diff --git a/flake.nix b/flake.nix index d4bddad..87a1d18 100644 --- a/flake.nix +++ b/flake.nix @@ -145,7 +145,7 @@ colmena.packages.${system}.colmena ]; imports = [ - ./nixos/configs/${name}/configuration.nix + ./nixos/machines/${name}/configuration.nix cluster-module.nixosModules.tinc (sopsModule name) home-manager.nixosModules.home-manager diff --git a/nixos/configs/sterni/wireshark.nix b/nixos/configs/sterni/wireshark.nix deleted file mode 100644 index f4c1b07..0000000 --- a/nixos/configs/sterni/wireshark.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ pkgs, config, ... }: { - - users.users.mainUser.extraGroups = [ "wireshark" ]; - programs.wireshark.enable = true; - - environment.systemPackages = [ - - pkgs.wireshark - - # alternative packet analyzer (only works with elasticsearch) - pkgs.packetbeat7 - ]; - - # elastic search is good for analysing stuff - # https://www.elastic.co/blog/analyzing-network-packets-with-wireshark-elasticsearch-and-kibana - services.elasticsearch.enable = true; - services.elasticsearch.listenAddress = - "${config.networking.hostName}.private"; - services.kibana.enable = true; - services.kibana.elasticsearch.hosts = - [ "http://${config.networking.hostName}.private:9200" ]; - services.kibana.listenAddress = "${config.networking.hostName}.private"; - services.kibana.port = 5601; - - # using tshark with elastic search - # -------------------------------- - # tshark -r file.pcap -T ek > packages.json - # curl -XPOST "sterni.private:9200/packets/doc/_bulk" -H 'Content-Type: application/json' --data-binary "@packets.json" - - services.nginx = { - enable = true; - statusPage = true; - virtualHosts = { - "kibana.${config.networking.hostName}.private" = { - serverAliases = [ ]; - locations."/" = { - proxyPass = "http://${config.networking.hostName}.private:${ - toString config.services.kibana.port - }"; - }; - }; - }; - }; - -} diff --git a/nixos/legacy/nginx-logging.nix b/nixos/legacy/nginx-logging.nix new file mode 100644 index 0000000..24f2abc --- /dev/null +++ b/nixos/legacy/nginx-logging.nix @@ -0,0 +1,41 @@ +{ pkgs, lib, ... }: +let + access_log_sink = "workhorse.private:12304"; + error_log_sink = "workhorse.private:12305"; +in +{ + + security.acme.defaults.email = "contact@ingolf-wagner.de"; + security.acme.acceptTerms = true; + + services.nginx = { + + # Use recommended settings + recommendedGzipSettings = lib.mkDefault true; + recommendedOptimisation = lib.mkDefault true; + recommendedProxySettings = lib.mkDefault true; + recommendedTlsSettings = lib.mkDefault true; + + # for graylog logging + #commonHttpConfig = '' + # log_format graylog2_json escape=json '{ "timestamp": "$time_iso8601", ' + # '"facility": "nginx", ' + # '"src_addr": "$remote_addr", ' + # '"body_bytes_sent": $body_bytes_sent, ' + # '"request_time": $request_time, ' + # '"response_status": $status, ' + # '"request": "$request", ' + # '"request_method": "$request_method", ' + # '"host": "$host",' + # '"upstream_cache_status": "$upstream_cache_status",' + # '"upstream_addr": "$upstream_addr",' + # '"http_x_forwarded_for": "$http_x_forwarded_for",' + # '"http_referrer": "$http_referer", ' + # '"http_user_agent": "$http_user_agent" }'; + # access_log syslog:server=${access_log_sink} graylog2_json; + # error_log syslog:server=${error_log_sink}; + #''; + }; + + services.nginx.package = pkgs.nginxMainline; +} diff --git a/nixos/configs/sternchen/wifi-access-point.nix b/nixos/legacy/wifi-access-point.nix similarity index 100% rename from nixos/configs/sternchen/wifi-access-point.nix rename to nixos/legacy/wifi-access-point.nix diff --git a/nixos/configs/dummy/configuration.nix b/nixos/machines/dummy/configuration.nix similarity index 100% rename from nixos/configs/dummy/configuration.nix rename to nixos/machines/dummy/configuration.nix diff --git a/nixos/configs/dummy/hardware-configuration.nix b/nixos/machines/dummy/hardware-configuration.nix similarity index 100% rename from nixos/configs/dummy/hardware-configuration.nix rename to nixos/machines/dummy/hardware-configuration.nix diff --git a/nixos/configs/mobi/configuration.nix