Refactor

refactor
Refactor: global.nix
2025-10-09 17:50:49 +02:00 · 2025-10-09 17:46:15 +02:00 · 2025-10-09 17:41:20 +02:00 · 2025-10-09 17:40:43 +02:00 · 2025-10-09 15:36:54 +02:00 · 2025-10-09 15:34:37 +02:00
13 changed files with 131 additions and 69 deletions
--- a/config/globals.nix
+++ b/config/globals.nix
@ -0,0 +1,44 @@
 {
  domain = "porzh.me";
  admin = {
    email = "dun0z@porzh.me";
    name = "DuN0z";
  };
  smtp = {
    host = "smtp.protonmail.ch";
    port = 587 ;
    user = "contact@porzh.me";
  };
  network = {
    gateway = "192.168.50.1";
    pennsardin = {
      ip = "192.168.50.12";
    };
    terre-neuvas = {
      ip = "192.168.50.11";
    };
  };
  services = {
    forgejo = {
      home = "/var/lib/services/forgejo";
      url = "govel.porzh.me";
      port = 3000;
    };
    goaccess = {
      home = "/var/lib/www/goaccess";
      url = "koum.porzh.me";
    };
    levr = {
      home = "/var/lib/services/levr";
      build = "/var/lib/www/levr";
      url = "levr.porzh.me";
    };
    outline = {
      url = "notes.porzh.me";
      port = 3001;
    };
  };
 }
--- a/hm/common/git.nix
+++ b/hm/common/git.nix
@ -1,8 +1,11 @@
-_: {
+_:
 let
 globals = import ../../config/globals.nix;
 in {
  programs.git = {
    enable = true;
-    userName = "DuN0z";
+    userName = globals.admin.name;
-    userEmail = "dun0z@porzh.me";
+    userEmail = globals.admin.email;
  };
 }
 # vim: set ts=2 sw=2 sts=2 et :
--- a/hm/users/lomig-desktop.nix
+++ b/hm/users/lomig-desktop.nix
@ -3,7 +3,6 @@
    ../desktop/bspwm.nix
    ./lomig.nix
  ];
  home.stateVersion = "25.05"; # ou ton actuelle
  home = {
    packages = with pkgs; [
      fastfetch
--- a/hosts/pennsardin/configuration.nix
+++ b/hosts/pennsardin/configuration.nix
@ -1,4 +1,7 @@
-{pkgs, ...}: {
+{pkgs, ...}: 
 let 
  globals = import ../../config/globals.nix;
 in {
  imports = [
    ../../profiles/workstation-bspwm.nix
    ../../modules/hardware/bepovim.nix
@ -37,7 +40,7 @@
  users.users.lomig = {
    isNormalUser = true;
-    extraGroups = ["networkmanager" "lp" "wheel"];
+    extraGroups = [ "lp" "wheel"];
    shell = pkgs.zsh;
  };
@ -49,21 +52,26 @@
  networking = {
    useNetworkd = true;
    firewall.allowedTCPPorts = [22 80 5900 5901 5902];
-    interfaces.enp11s0.useDHCP = false;
+    interfaces = {
-    interfaces.br0 = {
+      enp11s0 = {
-      useDHCP = false;
+        useDHCP = false;
-      ipv4.addresses = [
+        wakeOnLan.enable = true ;
-        {
+      br0 = {
-          address = "192.168.50.12";
+        useDHCP = false;
-          prefixLength = 24;
+        ipv4.addresses = [
-        }
+          {
-      ];
+            address = globals.network.pennsardin.ip;
            prefixLength = 24;
          }
        ];
      };
    };
    defaultGateway = {
      interface = "br0";
-      address = "192.168.50.1";
+      address = globals.network.gateway;
    };
-    nameservers = ["192.168.50.1" "1.1.1.1"];
+    nameservers = [ globals.network.gateway  "1.1.1.1"];
    bridges.br0.interfaces = ["enp11s0"];
  };
  systemd.network = {
--- a/hosts/terre-neuvas/configuration.nix
+++ b/hosts/terre-neuvas/configuration.nix
@ -5,7 +5,9 @@
  config,
  pkgs,
  ...
