diff --git a/README.md b/README.md
index 2ade3085..a6236a86 100644
--- a/README.md
+++ b/README.md
@@ -9,6 +9,8 @@ These are the NixOS configurations for my systems. I run nothing other than NixO
* [Nodes](#nodes)
* [Profiles](#profiles)
* [User Profiles](#user-profiles)
+* [Services](#services)
+* [Modules](#modules)
* [CI](#ci)
* [Dependencies](#dependencies)
* [Commands](#commands)
@@ -45,6 +47,57 @@ These are the NixOS configurations for my systems. I run nothing other than NixO
| [services](config/users/kat/services) | User services. weechat and mpd are provided. |
| [sway](config/users/kat/sway) | sway, i3gopher, swayidle, swaylock-effects, screenshot tool, [kittywitch/konawall-rs](https://github.com/kittywitch/konawall-rs), mako, wofi, waybar and xkb (custom layout o:) configuration. |
+## Services
+
+| Service | Description |
+| --- | --- |
+| [filehost](config/services/filehost/default.nix) | I sling things in here via SSH/SCP. |
+| [fusionpbx](config/services/fusionpbx/default.nix) | FusionPBX. Fancy PBX. |
+| [gitea](config/services/gitea/default.nix) | Self-hosted git with mail support. |
+| [jellyfin](config/services/jellyfin/default.nix) | HTPC/NAS stuff. |
+| [katsplash](config/services/katsplash/default.nix) | A splash screen for some hosts. |
+| [kattv-ingest](config/services/kattv-ingest/default.nix) | Takes data from kattv, slings to RTMP. |
+| [kattv](config/services/kattv/default.nix) | Takes data from a webcam, slings to kattv-ingest. |
+| [logrotate](config/services/logrotate/default.nix) | Rotates logs! |
+| [mail](config/services/mail/default.nix) | [nixos-mailserver](https://gitlab.com/simple-nixos-mailserver/nixos-mailserver). |
+| [matrix](config/services/matrix/default.nix) | Synapse and some appservices. Need to migrate the appservice configs in. |
+| [murmur](config/services/murmur/default.nix) | Mumble! |
+| [nfs](config/services/nfs/default.nix) | Network filesy stuff. |
+| [nginx](config/services/nginx/default.nix) | Our NGINX preset configs. |
+| [postgres](config/services/postgres/default.nix) | Database of choice. |
+| [radicale](config/services/radicale/default.nix) | CalDAV, integrated with the mail service. |
+| [restic](config/services/restic/default.nix) | Backups! |
+| [syncplay](config/services/syncplay/default.nix) | Watching videos with friends and lovers. Usually, lovers. |
+| [taskserver](config/services/taskserver/default.nix) | Taskwarrior server. |
+| [transmission](config/services/transmission/default.nix) | Linux distros, I swear. |
+| [tvheadend](config/services/tvheadend/default.nix) | DVB-T ingest for Jellyfin and so on! |
+| [vaultwarden](config/services/vaultwarden/default.nix) | Passwords! |
+| [website](config/services/website/default.nix) | Our personal website. |
+| [xmpp](config/services/xmpp/default.nix) | Prosody. |
+| [zfs](config/services/zfs/default.nix) | ZFS snapshot settings. |
+| [znc](config/services/znc/default.nix) | IRC bouncer! |
+
+## Modules
+
+This list will include the modules provided by [kittywitch/nixexprs](https://github.com/kittywitch/nixexprs) as "katexprs".