b/nixos/machines/mobi/configuration.nix similarity index 100% rename from nixos/configs/mobi/configuration.nix rename to nixos/machines/mobi/configuration.nix diff --git a/nixos/configs/mobi/hardware-configuration.nix b/nixos/machines/mobi/hardware-configuration.nix similarity index 100% rename from nixos/configs/mobi/hardware-configuration.nix rename to nixos/machines/mobi/hardware-configuration.nix diff --git a/nixos/configs/mobi/tinc.nix b/nixos/machines/mobi/tinc.nix similarity index 100% rename from nixos/configs/mobi/tinc.nix rename to nixos/machines/mobi/tinc.nix diff --git a/nixos/configs/pepe/borg.nix b/nixos/machines/pepe/borg.nix similarity index 100% rename from nixos/configs/pepe/borg.nix rename to nixos/machines/pepe/borg.nix diff --git a/nixos/configs/pepe/configuration.nix b/nixos/machines/pepe/configuration.nix similarity index 100% rename from nixos/configs/pepe/configuration.nix rename to nixos/machines/pepe/configuration.nix diff --git a/nixos/configs/pepe/dms.nix b/nixos/machines/pepe/dms.nix similarity index 100% rename from nixos/configs/pepe/dms.nix rename to nixos/machines/pepe/dms.nix diff --git a/nixos/configs/pepe/grocy.nix b/nixos/machines/pepe/grocy.nix similarity index 100% rename from nixos/configs/pepe/grocy.nix rename to nixos/machines/pepe/grocy.nix diff --git a/nixos/configs/pepe/hardware-configuration.nix b/nixos/machines/pepe/hardware-configuration.nix similarity index 100% rename from nixos/configs/pepe/hardware-configuration.nix rename to nixos/machines/pepe/hardware-configuration.nix diff --git a/nixos/configs/pepe/home-assistant.nix b/nixos/machines/pepe/home-assistant.nix similarity index 100% rename from nixos/configs/pepe/home-assistant.nix rename to nixos/machines/pepe/home-assistant.nix diff --git a/nixos/configs/pepe/home-assistant/chaospott.nix b/nixos/machines/pepe/home-assistant/chaospott.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/chaospott.nix rename to nixos/machines/pepe/home-assistant/chaospott.nix diff --git a/nixos/configs/pepe/home-assistant/iot-control.nix b/nixos/machines/pepe/home-assistant/iot-control.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/iot-control.nix rename to nixos/machines/pepe/home-assistant/iot-control.nix diff --git a/nixos/configs/pepe/home-assistant/kodi.nix b/nixos/machines/pepe/home-assistant/kodi.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/kodi.nix rename to nixos/machines/pepe/home-assistant/kodi.nix diff --git a/nixos/configs/pepe/home-assistant/light-control.nix b/nixos/machines/pepe/home-assistant/light-control.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/light-control.nix rename to nixos/machines/pepe/home-assistant/light-control.nix diff --git a/nixos/configs/pepe/home-assistant/mpd.nix b/nixos/machines/pepe/home-assistant/mpd.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/mpd.nix rename to nixos/machines/pepe/home-assistant/mpd.nix diff --git a/nixos/configs/pepe/home-assistant/mqtt.nix b/nixos/machines/pepe/home-assistant/mqtt.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/mqtt.nix rename to nixos/machines/pepe/home-assistant/mqtt.nix diff --git a/nixos/configs/pepe/home-assistant/sonoff.nix b/nixos/machines/pepe/home-assistant/sonoff.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/sonoff.nix rename to nixos/machines/pepe/home-assistant/sonoff.nix diff --git a/nixos/configs/pepe/home-assistant/stocks.nix b/nixos/machines/pepe/home-assistant/stocks.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/stocks.nix rename to nixos/machines/pepe/home-assistant/stocks.nix diff --git a/nixos/configs/pepe/home-assistant/timer.nix b/nixos/machines/pepe/home-assistant/timer.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/timer.nix rename to nixos/machines/pepe/home-assistant/timer.nix diff --git a/nixos/configs/pepe/home-assistant/weather.nix b/nixos/machines/pepe/home-assistant/weather.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/weather.nix rename to nixos/machines/pepe/home-assistant/weather.nix diff --git a/nixos/configs/pepe/home-assistant/workday.nix b/nixos/machines/pepe/home-assistant/workday.