ou ton actuelle home = { packages = with pkgs; [ fastfetch diff --git a/hosts/pennsardin/configuration.nix b/hosts/pennsardin/configuration.nix index a2b0acf..149c804 100644 --- a/hosts/pennsardin/configuration.nix +++ b/hosts/pennsardin/configuration.nix @@ -1,4 +1,7 @@ -{pkgs, ...}: { +{pkgs, ...}: +let + globals = import ../../config/globals.nix; +in { imports = [ ../../profiles/workstation-bspwm.nix ../../modules/hardware/bepovim.nix @@ -37,7 +40,7 @@ users.users.lomig = { isNormalUser = true; - extraGroups = ["networkmanager" "lp" "wheel"]; + extraGroups = [ "lp" "wheel"]; shell = pkgs.zsh; }; @@ -49,21 +52,26 @@ networking = { useNetworkd = true; firewall.allowedTCPPorts = [22 80 5900 5901 5902]; - interfaces.enp11s0.useDHCP = false; - interfaces.br0 = { - useDHCP = false; - ipv4.addresses = [ - { - address = "192.168.0.2"; - prefixLength = 24; - } - ]; + interfaces = { + enp11s0 = { + useDHCP = false; + wakeOnLan.enable = true ; + br0 = { + useDHCP = false; + ipv4.addresses = [ + { + address = globals.network.pennsardin.ip; + prefixLength = 24; + } + ]; + }; }; + defaultGateway = { interface = "br0"; - address = "192.168.0.254"; + address = globals.network.gateway; }; - nameservers = ["192.168.0.254" "1.1.1.1"]; + nameservers = [ globals.network.gateway "1.1.1.1"]; bridges.br0.interfaces = ["enp11s0"]; }; systemd.network = { diff --git a/modules/common/networking.nix b/modules/common/networking.nix index 54957af..98478b6 100644 --- a/modules/common/networking.nix +++ b/modules/common/networking.nix @@ -1,8 +1,6 @@ _: { networking = { nameservers = ["1.1.1.1" "8.8.8.8"]; - # dhcpcd.extraConfig = "nohook resolv.conf"; firewall.enable = true; - interfaces.enp11s0.wakeOnLan.enable = true; }; } diff --git a/modules/roles/workstation.nix b/modules/roles/workstation.nix index 0ccf5d6..b99a5c7 100644 --- a/modules/roles/workstation.nix +++ b/modules/roles/workstation.nix @@ -1,18 +1,10 @@ {pkgs, ...}: { imports = [ ../common/nix.nix - - # Matériel ../hardware/gpu-amd.nix ../hardware/sensors-zenpower.nix - - # Virtualisation/tuning ../virtual/kvm-amd.nix ../virtual/vfio.nix - - # Dev - # ../dev/qemu.nix - # ../virtual/truenas.nix # seulement si tu l’utilises sur ce host ]; environment.systemPackages = with pkgs; [ diff --git a/modules/services/forgejo.nix b/modules/services/forgejo.nix index 14c4c94..be5b644 100644 --- a/modules/services/forgejo.nix +++ b/modules/services/forgejo.nix @@ -1,4 +1,7 @@ -{pkgs, ...}: { +{pkgs, ...}: +let + import ../../config/globals.nix; +in { # --- Utilisateur dédié --- users.users.git = { isSystemUser = true; @@ -20,10 +23,10 @@ }; settings = { server = { - DOMAIN = "govel.porzh.me"; - ROOT_URL = "https://govel.porzh.me/"; - SSH_DOMAIN = "govel.porzh.me"; - HTTP_PORT = 3000; + DOMAIN = globals.services.forgejo.url ; + ROOT_URL = "https://${globals.services.forgejo.url}/"; + SSH_DOMAIN = globals.services.forgejo.url; + HTTP_PORT = globals.services.forgejo.port; SSH_PORT = 22; START_SSH_SERVER = false; }; @@ -32,16 +35,16 @@ REGISTER_EMAIL_CONFIRM = false; }; repository = { - DEFAULT_BRANCH = "main"; + DEFAULT_BRANCH = "master"; }; }; }; openssh.enable = true; caddy = { enable = true; - virtualHosts."govel.porzh.me" = { + virtualHosts.${globals.services.forgejo.url} = { extraConfig = '' - reverse_proxy localhost:3000 + reverse_proxy localhost:${globals.services.forgejo.port} ''; }; }; diff --git a/modules/services/goaccess.nix b/modules/services/goaccess.nix index 35e95f8..c39c469 100644 --- a/modules/services/goaccess.nix +++ b/modules/services/goaccess.nix @@ -1,4 +1,7 @@ -{pkgs, ...}: { +{pkgs, ...