+
+| Module | Domain | Description |
+| --- | --- | --- |
+| [arcnmx/nixexprs](https://github.com/arcnmx/nixexprs) | NixOS + home-manager | We use... a lot of these. Syncplay, modprobe, base16, i3gopher, weechat, konawall, shell and probably more. |
+| [arcnmx/tf-nix](https://github.com/arcnmx/tf-nix) | Meta + NixOS + home-manager | Deployment, secrets and terraform. |
+| [nix-community/impermanence](https://github.com/nix-community/impermanence) | NixOS + home-manager | Erase your darlings. |
+| katexprs/nftables | NixOS | Uses nftables for the NixOS firewall module. |
+| katexprs/firewall | NixOS + home-manager | Per-"domain" (private, public) -> interface abstractions for the firewall. Easier to remember. |
+| katexprs/network (WIP) | NixOS + home-manager | Network abstractions. Handles DNS + certs, among virtualHosts. |
+| katexprs/fusionpbx (WIP) | NixOS | FusionPBX. |
+| nixfiles/secrets | Meta + NixOS + home-manager | Helper for tf-nix's secrets. |
+| nixfiles/deploy | Meta + NixOS + home-manager | tf-nix deployment integration |
+| nixfiles/network | Meta | Enables node to host config assignment & NixOS module. |
+| nixfiles/dyndns | NixOS | Dynamic DNS using [glauca.digital](https://glauca.digital). |
+| nixfiles/monitoring | NixOS | Grafana, Prometheus, Loki, node-exporter, netdata, promtail, ... |
+| nixfiles/theme | home-manager | Abstractions for themes. SASS templating. |
+| hexchen/yggdrasil | NixOS | Yggdrasil ease of use module. |
+
## CI
CI for this repository uses [arcnmx/ci](https://github.com/arcnmx/ci) and aims to achieve two goals:
diff --git a/config/hosts/athame/nixos.nix b/config/hosts/athame/nixos.nix
index 020fdf7e..2d84b281 100644
--- a/config/hosts/athame/nixos.nix
+++ b/config/hosts/athame/nixos.nix
@@ -33,6 +33,15 @@ with lib;
server.enable = true;
};
+ services.prometheus = {
+ scrapeConfigs = [
+ {
+ job_name = "boline";
+ static_configs = [{ targets = [ "boline.${config.network.addresses.yggdrasil.prefix}.${config.network.dns.domain}:8002" ]; }];
+ }
+ ];
+ };
+
# Terraform
deploy.tf = {
diff --git a/config/modules/home/default.nix b/config/modules/home/default.nix
index 77c21975..88269feb 100644
--- a/config/modules/home/default.nix
+++ b/config/modules/home/default.nix
@@ -6,8 +6,6 @@
(import (sources.arcexprs + "/modules")).home-manager
(import (sources.katexprs + "/modules")).home
(import (sources.impermanence + "/home-manager.nix"))
- ./vim.nix
- ./fvwm.nix
./deploy.nix
./theme.nix
./secrets.nix
diff --git a/config/modules/home/fvwm.nix b/config/modules/home/fvwm.nix
deleted file mode 100644
index 4c60ecef..00000000
--- a/config/modules/home/fvwm.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{ config, lib, ... }:
-
-with lib;
-
-{
- options.programs.fvwm = {
- enable = mkEnableOption "Enable FVWM";
- };
-}
diff --git a/config/modules/home/vim.nix b/config/modules/home/vim.nix
deleted file mode 100644
index 2bf91da5..00000000
--- a/config/modules/home/vim.nix
+++ /dev/null
@@ -1,201 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-/*
- This module:
- * is from an unmerged PR from home-manager.