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/workday.nix rename to nixos/machines/pepe/home-assistant/workday.nix diff --git a/nixos/configs/pepe/home-assistant/zigbee2mqtt.nix b/nixos/machines/pepe/home-assistant/zigbee2mqtt.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/zigbee2mqtt.nix rename to nixos/machines/pepe/home-assistant/zigbee2mqtt.nix diff --git a/nixos/configs/pepe/home-assistant/zigbee2mqtt/buttons.nix b/nixos/machines/pepe/home-assistant/zigbee2mqtt/buttons.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/zigbee2mqtt/buttons.nix rename to nixos/machines/pepe/home-assistant/zigbee2mqtt/buttons.nix diff --git a/nixos/configs/pepe/home-assistant/zigbee2mqtt/configurationHelper.nix b/nixos/machines/pepe/home-assistant/zigbee2mqtt/configurationHelper.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/zigbee2mqtt/configurationHelper.nix rename to nixos/machines/pepe/home-assistant/zigbee2mqtt/configurationHelper.nix diff --git a/nixos/configs/pepe/home-assistant/zigbee2mqtt/doors.nix b/nixos/machines/pepe/home-assistant/zigbee2mqtt/doors.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/zigbee2mqtt/doors.nix rename to nixos/machines/pepe/home-assistant/zigbee2mqtt/doors.nix diff --git a/nixos/configs/pepe/home-assistant/zigbee2mqtt/fyrtur.nix b/nixos/machines/pepe/home-assistant/zigbee2mqtt/fyrtur.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/zigbee2mqtt/fyrtur.nix rename to nixos/machines/pepe/home-assistant/zigbee2mqtt/fyrtur.nix diff --git a/nixos/configs/pepe/home-assistant/zigbee2mqtt/heater.nix b/nixos/machines/pepe/home-assistant/zigbee2mqtt/heater.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/zigbee2mqtt/heater.nix rename to nixos/machines/pepe/home-assistant/zigbee2mqtt/heater.nix diff --git a/nixos/configs/pepe/home-assistant/zigbee2mqtt/leds.nix b/nixos/machines/pepe/home-assistant/zigbee2mqtt/leds.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/zigbee2mqtt/leds.nix rename to nixos/machines/pepe/home-assistant/zigbee2mqtt/leds.nix diff --git a/nixos/configs/pepe/home-assistant/zigbee2mqtt/lights.nix b/nixos/machines/pepe/home-assistant/zigbee2mqtt/lights.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/zigbee2mqtt/lights.nix rename to nixos/machines/pepe/home-assistant/zigbee2mqtt/lights.nix diff --git a/nixos/configs/pepe/home-assistant/zigbee2mqtt/motion.nix b/nixos/machines/pepe/home-assistant/zigbee2mqtt/motion.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/zigbee2mqtt/motion.nix rename to nixos/machines/pepe/home-assistant/zigbee2mqtt/motion.nix diff --git a/nixos/configs/pepe/home-assistant/zigbee2mqtt/repeater.nix b/nixos/machines/pepe/home-assistant/zigbee2mqtt/repeater.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/zigbee2mqtt/repeater.nix rename to nixos/machines/pepe/home-assistant/zigbee2mqtt/repeater.nix diff --git a/nixos/configs/pepe/home-assistant/zigbee2mqtt/service.nix b/nixos/machines/pepe/home-assistant/zigbee2mqtt/service.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/zigbee2mqtt/service.nix rename to nixos/machines/pepe/home-assistant/zigbee2mqtt/service.nix diff --git a/nixos/configs/pepe/home-assistant/zigbee2mqtt/temperatur.nix b/nixos/machines/pepe/home-assistant/zigbee2mqtt/temperatur.nix similarity index 100% rename from nixos/configs/pepe/home-assistant/zigbee2mqtt/temperatur.nix rename to nixos/machines/pepe/home-assistant/zigbee2mqtt/temperatur.nix diff --git a/nixos/configs/pepe/kodi.nix b/nixos/machines/pepe/kodi.nix similarity index 100% rename from nixos/configs/pepe/kodi.nix rename to nixos/machines/pepe/kodi.nix diff --git a/nixos/configs/pepe/lan.nix b/nixos/machines/pepe/lan.nix similarity index 100% rename from nixos/configs/pepe/lan.nix rename to nixos/machines/pepe/lan.nix diff --git a/nixos/configs/pepe/mail-fetcher.nix b/nixos/machines/pepe/mail-fetcher.nix similarity index 100% rename from nixos/configs/pepe/mail-fetcher.nix rename to nixos/machines/pepe/mail-fetcher.nix diff --git a/nixos/configs/pepe/mpd.nix b/nixos/machines/pepe/mpd.nix similarity index 100% rename from