diff --git a/config/globals.nix b/config/globals.nix deleted file mode 100644 index c2ccdcb..0000000 --- a/config/globals.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ - domain = "porzh.me"; - admin = { - email = "dun0z@porzh.me"; - name = "DuN0z"; - }; - - smtp = { - host = "smtp.protonmail.ch"; - port = 587 ; - user = "contact@porzh.me"; - }; - - network = { - gateway = "192.168.50.1"; - pennsardin = { - ip = "192.168.50.12"; - }; - terre-neuvas = { - ip = "192.168.50.11"; - }; - }; - - services = { - forgejo = { - home = "/var/lib/services/forgejo"; - url = "govel.porzh.me"; - port = 3000; - }; - goaccess = { - home = "/var/lib/www/goaccess"; - url = "koum.porzh.me"; - }; - levr = { - home = "/var/lib/services/levr"; - build = "/var/lib/www/levr"; - url = "levr.porzh.me"; - }; - outline = { - url = "notes.porzh.me"; - port = 3001; - }; - }; -} diff --git a/hm/common/git.nix b/hm/common/git.nix index 2399f41..ec4c03b 100644 --- a/hm/common/git.nix +++ b/hm/common/git.nix @@ -1,11 +1,8 @@ -_: -let -globals = import ../../config/globals.nix; -in { +_: { programs.git = { enable = true; - userName = globals.admin.name; - userEmail = globals.admin.email; + userName = "DuN0z"; + userEmail = "dun0z@porzh.me"; }; } # vim: set ts=2 sw=2 sts=2 et : diff --git a/hm/users/lomig-desktop.nix b/hm/users/lomig-desktop.nix index 9be4152..b0c7d7a 100644 --- a/hm/users/lomig-desktop.nix +++ b/hm/users/lomig-desktop.nix @@ -3,6 +3,7 @@ ../desktop/bspwm.nix ./lomig.nix ]; + home.stateVersion = "25.05"; # ou ton actuelle home = { packages = with pkgs; [ fastfetch diff --git a/hosts/pennsardin/configuration.nix b/hosts/pennsardin/configuration.nix index 149c804..314ac4b 100644 --- a/hosts/pennsardin/configuration.nix +++ b/hosts/pennsardin/configuration.nix @@ -1,7 +1,4 @@ -{pkgs, ...}: -let - globals = import ../../config/globals.nix; -in { +{pkgs, ...}: { imports = [ ../../profiles/workstation-bspwm.nix ../../modules/hardware/bepovim.nix @@ -40,7 +37,7 @@ in { users.users.lomig = { isNormalUser = true; - extraGroups = [ "lp" "wheel"]; + extraGroups = ["networkmanager" "lp" "wheel"]; shell = pkgs.zsh; }; @@ -52,26 +49,21 @@ in { networking = { useNetworkd = true; firewall.allowedTCPPorts = [22 80 5900 5901 5902]; - interfaces = { - enp11s0 = { - useDHCP = false; - wakeOnLan.enable = true ; - br0 = { - useDHCP = false; - ipv4.addresses = [ - { - address = globals.network.pennsardin.ip; - prefixLength = 24; - } - ]; - }; + interfaces.enp11s0.useDHCP = false; + interfaces.br0 = { + useDHCP = false; + ipv4.addresses = [ + { + address = "192.168.50.12"; + prefixLength = 24; + } + ]; }; - defaultGateway = { interface = "br0"; - address = globals.network.gateway; + address = "192.168.50.1"; }; - nameservers = [ globals.network.gateway "1.1.1.1"]; + nameservers = ["192.168.50.1" "1.1.1.1"]; bridges.br0.interfaces = ["enp11s0"]; }; systemd.network = { diff --git a/hosts/terre-neuvas/configuration.nix b/hosts/terre-neuvas/configuration.nix index 92e1453..77b7456 100644 --- a/hosts/terre-neuvas/configuration.nix +++ b/hosts/terre-neuvas/configuration.nix @@ -5,9 +5,7 @@ config, pkgs, ... -}: let -globals = import ../../config/globals.nix ; -in { +}: { nix.settings.experimental-features = ["nix-command" "flakes"]; imports = [ # Include the results of the hardware scan. @@ -57,16 +55,16 @@ in { useDHCP = false; ipv4.addresses = [ { - address = globals.network.terre-neuvas.ip; + address = "192.168.0.3"; prefixLength = 24; } ]; }; defaultGateway = { interface = "br0"; - address = globals.network.gateway; + address = "192.168.0.254"; }; - nameservers = [ globals.network.gateway "1.1.1.1"]; + nameservers = ["192.168.0.254" "1.1.1.1"]; bridges.br0.interfaces = ["eno1"]; }; systemd.network = { diff --git a/modules/common/networking.nix b/modules/common/networking.nix index 98478b6..54957af 100644 --- a/modules/common/networking.nix +++ b/modules/common/networking.nix @@ -1,6 +1,8 @@ _: { networking = { nameservers = ["1.1.1.1" "8.8.8.8"]; + # dhcpcd.extraConfig = "nohook resolv.conf"; firewall.enable = true; + interfaces.enp11s0.wakeOnLan.enable = true; }; } diff --git a/modules/common/smtp.nix b/modules/common/smtp.nix index d185e82..51a3a4d 100644 --- a/modules/common/smtp.nix +++ b/modules/common/smtp.nix @@ -1,19 +1,16 @@ -{ config, pkgs, lib, ... }: -let -globals = import ../../config/globals.nix; -in { +{ config, pkgs, lib, ... }: { programs.msmtp = { enable = true; accounts.default = { - host = globals.smtp.host; - port = globals.smtp.port; + host = "smtp.protonmail.ch"; + port = 587; auth = true; tls = true; tls_starttls = true; - user = globals.smtp.user; + user = "contact@porzh.me"; passwordeval = "cat /run/secrets/proton_pass"; - from = globals.smtp.user; + from = "contact@porzh.me"; }; }; @@ -26,4 +23,4 @@ in { ]; environment.pathsToLink = [ "/etc/alternatives" "/usr/sbin" ]; -} + } diff --git a/modules/roles/workstation.nix b/modules/roles/workstation.nix index b99a5c7..0ccf5d6 100644 --- a/modules/roles/workstation.nix +++ b/modules/roles/workstation.nix @@ -1,10 +1,18 @@ {pkgs, ...}: { imports = [ ../common/nix.nix + + # Matériel ../hardware/gpu-amd.nix ../hardware/sensors-zenpower.nix + + # Virtualisation/tuning ../virtual/kvm-amd.nix ../virtual/vfio.nix + + # Dev + # ../dev/qemu.nix + # ../virtual/truenas.nix # seulement si tu l’utilises sur ce host ]; environment.systemPackages = with pkgs; [ diff --git a/modules/services/forgejo.nix b/modules/services/forgejo.nix index ad0fb13..14c4c94 100644 --- a/modules/services/forgejo.nix +++ b/modules/services/forgejo.nix @@ -1,7 +1,4 @@ -{pkgs, ...}: -let - globals = import ../../config/globals.nix; -in { +{pkgs, ...}: { # --- Utilisateur dédié --- users.users.git = { isSystemUser = true; @@ -23,10 +20,10 @@ in { }; settings = { server = { - DOMAIN = globals.services.forgejo.url ; - ROOT_URL = "https://${globals.services.forgejo.url}/"; - SSH_DOMAIN = globals.services.forgejo.url; - HTTP_PORT = globals.services.forgejo.port; + DOMAIN = "govel.porzh.me"; + ROOT_URL = "https://govel.porzh.me/"; + SSH_DOMAIN = "govel.porzh.me"; + HTTP_PORT = 3000; SSH_PORT = 22; START_SSH_SERVER = false; }; @@ -35,16 +32,16 @@ in { REGISTER_EMAIL_CONFIRM = false; }; repository = { - DEFAULT_BRANCH = "master"; + DEFAULT_BRANCH = "main"; }; }; }; openssh.enable = true; caddy = { enable = true; - virtualHosts.${globals.services.forgejo.url} = { + virtualHosts."govel.porzh.me" = { extraConfig = '' - reverse_proxy localhost:${toString globals.services.forgejo.port} + reverse_proxy localhost:3000 ''; }; }; diff --git a/modules/services/goaccess.nix b/modules/services/goaccess.nix index 7391f20..35e95f8 100644 --- a/modules/services/goaccess.nix +++ b/modules/services/goaccess.nix @@ -1,7 +1,4 @@ -{pkgs, ...}: -let - globals = import ../../config/globals.nix ; -in { +{pkgs, ...