-}: {
+}: let 
 globals = import ../../config/globals.nix ;
 in {
  nix.settings.experimental-features = ["nix-command" "flakes"];
  imports = [
    # Include the results of the hardware scan.
@ -55,16 +57,16 @@
      useDHCP = false;
      ipv4.addresses = [
        {
-          address = "192.168.0.3";
+          address = globals.network.terre-neuvas.ip;
          prefixLength = 24;
        }
      ];
    };
    defaultGateway = {
      interface = "br0";
-      address = "192.168.0.254";
+      address = globals.network.gateway; 
    };
-    nameservers = ["192.168.0.254" "1.1.1.1"];
+    nameservers = [ globals.network.gateway "1.1.1.1"];
    bridges.br0.interfaces = ["eno1"];
  };
  systemd.network = {
--- a/modules/common/networking.nix
+++ b/modules/common/networking.nix
@ -1,8 +1,6 @@
 _: {
  networking = {
    nameservers = ["1.1.1.1" "8.8.8.8"];
    #    dhcpcd.extraConfig = "nohook resolv.conf";
    firewall.enable = true;
    interfaces.enp11s0.wakeOnLan.enable = true;
  };
 }
--- a/modules/common/smtp.nix
+++ b/modules/common/smtp.nix
@ -1,16 +1,19 @@
-{ config, pkgs, lib, ... }: {
+{ config, pkgs, lib, ... }:
 let
 globals = import ../../config/globals.nix;
 in {
  programs.msmtp = {
    enable = true;
    accounts.default = {
-      host = "smtp.protonmail.ch";
+      host = globals.smtp.host;
-      port = 587;
+      port = globals.smtp.port;
      auth = true;
      tls = true;
      tls_starttls = true;
-      user = "contact@porzh.me";
+      user = globals.smtp.user;
      passwordeval = "cat /run/secrets/proton_pass";
-      from = "contact@porzh.me";
+      from = globals.smtp.user;
    };
  };
@ -23,4 +26,4 @@
  ];
  environment.pathsToLink = [ "/etc/alternatives" "/usr/sbin" ];
-                            }
+}
--- a/modules/roles/workstation.nix
+++ b/modules/roles/workstation.nix
@ -1,18 +1,10 @@
 {pkgs, ...}: {
  imports = [
    ../common/nix.nix
    # Matériel
    ../hardware/gpu-amd.nix
    ../hardware/sensors-zenpower.nix
    # Virtualisation/tuning
    ../virtual/kvm-amd.nix
    ../virtual/vfio.nix
    # Dev
    #    ../dev/qemu.nix
    #    ../virtual/truenas.nix # seulement si tu l’utilises sur ce host
  ];
  environment.systemPackages = with pkgs; [
--- a/modules/services/forgejo.nix
+++ b/modules/services/forgejo.nix
@ -1,4 +1,7 @@
-{pkgs, ...}: {
+{pkgs, ...}: 
 let
  globals = import ../../config/globals.nix;
 in {
  # --- Utilisateur dédié ---
  users.users.git = {
    isSystemUser = true;
@ -20,10 +23,10 @@
      };
      settings = {
        server = {
-          DOMAIN = "govel.porzh.me";
+          DOMAIN = globals.services.forgejo.url ;
-          ROOT_URL = "https://govel.porzh.me/";
+          ROOT_URL = "https://${globals.services.forgejo.url}/";
-          SSH_DOMAIN = "govel.porzh.me";
+          SSH_DOMAIN = globals.services.forgejo.url;
-          HTTP_PORT = 3000;
+          HTTP_PORT = globals.services.forgejo.port;
          SSH_PORT = 22;
          START_SSH_SERVER = false;
        };
@ -32,16 +35,16 @@
          REGISTER_EMAIL_CONFIRM = false;
        };
        repository = {
-          DEFAULT_BRANCH = "main";
+          DEFAULT_BRANCH = "master";
        };
      };
    };
    openssh.enable = true;
    caddy = {
      enable = true;
-      virtualHosts."govel.porzh.me" = {
+      virtualHosts.${globals.services.forgejo.url} = {
        extraConfig = ''
-          reverse_proxy localhost:3000
+          reverse_proxy localhost:${toString globals.services.forgejo.port}
        '';
      };
    };
--- a/modules/services/goaccess.nix
+++ b/modules/services/goaccess.nix
@ -1,4 +1,7 @@
-{pkgs, ...}: {
+{pkgs, ...}: 
 let 
  globals = import ../../config/globals.nix ;
 in {
  environment.systemPackages = with pkgs; [
    goaccess
  ];
@ -7,7 +10,7 @@
  systemd.services.goaccess-report = {
    description = "Generate GoAccess HTML report";
    serviceConfig = {
-      ExecStart = "${pkgs.goaccess}/bin/goaccess /var/log/caddy/access-levr.porzh.me.log --log-format=CADDY -o /var/www/goaccess/index.html";
+      ExecStart = "${pkgs.goaccess}/bin/goaccess /var/log/caddy/access-${globals.services.levr.url}.log --log-format=CADDY -o ${globals.services.goaccess.home}/index.html";
    };