nixos/configs/pepe/mpd.nix rename to nixos/machines/pepe/mpd.nix diff --git a/nixos/configs/pepe/neo4j.nix b/nixos/machines/pepe/neo4j.nix similarity index 100% rename from nixos/configs/pepe/neo4j.nix rename to nixos/machines/pepe/neo4j.nix diff --git a/nixos/configs/pepe/packages.nix b/nixos/machines/pepe/packages.nix similarity index 100% rename from nixos/configs/pepe/packages.nix rename to nixos/machines/pepe/packages.nix diff --git a/nixos/configs/pepe/syncthing.nix b/nixos/machines/pepe/syncthing.nix similarity index 100% rename from nixos/configs/pepe/syncthing.nix rename to nixos/machines/pepe/syncthing.nix diff --git a/nixos/configs/pepe/taskwarrior-pushover.nix b/nixos/machines/pepe/taskwarrior-pushover.nix similarity index 100% rename from nixos/configs/pepe/taskwarrior-pushover.nix rename to nixos/machines/pepe/taskwarrior-pushover.nix diff --git a/nixos/configs/pepe/tinc.nix b/nixos/machines/pepe/tinc.nix similarity index 100% rename from nixos/configs/pepe/tinc.nix rename to nixos/machines/pepe/tinc.nix diff --git a/nixos/configs/pepe/wifi-access-point.nix b/nixos/machines/pepe/wifi-access-point.nix similarity index 100% rename from nixos/configs/pepe/wifi-access-point.nix rename to nixos/machines/pepe/wifi-access-point.nix diff --git a/nixos/configs/robi/borg.nix b/nixos/machines/robi/borg.nix similarity index 100% rename from nixos/configs/robi/borg.nix rename to nixos/machines/robi/borg.nix diff --git a/nixos/configs/robi/castget.nix b/nixos/machines/robi/castget.nix similarity index 100% rename from nixos/configs/robi/castget.nix rename to nixos/machines/robi/castget.nix diff --git a/nixos/configs/robi/codimd.nix b/nixos/machines/robi/codimd.nix similarity index 100% rename from nixos/configs/robi/codimd.nix rename to nixos/machines/robi/codimd.nix diff --git a/nixos/configs/robi/configuration.nix b/nixos/machines/robi/configuration.nix similarity index 100% rename from nixos/configs/robi/configuration.nix rename to nixos/machines/robi/configuration.nix diff --git a/nixos/configs/robi/finance.nix b/nixos/machines/robi/finance.nix similarity index 100% rename from nixos/configs/robi/finance.nix rename to nixos/machines/robi/finance.nix diff --git a/nixos/configs/robi/gitea.nix b/nixos/machines/robi/gitea.nix similarity index 100% rename from nixos/configs/robi/gitea.nix rename to nixos/machines/robi/gitea.nix diff --git a/nixos/configs/robi/gitlab.nix b/nixos/machines/robi/gitlab.nix similarity index 100% rename from nixos/configs/robi/gitlab.nix rename to nixos/machines/robi/gitlab.nix diff --git a/nixos/configs/robi/grafana.nix b/nixos/machines/robi/grafana.nix similarity index 100% rename from nixos/configs/robi/grafana.nix rename to nixos/machines/robi/grafana.nix diff --git a/nixos/configs/robi/graylog.nix b/nixos/machines/robi/graylog.nix similarity index 100% rename from nixos/configs/robi/graylog.nix rename to nixos/machines/robi/graylog.nix diff --git a/nixos/configs/robi/grocy.nix b/nixos/machines/robi/grocy.nix similarity index 100% rename from nixos/configs/robi/grocy.nix rename to nixos/machines/robi/grocy.nix diff --git a/nixos/configs/robi/hardware-configuration.nix b/nixos/machines/robi/hardware-configuration.nix similarity index 100% rename from nixos/configs/robi/hardware-configuration.nix rename to nixos/machines/robi/hardware-configuration.nix diff --git a/nixos/configs/robi/hetzner.nix b/nixos/machines/robi/hetzner.nix similarity index 100% rename from nixos/configs/robi/hetzner.nix rename to nixos/machines/robi/hetzner.nix diff --git a/nixos/configs/robi/kibana.nix b/nixos/machines/robi/kibana.nix similarity index 100% rename from nixos/configs/robi/kibana.nix rename to nixos/machines/robi/kibana.nix diff --git a/nixos/configs/robi/mail-fetcher.nix b/nixos/machines/robi/mail-fetcher.nix similarity index 100% rename from nixos/configs/robi/mail-fetcher.nix rename to nixos/machines/robi/mail-fetcher.nix diff --git a/nixos/configs/robi/metabase.nix b/nixos/machines/robi/metabase.nix similarity index 100% rename from nixos/configs/robi/metabase.nix rename to nixos/machines/robi/metabase.nix