diff --git a/depot/hosts/athame/nixos.nix b/depot/hosts/athame/nixos.nix index 5dea7df9..cda80f3a 100644 --- a/depot/hosts/athame/nixos.nix +++ b/depot/hosts/athame/nixos.nix @@ -92,7 +92,7 @@ with lib; # Firewall - kw.fw = { + network.firewall = { public.interfaces = singleton "enp1s0"; private.interfaces = singleton "yggdrasil"; }; diff --git a/depot/hosts/beltane/nixos.nix b/depot/hosts/beltane/nixos.nix index 48997ed5..4f70de00 100644 --- a/depot/hosts/beltane/nixos.nix +++ b/depot/hosts/beltane/nixos.nix @@ -108,7 +108,7 @@ with lib; # Firewall - kw.fw = { + network.firewall = { private.interfaces = singleton "yggdrasil"; public.interfaces = singleton "eno1"; }; diff --git a/depot/hosts/ostara/nixos.nix b/depot/hosts/ostara/nixos.nix index b9b14b4b..e0a8a9c6 100644 --- a/depot/hosts/ostara/nixos.nix +++ b/depot/hosts/ostara/nixos.nix @@ -55,7 +55,7 @@ with lib; # Firewall - kw.fw = { + network.firewall = { public = { interfaces = singleton "enp1s0"; tcp.ports = [ 9981 9982 ]; diff --git a/depot/hosts/samhain/nixos.nix b/depot/hosts/samhain/nixos.nix index 01ff3917..49a40ed3 100644 --- a/depot/hosts/samhain/nixos.nix +++ b/depot/hosts/samhain/nixos.nix @@ -135,7 +135,7 @@ in { # Firewall - kw.fw = { + network.firewall = { public.interfaces = singleton "br"; private = { interfaces = singleton "yggdrasil"; diff --git a/depot/hosts/yule/nixos.nix b/depot/hosts/yule/nixos.nix index 423c4a74..5af503ca 100644 --- a/depot/hosts/yule/nixos.nix +++ b/depot/hosts/yule/nixos.nix @@ -81,7 +81,7 @@ with lib; # Firewall - kw.fw = { + network.firewall = { public.interfaces = [ "enp1s0" "wlp2s0" ]; private.interfaces = singleton "yggdrasil"; }; diff --git a/depot/modules/nixos/firewall.nix b/depot/modules/nixos/firewall.nix index e172db8a..8cc7a6a6 100644 --- a/depot/modules/nixos/firewall.nix +++ b/depot/modules/nixos/firewall.nix @@ -2,10 +2,10 @@ with lib; -let cfg = config.kw.fw; +let cfg = config.network.firewall; in { - options.kw.fw = { + options.network.firewall = { public.tcp.ports = mkOption { type = types.listOf types.port; default = [ ]; diff --git a/depot/modules/nixos/nftables.nix b/depot/modules/nixos/nftables.nix index d30656c3..035d248d 100644 --- a/depot/modules/nixos/nftables.nix +++ b/depot/modules/nixos/nftables.nix @@ -2,7 +2,7 @@ let fwcfg = config.networking.firewall; - cfg = config.kw.nftables; + cfg = config.network.nftables; doDocker = config.virtualisation.docker.enable && cfg.generateDockerRules; @@ -82,7 +82,7 @@ let in { options = with lib; { - kw.nftables = { + network.nftables = { enable = mkEnableOption "nftables firewall"; extraConfig = mkOption { diff --git a/depot/profiles/base/net.nix b/depot/profiles/base/net.nix index bd170e63..82019926 100644 --- a/depot/profiles/base/net.nix +++ b/depot/profiles/base/net.nix @@ -1,5 +1,5 @@ { config, lib, ... }: { - kw.nftables.enable = lib.mkDefault true; + network.nftables.enable = lib.mkDefault true; } diff --git a/depot/profiles/base/ssh.nix b/depot/profiles/base/ssh.nix index bf962c28..64e65324 100644 --- a/depot/profiles/base/ssh.nix +++ b/depot/profiles/base/ssh.nix @@ -3,7 +3,7 @@ with lib; { - kw.fw = { + network.firewall = { public = { tcp.ports = singleton 62954; udp.ranges = [{ diff --git a/depot/profiles/gui/mpd.nix b/depot/profiles/gui/mpd.nix index 9c2afaa6..5cd4c3e7 100644 --- a/depot/profiles/gui/mpd.nix +++ b/depot/profiles/gui/mpd.nix @@ -3,7 +3,7 @@ with lib; { - kw.fw = { + network.firewall = { public.tcp.ports = [ 6600 32101 ]; private.tcp.ports = [ 6600 32101 ]; }; diff --git a/depot/services/asterisk/default.nix b/depot/services/asterisk/default.nix index e94b60db..ebd5cae7 100644 --- a/depot/services/asterisk/default.nix +++ b/depot/services/asterisk/default.nix @@ -5,15 +5,15 @@ with lib; { /* - kw.fw.public.tcp.ports = [ 5160 5060 ]; - kw.fw.public.udp.ports = [ 5160 5060 ]; + network.firewall.public.tcp.ports = [ 5160 5060 ]; + network.firewall.public.udp.ports = [ 5160 5060 ]; - kw.fw.public.tcp.ranges = [{ + network.firewall.public.tcp.ranges = [{ from = 10000; to = 20000; }]; - kw.fw.public.udp.ranges = [{ + network.firewall.public.udp.ranges = [{ from = 10000; to = 20000; }]; diff --git a/depot/services/jellyfin/default.nix b/depot/services/jellyfin/default.nix index acb1b18c..a823f288 100644 --- a/depot/services/jellyfin/default.nix +++ b/depot/services/jellyfin/default.nix @@ -15,7 +15,7 @@ }; }; - kw.fw = { + network.firewall = { public.tcp.ranges = [{ from = 32768; to = 60999; diff --git a/depot/services/kattv-ingest/default.nix b/depot/services/kattv-ingest/default.nix index 613d15df..9fa49690 100644 --- a/depot/services/kattv-ingest/default.nix +++ b/depot/services/kattv-ingest/default.nix @@ -110,7 +110,7 @@ in { } ''; - kw.fw = { + network.firewall = { private.tcp.ports = singleton 1935; public.tcp.ports = [ 4953 1935 ]; }; diff --git a/depot/services/loki/default.nix b/depot/services/loki/default.nix index 263459f8..1bcb6f51 100644 --- a/depot/services/loki/default.nix +++ b/depot/services/loki/default.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: { - #kw.fw.private.tcp.ports = [ 3100 ]; + #network.firewall.private.tcp.ports = [ 3100 ]; services.loki = { enable = false; configuration = { diff --git a/depot/services/murmur/default.nix b/depot/services/murmur/default.nix index aef83a6d..8ac103af 100644 --- a/depot/services/murmur/default.nix +++ b/depot/services/murmur/default.nix @@ -3,7 +3,7 @@ with lib; { - kw.fw = { + network.firewall = { public = { tcp.ports = singleton 64738; udp.ports = singleton 64738; diff --git a/depot/services/netdata/default.nix b/depot/services/netdata/default.nix index 0375ba1f..9d8b8c90 100644 --- a/depot/services/netdata/default.nix +++ b/depot/services/netdata/default.nix @@ -1,7 +1,7 @@ { config, kw, ... }: { - kw.fw.private.tcp.ports = [ 19999 ]; + network.firewall.private.tcp.ports = [ 19999 ]; services.netdata = { enable = true; }; diff --git a/depot/services/nfs/default.nix b/depot/services/nfs/default.nix index 80c0a693..84890b94 100644 --- a/depot/services/nfs/default.nix +++ b/depot/services/nfs/default.nix @@ -1,7 +1,7 @@ { config, lib, kw, ... }: { - kw.fw = { + network.firewall = { private.tcp.ports = [ 111 2049 ]; public.tcp.ports = [ 111 2049 ]; }; diff --git a/depot/services/nginx/default.nix b/depot/services/nginx/default.nix index b1fd749c..64c50c8b 100644 --- a/depot/services/nginx/default.nix +++ b/depot/services/nginx/default.nix @@ -12,7 +12,7 @@ with lib; ''; }; - kw.fw = { + network.firewall = { public.tcp.ports = [ 443 80 ]; private.tcp.ports = [ 443 80 ]; }; diff --git a/depot/services/node-exporter/default.nix b/depot/services/node-exporter/default.nix index def379e0..d03264a4 100644 --- a/depot/services/node-exporter/default.nix +++ b/depot/services/node-exporter/default.nix @@ -1,7 +1,7 @@ { config, ... }: { - kw.fw.private.tcp.ports = [ 9002 ]; + network.firewall.private.tcp.ports = [ 9002 ]; services.prometheus = { exporters = { diff --git a/depot/services/syncplay/default.nix b/depot/services/syncplay/default.nix index f0f4a689..6f04c670 100644 --- a/depot/services/syncplay/default.nix +++ b/depot/services/syncplay/default.nix @@ -21,7 +21,7 @@ with lib; }; }; - kw.fw.public.tcp.ports = singleton 8999; + network.firewall.public.tcp.ports = singleton 8999; services.nginx.virtualHosts."sync.