-
- See: https://github.com/nix-community/home-manager/pull/1745
-*/
-
-with lib;
-
-let
-
- cfg = config.programs.vim;
- defaultPlugins = [ pkgs.vimPlugins.vim-sensible ];
-
- knownSettings = {
- background = types.enum [ "dark" "light" ];
- backupdir = types.listOf types.str;
- copyindent = types.bool;
- directory = types.listOf types.str;
- expandtab = types.bool;
- hidden = types.bool;
- history = types.int;
- ignorecase = types.bool;
- modeline = types.bool;
- mouse = types.enum [ "n" "v" "i" "c" "h" "a" "r" ];
- mousefocus = types.bool;
- mousehide = types.bool;
- mousemodel = types.enum [ "extend" "popup" "popup_setpos" ];
- number = types.bool;
- relativenumber = types.bool;
- shiftwidth = types.int;
- smartcase = types.bool;
- tabstop = types.int;
- undodir = types.listOf types.str;
- undofile = types.bool;
- };
-
- vimSettingsType = types.submodule {
- options =
- let
- opt = name: type:
- mkOption {
- type = types.nullOr type;
- default = null;
- visible = false;
- };
- in
- mapAttrs opt knownSettings;
- };
-
- setExpr = name: value:
- let
- v =
- if isBool value then
- (if value then "" else "no") + name
- else
- "${name}=${
- if isList value then concatStringsSep "," value else toString value
- }";
- in
- optionalString (value != null) ("set " + v);
-
- plugins =
- let
- vpkgs = pkgs.vimPlugins;
- getPkg = p:
- if isDerivation p then
- [ p ]
- else
- optional (isString p && hasAttr p vpkgs) vpkgs.${p};
- in
- concatMap getPkg cfg.plugins;
-
-in
-{
- options = {
- programs.vim = {
- enable = mkEnableOption "Vim";
-
- package = mkOption {
- type = types.package;
- default = pkgs.vim_configurable;
- defaultText = literalExample "pkgs.vim_configurable";
- description = "The package to use for the vim binary.";
- };
-
- finalPackage = mkOption {
- type = types.package;
- visible = false;
- readOnly = true;
- description = "Resulting customized vim package.";
- };
-
- plugins = mkOption {
- type = with types; listOf (either str package);
- default = defaultPlugins;
- example = literalExample "[ pkgs.vimPlugins.YankRing ]";
- description = ''
- List of vim plugins to install. To get a list of supported plugins run:
- nix-env -f '<nixpkgs>' -qaP -A vimPlugins.
-
-
-
- Note: String values are deprecated, please use actual packages.
- '';
- };
-
- settings = mkOption {
- type = vimSettingsType;
- default = { };
- example = literalExample ''
- {
- expandtab = true;
- history = 1000;
- background = "dark";
- }
- '';
- description = ''
- At attribute set of Vim settings. The attribute names and
- corresponding values must be among the following supported
- options.
-
-
- ${concatStringsSep "\n" (mapAttrsToList (n: v: ''
-
- ${n}
- ${v.description}
-
- '') knownSettings)}
-
-
- See the Vim documentation for detailed descriptions of these
- options. Note, use extraConfig to
- manually set any options not listed above.
- '';
- };
-
- extraConfig = mkOption {
- type = types.lines;
- default = "";
- example = ''
- set nocompatible
- set nobackup
- '';
- description = "Custom .vimrc lines";
- };
-
- };
- };
-
- config = (
- let
- customRC = ''
- ${concatStringsSep "\n" (filter (v: v != "") (mapAttrsToList setExpr
- (builtins.intersectAttrs knownSettings cfg.settings)))}
-
- ${cfg.extraConfig}
- '';
-
- vim = cfg.package.customize {
- name = "vim";
- vimrcConfig = {
- inherit customRC;
-
- packages.home-manager.start = plugins;
- };
- };
- in
- mkIf cfg.enable {
- assertions =
- let
- packagesNotFound =
- filter (p: isString p && (!hasAttr p pkgs.vimPlugins)) cfg.plugins;
- in
- [{
- assertion = packagesNotFound == [ ];
- message = "Following VIM plugin not found in pkgs.vimPlugins: ${
- concatMapStringsSep ", " (p: ''"${p}"'') packagesNotFound
- }";
- }];
-
- warnings =
- let stringPlugins = filter isString cfg.plugins;
- in
- optional (stringPlugins != [ ]) ''
- Specifying VIM plugins using strings is deprecated, found ${
- concatMapStringsSep ", " (p: ''"${p}"'') stringPlugins
- } as strings.