diff --git a/nixos/configs/robi/mining.nix b/nixos/machines/robi/mining.nix similarity index 100% rename from nixos/configs/robi/mining.nix rename to nixos/machines/robi/mining.nix diff --git a/nixos/configs/robi/mysql.nix b/nixos/machines/robi/mysql.nix similarity index 100% rename from nixos/configs/robi/mysql.nix rename to nixos/machines/robi/mysql.nix diff --git a/nixos/configs/robi/nextcloud.nix b/nixos/machines/robi/nextcloud.nix similarity index 100% rename from nixos/configs/robi/nextcloud.nix rename to nixos/machines/robi/nextcloud.nix diff --git a/nixos/configs/robi/nginx.nix b/nixos/machines/robi/nginx.nix similarity index 100% rename from nixos/configs/robi/nginx.nix rename to nixos/machines/robi/nginx.nix diff --git a/nixos/configs/robi/packages.nix b/nixos/machines/robi/packages.nix similarity index 100% rename from nixos/configs/robi/packages.nix rename to nixos/machines/robi/packages.nix diff --git a/nixos/configs/robi/prometheus.nix b/nixos/machines/robi/prometheus.nix similarity index 100% rename from nixos/configs/robi/prometheus.nix rename to nixos/machines/robi/prometheus.nix diff --git a/nixos/configs/robi/property.nix b/nixos/machines/robi/property.nix similarity index 100% rename from nixos/configs/robi/property.nix rename to nixos/machines/robi/property.nix diff --git a/nixos/configs/robi/syncthing.nix b/nixos/machines/robi/syncthing.nix similarity index 100% rename from nixos/configs/robi/syncthing.nix rename to nixos/machines/robi/syncthing.nix diff --git a/nixos/configs/robi/taskserver.nix b/nixos/machines/robi/taskserver.nix similarity index 100% rename from nixos/configs/robi/taskserver.nix rename to nixos/machines/robi/taskserver.nix diff --git a/nixos/configs/robi/tinc.nix b/nixos/machines/robi/tinc.nix similarity index 100% rename from nixos/configs/robi/tinc.nix rename to nixos/machines/robi/tinc.nix diff --git a/nixos/configs/robi/transmission.nix b/nixos/machines/robi/transmission.nix similarity index 100% rename from nixos/configs/robi/transmission.nix rename to nixos/machines/robi/transmission.nix diff --git a/nixos/configs/robi/transmission2.nix b/nixos/machines/robi/transmission2.nix similarity index 100% rename from nixos/configs/robi/transmission2.nix rename to nixos/machines/robi/transmission2.nix diff --git a/nixos/configs/robi/vaultwarden.nix b/nixos/machines/robi/vaultwarden.nix similarity index 100% rename from nixos/configs/robi/vaultwarden.nix rename to nixos/machines/robi/vaultwarden.nix diff --git a/nixos/configs/robi/weechat.nix b/nixos/machines/robi/weechat.nix similarity index 100% rename from nixos/configs/robi/weechat.nix rename to nixos/machines/robi/weechat.nix diff --git a/nixos/configs/sternchen/configuration.nix b/nixos/machines/sternchen/configuration.nix similarity index 97% rename from nixos/configs/sternchen/configuration.nix rename to nixos/machines/sternchen/configuration.nix index 1ed87c3..f3d1e45 100644 --- a/nixos/configs/sternchen/configuration.nix +++ b/nixos/machines/sternchen/configuration.nix @@ -111,9 +111,5 @@ }; }; - # keybase - services.keybase.enable = false; - services.kbfs.enable = false; - } diff --git a/nixos/configs/sternchen/hardware-configuration.nix b/nixos/machines/sternchen/hardware-configuration.nix similarity index 100% rename from nixos/configs/sternchen/hardware-configuration.nix rename to nixos/machines/sternchen/hardware-configuration.nix diff --git a/nixos/configs/sternchen/packages.nix b/nixos/machines/sternchen/packages.nix similarity index 100% rename from nixos/configs/sternchen/packages.nix rename to nixos/machines/sternchen/packages.nix diff --git a/nixos/configs/sternchen/syncthing.nix b/nixos/machines/sternchen/syncthing.nix similarity index 100% rename from nixos/configs/sternchen/syncthing.nix rename to nixos/machines/sternchen/syncthing.nix diff --git a/nixos/configs/sternchen/tinc.nix b/nixos/machines/sternchen/tinc.nix similarity index 100% rename from nixos/configs/sternchen/tinc.nix rename to nixos/machines/sternchen/tinc.nix diff --git a/nixos/configs/sterni/wifi-access-point.nix b/nixos/machines/sternchen/wifi-access-point.nix