${config.network.dns.domain}" = { enableACME = true; diff --git a/depot/services/taskserver/default.nix b/depot/services/taskserver/default.nix index 7db0c863..68b9604c 100644 --- a/depot/services/taskserver/default.nix +++ b/depot/services/taskserver/default.nix @@ -3,7 +3,7 @@ with lib; { - kw.fw.public.tcp.ports = singleton 53589; + network.firewall.public.tcp.ports = singleton 53589; services.taskserver = { enable = true; diff --git a/depot/services/tvheadend/default.nix b/depot/services/tvheadend/default.nix index 3cda2d3f..6be77160 100644 --- a/depot/services/tvheadend/default.nix +++ b/depot/services/tvheadend/default.nix @@ -5,7 +5,7 @@ services.tvheadend.enable = true; systemd.services.tvheadend.enable = lib.mkForce false; - kw.fw.public = { + network.firewall.public = { tcp.ports = [ 9981 9982 ]; }; diff --git a/depot/services/xmpp/default.nix b/depot/services/xmpp/default.nix index 3cb07323..9e3e1379 100644 --- a/depot/services/xmpp/default.nix +++ b/depot/services/xmpp/default.nix @@ -3,7 +3,7 @@ with lib; { - kw.fw.public.tcp.ports = [ 5000 5222 5223 5269 580 5281 5347 5582 ]; + network.firewall.public.tcp.ports = [ 5000 5222 5223 5269 580 5281 5347 5582 ]; services.postgresql = { ensureDatabases = [ "prosody" ]; diff --git a/pkgs/lib/color-helpers.nix b/lib/color-helpers.nix similarity index 100% rename from pkgs/lib/color-helpers.nix rename to lib/color-helpers.nix diff --git a/pkgs/lib/default.nix b/lib/default.nix similarity index 95% rename from pkgs/lib/default.nix rename to lib/default.nix index ef87d0e9..b8b3c589 100644 --- a/pkgs/lib/default.nix +++ b/lib/default.nix @@ -7,7 +7,7 @@ , isOverlayLib ? false }@args: let colorHelpers = import ./color-helpers.nix { inherit lib; }; - lib = before // katlib // self; + lib = before // katlib // self; katlib = with before; with katlib; with self; { inherit (colorHelpers) hextorgba; diff --git a/pkgs/lib/domain-merge.nix b/lib/domain-merge.nix similarity index 81% rename from pkgs/lib/domain-merge.nix rename to lib/domain-merge.nix index af6e5512..f3bed75c 100644 --- a/pkgs/lib/domain-merge.nix +++ b/lib/domain-merge.nix @@ -1,4 +1,4 @@ -{ lib }: { folder, defaultFile ? "default.nix", folderPaths ? [ (../../depot + "/${folder}") (../../depot/trusted + "/${folder}") ] }: with lib; let +{ lib }: { folder, defaultFile ? "default.nix", folderPaths ? [ (../depot + "/${folder}") (../depot/trusted + "/${folder}") ] }: with lib; let defaultFileFinal = if (defaultFile == "default.nix" && folder == "hosts") then "meta.nix" else defaultFile; diff --git a/pkgs/lib/folder-list.nix b/lib/folder-list.nix similarity index 100% rename from pkgs/lib/folder-list.nix rename to lib/folder-list.nix diff --git a/pkgs/lib/host-import.nix b/lib/host-import.nix similarity index 55% rename from pkgs/lib/host-import.nix rename to lib/host-import.nix index 1317bdf5..7f095424 100644 --- a/pkgs/lib/host-import.nix +++ b/lib/host-import.nix @@ -1,12 +1,12 @@ { lib }: { hostName, profiles }: with lib; filter builtins.pathExists [ - (../../depot/hosts + "/${hostName}/nixos.nix") - (../../depot/trusted/hosts + "/${hostName}/nixos.nix") + (../depot/hosts + "/${hostName}/nixos.nix") + (../depot/trusted/hosts + "/${hostName}/nixos.nix") ] ++ (if builtins.isAttrs profiles.base then profiles.base.imports else singleton profiles.base) ++ singleton { home-manager.users.kat = { imports = filter builtins.pathExists [ - (../../depot/hosts + "/${hostName}/home.nix") - (../../depot/trusted/hosts + "/${hostName}/home.nix") + (../depot/hosts + "/${hostName}/home.nix") + (../depot/trusted/hosts + "/${hostName}/home.nix") ]; }; } diff --git a/pkgs/lib/intersect-merge.nix b/lib/intersect-merge.nix similarity index 100% rename from pkgs/lib/intersect-merge.nix rename to lib/intersect-merge.nix diff --git a/pkgs/lib/module-list.nix b/lib/module-list.nix similarity index 100% rename from pkgs/lib/module-list.nix rename to lib/module-list.nix diff --git a/pkgs/lib/virtual-host-gen.nix b/lib/virtual-host-gen.nix similarity index 100% rename from pkgs/lib/virtual-host-gen.nix rename to lib/virtual-host-gen.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index c3aa26d7..ab29d90b 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -2,7 +2,7 @@ let liboverlay = self: super: { - lib = super.lib.extend (self: super: import ./lib + lib = super.lib.extend (self: super: import ../lib { inherit super; lib = self;