  };
@ -22,9 +25,9 @@
  };
  services.caddy = {
    virtualHosts = {
-      "koum.porzh.me" = {
+      "${globals.services.goaccess.url}" = {
        extraConfig = ''
-          root * /var/www/goaccess
+          root * ${globals.services.goaccess.home}
          file_server browse
          try_files {path} {path}/ /index.html
--- a/modules/services/outline.nix
+++ b/modules/services/outline.nix
@ -1,26 +1,29 @@
-{ config, pkgs, lib, ... }: {
+{ config, pkgs, lib, ... }: 
 let
  globals = import ../../config/globals.nix ;
 in {
  services = {
    outline = {
      enable = true;
-      port = 3002 ;
+      port = globals.services.outline.port ;
-      publicUrl = "http://notes.porzh.me";
+      publicUrl = "http://${globals.services.outline.url}";
      forceHttps = true;
      smtp = {
-        host = "smtp.protonmail.ch";
+        host = globals.smtp.host ;
-        username = "contact@porzh.me";
+        username = globals.smtp.user ;
-        passwordFile = "/run/secrets/proton_pass";
+        passwordFile = "/etc/secrets/protonpass";
-        fromEmail = "contact@porzh.me";
+        fromEmail = globals.smtp.user;
-        replyEmail = "contact@porzh.me";
+        replyEmail = globals.smtp.user;
-        port = 587 ;
+        port = globals.smtp.port;
        secure = false;
      };
      storage.storageType = "local";
    };
    caddy = {
      enable = true;
-      virtualHosts."notes.porzh.me" = {
+      virtualHosts.${globals.services.outline.url} = {
        extraConfig = ''
-          reverse_proxy localhost:3002
+          reverse_proxy localhost:${toString globals.services.outline.port}
          '';
      };
    };
--- a/modules/sites/levr.porzh.me.nix
+++ b/modules/sites/levr.porzh.me.nix
@ -1,4 +1,7 @@
-{ pkgs, lib, ...}: {
+{ pkgs, lib, ...}: 
 let
  globals = import ../../config/globals.nix ;
 in {
  environment.systemPackages = with pkgs; [
    hugo
  ];
@ -6,8 +9,8 @@
    description = "Auto build du blog hugo";
    serviceConfig = {
      Type = "oneshot";
-      WorkingDirectory = "/srv/blog" ;
+      WorkingDirectory = globals.services.levr.home ;
-      ExecStart = ''${pkgs.hugo}/bin/hugo --minify build -d /srv/blog/public'';
+      ExecStart = ''${pkgs.hugo}/bin/hugo --minify build -d ${globals.services.levr.build}'';
      User = "lomig";
    };
  };
@ -23,7 +26,7 @@
    description = "Synchronisation du dépôt Hugo";
    serviceConfig = {
      Type = "oneshot";
-      WorkingDirectory = "/srv/blog";
+      WorkingDirectory = globals.services.levr.home;
      ExecStart = "${pkgs.git}/bin/git pull origin master";
      User = "lomig";
    };
@ -41,17 +44,17 @@
  services.caddy = {
    enable = true;
    virtualHosts = {
-      "levr.porzh.me" = {
+      "${globals.services.levr.url}" = {
        extraConfig = ''
          @http {
            protocol http
          }
        redir @http https://{host}{uri} permanent
-          root * /srv/blog/public
+          root * ${globals.services.levr.build}
          file_server
          log {
-            output file /var/log/caddy/access-levr.porzh.me.log
+            output file /var/log/caddy/access-${globals.services.levr.url}.log
          }
        '';
      };
--- a/modules/sites/porzh.me.nix
+++ b/modules/sites/porzh.me.nix
@ -1,4 +1,5 @@
 {pkgs, ...}: let
  globals =  import ../../config/globals.nix ;
  porzhSite = pkgs.stdenv.mkDerivation {
    pname = "porzh-site";
    version = "1.0";
@ -13,8 +14,8 @@ in {
  services.caddy = {
    enable = true;
    virtualHosts = {
-      "porzh.me" = {
+      "${globals.domain}" = {
-        serverAliases = ["www.porzh.me"];
+        serverAliases = [ "www.${globals.domain}" ];
        extraConfig = ''
          root * ${porzhSite}
          file_server
Author	SHA1	Message	Date
DuN0z	441cd5eff9	Refactor	2025-10-09 17:50:49 +02:00
DuN0z	845c3373ba	refactor	2025-10-09 17:46:15 +02:00
DuN0z	fd5f22ae65	Refactor: global.nix	2025-10-09 17:41:20 +02:00
DuN0z	e3c3d5ee8b	Fix: imports	2025-10-09 17:40:43 +02:00
DuN0z	36d368063a	Fix: Forgot config file :-)	2025-10-09 15:36:54 +02:00
DuN0z	330958fba4	REFACTOR: Add config vars file	2025-10-09 15:34:37 +02:00
DuN0z	2f0b5cf661	Refactor: global.nix	2025-10-09 14:27:25 +02:00