- '';
-
- home.packages = [ cfg.finalPackage ];
-
- programs.vim = {
- finalPackage = vim;
- plugins = defaultPlugins;
- };
- }
- );
-}
diff --git a/config/modules/nixos/monitoring.nix b/config/modules/nixos/monitoring.nix
index 9b888cec..a540ae1f 100644
--- a/config/modules/nixos/monitoring.nix
+++ b/config/modules/nixos/monitoring.nix
@@ -27,7 +27,7 @@ in
};
config = mkMerge [
({
- kw.monitoring.server.domainPrefix = ".${config.network.addresses.yggdrasil.prefix}.${config.network.dns.domain}:19999";
+ kw.monitoring.server.domainPrefix = ".${config.network.addresses.yggdrasil.prefix}.${config.network.dns.domain}";
})
(mkIf cfg.server.loki {
network.firewall.private.tcp.ports = [ 3100 ];
@@ -89,7 +89,7 @@ in
};
})
(mkIf cfg.server.enable {
- network.firewall.private.tcp.ports = [ 9002 ];
+ network.firewall.private.tcp.ports = [ 9090 ];
kw.secrets = [
"grafana-admin-pass"
@@ -145,20 +145,20 @@ in
metrics_path = "/api/v1/allmetrics";
honor_labels = true;
params = { format = [ "prometheus" ]; };
- static_configs = singleton { targets = singleton "${hostName}.${cfg.server.domainPrefix}:19999"; };
+ static_configs = singleton { targets = singleton "${hostName}${cfg.server.domainPrefix}:19999"; };
})
nd_configs ++ mapAttrsToList
(hostName: prom: {
job_name = hostName;
static_configs = singleton {
- targets = [ "${hostName}.${cfg.server.domainPrefix}:${toString prom.port}" ];
+ targets = [ "${hostName}${cfg.server.domainPrefix}:${toString prom.port}" ];
};
})
prom_configs;
};
})
(mkIf cfg.client.enable {
- network.firewall.private.tcp.ports = [ 19999 ];
+ network.firewall.private.tcp.ports = [ 19999 9002 ];
services.netdata.enable = true;
diff --git a/config/services/loki/default.nix b/config/services/loki/default.nix
deleted file mode 100644
index 1bcb6f51..00000000
--- a/config/services/loki/default.nix
+++ /dev/null
@@ -1,62 +0,0 @@
-{ config, pkgs, ... }:
-
-{
- #network.firewall.private.tcp.ports = [ 3100 ];
- services.loki = {
- enable = false;
- configuration = {
- auth_enabled = false;
- chunk_store_config = { max_look_back_period = "0s"; };
- ingester = {
- chunk_idle_period = "1h";
- chunk_retain_period = "30s";
- chunk_target_size = 1048576;
- lifecycler = {
- address = "0.0.0.0";
- final_sleep = "0s";
- ring = {
- kvstore = { store = "inmemory"; };
- replication_factor = 1;
- };
- };
- max_chunk_age = "1h";
- max_transfer_retries = 0;
- };
- limits_config = {
- reject_old_samples = true;
- reject_old_samples_max_age = "168h";
- };
- schema_config = {
- configs = [{
- from = "2020-10-24";
- index = {
- period = "24h";
- prefix = "index_";
- };
- object_store = "filesystem";
- schema = "v11";
- store = "boltdb-shipper";
- }];
- };
- compactor = {
- working_directory = "/tmp/loki-compactor-boltdb";
- shared_store = "filesystem";
- };
- server = { http_listen_port = 3100; };
- storage_config = {
- boltdb_shipper = {
- active_index_directory = "/var/lib/loki/boltdb-shipper-active";
- cache_location = "/var/lib/loki/boltdb-shipper-cache";
- cache_ttl = "24h";
- shared_store = "filesystem";
- };
- filesystem = { directory = "/var/lib/loki/chunks"; };
- };
- table_manager = {
- retention_deletes_enabled = false;
- retention_period = "0s";
- };
- };
- };
-
-}