}: { environment.systemPackages = with pkgs; [ goaccess ]; @@ -10,7 +7,7 @@ in { systemd.services.goaccess-report = { description = "Generate GoAccess HTML report"; serviceConfig = { - ExecStart = "${pkgs.goaccess}/bin/goaccess /var/log/caddy/access-${globals.services.levr.url}.log --log-format=CADDY -o ${globals.services.goaccess.home}/index.html"; + ExecStart = "${pkgs.goaccess}/bin/goaccess /var/log/caddy/access-levr.porzh.me.log --log-format=CADDY -o /var/www/goaccess/index.html"; }; }; @@ -25,9 +22,9 @@ in { }; services.caddy = { virtualHosts = { - "${globals.services.goaccess.url}" = { + "koum.porzh.me" = { extraConfig = '' - root * ${globals.services.goaccess.home} + root * /var/www/goaccess file_server browse try_files {path} {path}/ /index.html diff --git a/modules/services/outline.nix b/modules/services/outline.nix index 7594138..be601f0 100644 --- a/modules/services/outline.nix +++ b/modules/services/outline.nix @@ -1,29 +1,26 @@ -{ config, pkgs, lib, ... }: -let - globals = import ../../config/globals.nix ; -in { +{ config, pkgs, lib, ... }: { services = { outline = { enable = true; - port = globals.services.outline.port ; - publicUrl = "http://${globals.services.outline.url}"; + port = 3002 ; + publicUrl = "http://notes.porzh.me"; forceHttps = true; smtp = { - host = globals.smtp.host ; - username = globals.smtp.user ; - passwordFile = "/etc/secrets/protonpass"; - fromEmail = globals.smtp.user; - replyEmail = globals.smtp.user; - port = globals.smtp.port; + host = "smtp.protonmail.ch"; + username = "contact@porzh.me"; + passwordFile = "/run/secrets/proton_pass"; + fromEmail = "contact@porzh.me"; + replyEmail = "contact@porzh.me"; + port = 587 ; secure = false; }; storage.storageType = "local"; }; caddy = { enable = true; - virtualHosts.${globals.services.outline.url} = { + virtualHosts."notes.porzh.me" = { extraConfig = '' - reverse_proxy localhost:${toString globals.services.outline.port} + reverse_proxy localhost:3002 ''; }; }; diff --git a/modules/sites/levr.porzh.me.nix b/modules/sites/levr.porzh.me.nix index ee0b1ac..41fa232 100644 --- a/modules/sites/levr.porzh.me.nix +++ b/modules/sites/levr.porzh.me.nix @@ -1,7 +1,4 @@ -{ pkgs, lib, ...}: -let - globals = import ../../config/globals.nix ; -in { +{ pkgs, lib, ...}: { environment.systemPackages = with pkgs; [ hugo ]; @@ -9,8 +6,8 @@ in { description = "Auto build du blog hugo"; serviceConfig = { Type = "oneshot"; - WorkingDirectory = globals.services.levr.home ; - ExecStart = ''${pkgs.hugo}/bin/hugo --minify build -d ${globals.services.levr.build}''; + WorkingDirectory = "/srv/blog" ; + ExecStart = ''${pkgs.hugo}/bin/hugo --minify build -d /srv/blog/public''; User = "lomig"; }; }; @@ -26,7 +23,7 @@ in { description = "Synchronisation du dépôt Hugo"; serviceConfig = { Type = "oneshot"; - WorkingDirectory = globals.services.levr.home; + WorkingDirectory = "/srv/blog"; ExecStart = "${pkgs.git}/bin/git pull origin master"; User = "lomig"; }; @@ -44,17 +41,17 @@ in { services.caddy = { enable = true; virtualHosts = { - "${globals.services.levr.url}" = { + "levr.porzh.me" = { extraConfig = '' @http { protocol http } redir @http https://{host}{uri} permanent - root * ${globals.services.levr.build} + root * /srv/blog/public file_server log { - output file /var/log/caddy/access-${globals.services.levr.url}.log + output file /var/log/caddy/access-levr.porzh.me.log } ''; }; diff --git a/modules/sites/porzh.me.nix b/modules/sites/porzh.me.nix index 5491bb3..145e665 100644 --- a/modules/sites/porzh.me.nix +++ b/modules/sites/porzh.me.nix @@ -1,5 +1,4 @@ {pkgs, ...}: let - globals = import ../../config/globals.nix ; porzhSite = pkgs.stdenv.mkDerivation { pname = "porzh-site"; version = "1.0"; @@ -14,8 +13,8 @@ in { services.caddy = { enable = true; virtualHosts = { - "${globals.domain}" = { - serverAliases = [ "www.${globals.domain}" ]; + "porzh.me" = { + serverAliases = ["www.porzh.me"]; extraConfig = '' root * ${porzhSite} file_server