}: +let + imports = ../../config/globals.nix ; +in { environment.systemPackages = with pkgs; [ goaccess ]; @@ -7,7 +10,7 @@ systemd.services.goaccess-report = { description = "Generate GoAccess HTML report"; serviceConfig = { - ExecStart = "${pkgs.goaccess}/bin/goaccess /var/log/caddy/access-levr.porzh.me.log --log-format=CADDY -o /var/www/goaccess/index.html"; + ExecStart = "${pkgs.goaccess}/bin/goaccess /var/log/caddy/access-${globals.services.levr.url}.log --log-format=CADDY -o ${globals.services.goaccess.home}/index.html"; }; }; @@ -22,9 +25,9 @@ }; services.caddy = { virtualHosts = { - "koum.porzh.me" = { + globals.services.goaccess.url = { extraConfig = '' - root * /var/www/goaccess + root * ${globals.services.goaccess.home} file_server browse try_files {path} {path}/ /index.html diff --git a/modules/services/outline.nix b/modules/services/outline.nix index be601f0..8aaefd8 100644 --- a/modules/services/outline.nix +++ b/modules/services/outline.nix @@ -1,26 +1,29 @@ -{ config, pkgs, lib, ... }: { +{ config, pkgs, lib, ... }: +let + import ../../config/globals.nix ; +in { services = { outline = { enable = true; - port = 3002 ; - publicUrl = "http://notes.porzh.me"; + port = globals.services.outline.port ; + publicUrl = "http://${globals.services.outline.url}"; forceHttps = true; smtp = { - host = "smtp.protonmail.ch"; - username = "contact@porzh.me"; + host = globals.smtp.host ; + username = globals.smtp.user ; passwordFile = "/run/secrets/proton_pass"; - fromEmail = "contact@porzh.me"; - replyEmail = "contact@porzh.me"; - port = 587 ; + fromEmail = globals.smtp.user; + replyEmail = globals.smtp.user; + port = globals.smtp.port; secure = false; }; storage.storageType = "local"; }; caddy = { enable = true; - virtualHosts."notes.porzh.me" = { + virtualHosts.${globals.services.outline.url} = { extraConfig = '' - reverse_proxy localhost:3002 + reverse_proxy localhost:${globals.services.outline.port} ''; }; }; diff --git a/modules/sites/levr.porzh.me.nix b/modules/sites/levr.porzh.me.nix index 41fa232..08c0839 100644 --- a/modules/sites/levr.porzh.me.nix +++ b/modules/sites/levr.porzh.me.nix @@ -1,4 +1,7 @@ -{ pkgs, lib, ...}: { +{ pkgs, lib, ...}: +let + import = ../../config/globals.nix ; +in { environment.systemPackages = with pkgs; [ hugo ]; @@ -6,8 +9,8 @@ description = "Auto build du blog hugo"; serviceConfig = { Type = "oneshot"; - WorkingDirectory = "/srv/blog" ; - ExecStart = ''${pkgs.hugo}/bin/hugo --minify build -d /srv/blog/public''; + WorkingDirectory = globals.services.levr.home ; + ExecStart = ''${pkgs.hugo}/bin/hugo --minify build -d ${globals.services.levr.build}''; User = "lomig"; }; }; @@ -23,7 +26,7 @@ description = "Synchronisation du dépôt Hugo"; serviceConfig = { Type = "oneshot"; - WorkingDirectory = "/srv/blog"; + WorkingDirectory = globals.services.levr.home; ExecStart = "${pkgs.git}/bin/git pull origin master"; User = "lomig"; }; @@ -41,17 +44,17 @@ services.caddy = { enable = true; virtualHosts = { - "levr.porzh.me" = { + globals.services.levr.url = { extraConfig = '' @http { protocol http } redir @http https://{host}{uri} permanent - root * /srv/blog/public + root * ${globals.services.levr.build} file_server log { - output file /var/log/caddy/access-levr.porzh.me.log + output file /var/log/caddy/access-${global.services.levr.url}.log } ''; }; diff --git a/modules/sites/porzh.me.nix b/modules/sites/porzh.me.nix index 145e665..5ce0726 100644 --- a/modules/sites/porzh.me.nix +++ b/modules/sites/porzh.me.nix @@ -1,4 +1,5 @@ {pkgs, ...}: let + import ../../config/globals.nix ; porzhSite = pkgs.stdenv.mkDerivation { pname = "porzh-site"; version = "1.0"; @@ -13,8 +14,8 @@ in { services.caddy = { enable = true; virtualHosts = { - "porzh.me" = { - serverAliases = ["www.porzh.me"]; + globals.domain = { + serverAliases = [ "www.${globals.domain}" ]; extraConfig = '' root * ${porzhSite} file_server