similarity index 100% rename from nixos/configs/sterni/wifi-access-point.nix rename to nixos/machines/sternchen/wifi-access-point.nix diff --git a/nixos/configs/sternchen/wireshark.nix b/nixos/machines/sternchen/wireshark.nix similarity index 100% rename from nixos/configs/sternchen/wireshark.nix rename to nixos/machines/sternchen/wireshark.nix diff --git a/nixos/configs/sterni/configuration.nix b/nixos/machines/sterni/configuration.nix similarity index 84% rename from nixos/configs/sterni/configuration.nix rename to nixos/machines/sterni/configuration.nix index 5eb120f..a895b1d 100644 --- a/nixos/configs/sterni/configuration.nix +++ b/nixos/machines/sterni/configuration.nix @@ -37,10 +37,6 @@ }; }; - # keybase - services.keybase.enable = false; - services.kbfs.enable = false; - programs.custom.steam.enable = true; programs.custom.video.enable = false; @@ -72,12 +68,8 @@ custom.samba-share = { enable = true; folders = { - #public = "/home/palo/movies"; share = "/home/share"; video = "/home/video-material"; - #syncthing = "/mnt/syncthing"; - #movies = "/mnt/syncthing/movies"; - #series = "/mnt/syncthing/series"; }; }; @@ -96,8 +88,4 @@ vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; }; - # include all modules from flakes - # documentation.nixos.includeAllModules = true; - } - diff --git a/nixos/configs/sterni/hardware-configuration.nix b/nixos/machines/sterni/hardware-configuration.nix similarity index 100% rename from nixos/configs/sterni/hardware-configuration.nix rename to nixos/machines/sterni/hardware-configuration.nix diff --git a/nixos/configs/sterni/packages.nix b/nixos/machines/sterni/packages.nix similarity index 100% rename from nixos/configs/sterni/packages.nix rename to nixos/machines/sterni/packages.nix diff --git a/nixos/configs/sterni/scanner.nix b/nixos/machines/sterni/scanner.nix similarity index 100% rename from nixos/configs/sterni/scanner.nix rename to nixos/machines/sterni/scanner.nix diff --git a/nixos/configs/sterni/syncthing.nix b/nixos/machines/sterni/syncthing.nix similarity index 100% rename from nixos/configs/sterni/syncthing.nix rename to nixos/machines/sterni/syncthing.nix diff --git a/nixos/configs/sterni/tinc.nix b/nixos/machines/sterni/tinc.nix similarity index 100% rename from nixos/configs/sterni/tinc.nix rename to nixos/machines/sterni/tinc.nix diff --git a/nixos/system/all/nginx-landingpage.nix b/nixos/system/all/nginx-landingpage.nix index e95f1a0..0fcc6a4 100644 --- a/nixos/system/all/nginx-landingpage.nix +++ b/nixos/system/all/nginx-landingpage.nix @@ -1,38 +1,5 @@ { config, lib, pkgs, ... }: { - services.nginx.virtualHosts."mia.${config.networking.hostName}.private" = { - - locations."/" = { - root = pkgs.landingpage.override { - jsonConfig = { - items = [{ - items = [ - { - label = "github"; - href = "https://github.com/miaEngiadina"; - image = - "https://media.giphy.com/media/l0MYEpMgixXtNRgrK/giphy.gif"; - } - { - label = "Confluence"; - href = "https://fysitech.atlassian.net/wiki/spaces/DI/overview"; - image = "https://media.giphy.com/media/TfMcfnr6USBtm/giphy.gif"; - } - { - label = "Kanban Board"; - href = - "https://fysitech.atlassian.net/jira/software/projects/DPE/boards/1"; - image = - "https://media.giphy.com/media/10zsjaH4g0GgmY/giphy.gif"; - } - - ]; - }]; - }; - }; - }; - }; - services.nginx.virtualHosts."${config.networking.hostName}.private" = { default = true; locations."/" = { @@ -40,57 +7,38 @@ jsonConfig = { items = [ { - # text = "hallo"; + text = "Syncthings"; + items = map + ({ name, host ? "${name}.private", ... }: { + label = name; + href = "http://${host}:8384/"; + image = "https://media.giphy.com/media/JoyU4vuzwj6ZA7Ging/giphy.gif"; + }) + (map (name: { inherit name; }) (lib.attrNames + config.module.cluster.services.tinc."private".hosts)); + } + { + text = "netdata"; + items = map + ({ name, host ? "${name}.private", ... }: { + label = name; + href = "http://${host}:19999/"; + image = "https://media.giphy.com/media/BkjdN6MQCDPaw/giphy.gif"; + }) + (map (name: { inherit name; }) [ + "robi" + "pepe" + ]); + } + { + text = "Various Links"; items = [ - - { - label = "Dashboard"; - href = "http://grafana.workhorse.private"; - image = - "https://media.giphy.com/media/eLmaUW5dJak2k/giphy.gif"; - } - { - label = "Prometheus"; - href = "http://prometheus.workhorse.private/"; - image = - "https://media.giphy.com/media/1NLZYcJGLM9mo/giphy.gif"; - } - { - label = "Graylog"; - href = "http://graylog.workhorse.private/"; - image = - "https://media.giphy.com/media/6oeRBKg7mwEZnSnYkn/giphy.gif"; - } - { - label = "Jenkins"; - href = "http://jenkins.workhorse.private/"; - image = - "https://media.giphy.com/media/nQYnLFII2sFcQ/giphy.gif"; - } - { - label = "HomeAssistant"; - href = "http://pepe.private:8123/lovelace/view_overview"; - image = - "https://media.giphy.com/media/3o6ZtosYxN9Eo3AAZq/giphy.gif"; - } - { - label = "Kodi"; - href = "http://porani.private:8080/"; - image = - "https://media.giphy.com/media/d9wPasV7ukkta/giphy.gif"; - } { label = "Hetzner Cloud"; href = "https://console.hetzner.cloud/projects"; image = "https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif"; } - { - label = "Transmission"; - href = "http://transmission.kruck.private/"; - image = - "https://media.giphy.com/media/9ryQgA3d0BVoe7iZl0/giphy.gif"; - } { label = "Pass the Popcorn"; href = "https://passthepopcorn.me/"; @@ -103,18 +51,6 @@ image = "https://media.giphy.com/media/ku5EcFe4PNGWA/giphy.gif"; } - { - label = "Kibana Workhorse"; - href = "http://kibana.workhorse.private/"; - image = - "https://media.giphy.com/media/24sVlirH2qPTO/giphy.gif"; - } - { - label = "Kibana Workout"; - href = "http://kibana.workout.private/"; - image = - "https://media.giphy.com/media/24sVlirH2qPTO/giphy.gif"; - } { label = "Cups"; href = "http://localhost:631/"; @@ -123,48 +59,6 @@ } ]; } - { - text = "Betfair"; - items = [ - { - label = "betfair"; - href = "https://www.betfair.com/exchange/plus/football"; - image = - "https://media.giphy.com/media/3og0ILXHf8hmHmET1C/giphy.gif"; - } - { - label = "token"; - href = - "https://docs.developer.betfair.com/visualisers/api-ng-account-operations/"; - image = - "https://media.giphy.com/media/aeIlR57TpTimI/giphy.gif"; - } - { - label = "api doku"; - href = - "https://docs.developer.betfair.com/display/1smk3cen4v3lu3yomq5qye0ni/Reference+Guide"; - image = - "https://media.giphy.com/media/11bKAQfWd0Yo0w/giphy.gif"; - } - ]; - } - { - text = "Lektor"; - items = [ - { - label = "Terranix"; - href = "http://terranix.schasch.private"; - image = - "https://media.giphy.com/media/nGtOFccLzujug/giphy.gif"; - } - { - label = "tech-blog"; - href = "http://techblog.schasch.private"; - image = - "https://media.giphy.com/media/nGtOFccLzujug/giphy.gif"; - } - ]; - } { text = "NixOS"; items = [ @@ -193,12 +87,6 @@ image = "https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif"; } - { - label = "NixOS Options"; - href = "https://nixos.org/nixos/options.html"; - image = - "https://media.giphy.com/media/3fiw51MvIWcGjMhy9a/giphy.gif"; - } { label = "NixOS Language specific helpers"; href = @@ -226,33 +114,6 @@ } ]; } - { - text = "Syncthings"; - items = map - ({ name, host ? "${name}.private", ... }: { - label = name; - href = "http://${host}:8384/"; - image = - "https://media.giphy.com/media/JoyU4vuzwj6ZA7Ging/giphy.gif"; - }) - (map (name: { inherit name; }) (lib.attrNames - config.module.cluster.services.tinc."private".hosts)); - } - { - text = "netdata"; - items = map - ({ name, host ? "${name}.private", ... }: { - label = name; - href = "http://${host}:19999/"; - image = "https://media.giphy.com/media/BkjdN6MQCDPaw/giphy.gif"; - }) - (map (name: { inherit name; }) [ - "workhorse" - "pepe" - ] - #(lib.attrNames config.module.cluster.services.tinc."private".hosts) - ); - } ]; }; }; diff --git a/nixos/system/all/nginx.nix b/nixos/system/all/nginx.nix index 8730e39..24f2abc 100644 --- a/nixos/system/all/nginx.nix +++ b/nixos/system/all/nginx.nix @@ -17,24 +17,24 @@ in recommendedTlsSettings = lib.mkDefault true; # for graylog logging - commonHttpConfig = '' - log_format graylog2_json escape=json '{ "timestamp": "$time_iso8601", ' - '"facility": "nginx", ' - '"src_addr": "$remote_addr", ' - '"body_bytes_sent": $body_bytes_sent, ' - '"request_time": $request_time, ' - '"response_status": $status, ' - '"request": "$request", ' - '"request_method": "$request_method", ' - '"host": "$host",' - '"upstream_cache_status": "$upstream_cache_status",' - '"upstream_addr": "$upstream_addr",' - '"http_x_forwarded_for": "$http_x_forwarded_for",' - '"http_referrer": "$http_referer", ' - '"http_user_agent": "$http_user_agent" }'; - access_log syslog:server=${access_log_sink} graylog2_json; - error_log syslog:server=${error_log_sink}; - ''; + #commonHttpConfig = '' + # log_format graylog2_json escape=json '{ "timestamp": "$time_iso8601", ' + # '"facility": "nginx", ' + # '"src_addr": "$remote_addr", ' + # '"body_bytes_sent": $body_bytes_sent, ' + # '"request_time": $request_time, ' + # '"response_status": $status, ' + # '"request": "$request", ' + # '"request_method": "$request_method", ' + # '"host": "$host",' + # '"upstream_cache_status": "$upstream_cache_status",' + # '"upstream_addr": "$upstream_addr",' + # '"http_x_forwarded_for": "$http_x_forwarded_for",' + # '"http_referrer": "$http_referer", ' + # '"http_user_agent": "$http_user_agent" }'; + # access_log syslog:server=${access_log_sink} graylog2_json; + # error_log syslog:server=${error_log_sink}; + #''; }; services.nginx.package = pkgs.nginxMainline; diff --git a/nixos/system/all/sshd-known-hosts-private.nix b/nixos/system/all/sshd-known-hosts-private.nix index 73635e6..65ba273 100644 --- a/nixos/system/all/sshd-known-hosts-private.nix +++ b/nixos/system/all/sshd-known-hosts-private.nix @@ -38,22 +38,6 @@ ]; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDyHmHJy2Va45p9mn+Hj3DyaY5yxnQIKvXeACHjzgSKt"; }; - "workhorse.private" = { - hostNames = [ - "workhorse.private" - "workhorse.secret" - config.module.cluster.services.tinc.private.hosts.workhorse.tincIp - config.module.cluster.services.tinc.secret.hosts.workhorse.tincIp - ]; - publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDaK0Vv33TuGQa/B5p54sGilgpYvfKkBaBGlEBpIk1QB"; - }; - "porani.secret" = { - hostNames = [ - "porani.secret" - config.module.cluster.services.tinc.secret.hosts.porani.tincIp - ]; - publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOKNtRWVrqADgAMtTSWgnpp8gRKUtn4QUMFzQ78fC+aK"; - }; "pepe.private" = { hostNames = [ "pepe.private" diff --git a/nixos/system/all/tinc.nix b/nixos/system/all/tinc.nix index c8aeb35..3685b79 100644 --- a/nixos/system/all/tinc.nix +++ b/nixos/system/all/tinc.nix @@ -40,14 +40,6 @@ in tincIp = "10.243.23.3"; publicKey = lib.fileContents ../../assets/tinc/retiolum/host_file; }; - workhorse = { - tincIp = "10.243.23.5"; - publicKey = lib.fileContents ../../assets/tinc/retiolum/host_file; - }; - workout = { - tincIp = "10.243.23.4"; - publicKey = lib.fileContents ../../assets/tinc/retiolum/host_file; - }; }; }; # nix-shell -p tinc_pre --run "tinc --config . generate-keys 4096" @@ -70,14 +62,6 @@ in tincIp = "10.123.42.24"; publicKey = lib.fileContents ../../assets/tinc/workout_host_file; }; - porani = { - tincIp = "10.123.42.31"; - publicKey = lib.fileContents ../../assets/tinc/porani_host_file; - }; - workhorse = { - tincIp = "10.123.42.21"; - publicKey = lib.fileContents ../../assets/tinc/workhorse_host_file; - }; robi = { realAddress = [ "144.76.13.147" ]; tincIp = "10.123.42.123"; @@ -94,10 +78,6 @@ in privateEd25519KeyFile = toString config.sops.secrets.tinc_ed25519_key.path; privateRsaKeyFile = toString config.sops.secrets.tinc_rsa_key.path; hosts = { - workout = { - tincIp = "10.23.42.27"; - publicKey = lib.fileContents ../../assets/tinc/workout_host_file; - }; pepe = { tincIp = "10.23.42.26"; publicKey = lib.fileContents ../../assets/tinc/pepe_host_file; @@ -110,14 +90,6 @@ in tincIp = "10.23.42.23"; publicKey = lib.fileContents ../../assets/tinc/mobi_host_file; }; - #porani = { - # tincIp = "10.23.42.31"; - # publicKey = lib.fileContents ../../assets/tinc/porani_host_file; - #}; - workhorse = { - tincIp = "10.23.42.21"; - publicKey = lib.fileContents ../../assets/tinc/workhorse_host_file; - }; robi = { realAddress = [ "144.76.13.147" ]; tincIp = "10.23.42.111";