refactor(mosquitto): move to utsuho

2026-02-09 12:29:19 -08:00 · 2024-03-25 11:15:56 -07:00 · 2024-03-25 11:15:56 -07:00 · d6b8883c24
commit d6b8883c24
parent 5658105812
15 changed files with 218 additions and 95 deletions
--- a/modules/nixos/home-assistant.nix
+++ b/modules/nixos/home-assistant.nix
@ -76,7 +76,10 @@ in {
    in
      mkIf cfg.enable {
        interfaces.local = {
-          allowedTCPPorts = mkIf (!cfg.homekit.openFirewall) homekitTcp;
+          allowedTCPPorts = mkMerge [
+            (mkIf (!cfg.homekit.openFirewall) homekitTcp)
+            (mkIf (!cfg.openFirewall) [ cfg.config.http.server_port ])
+          ];
          allowedUDPPortRanges = mkIf (!cfg.cast.openFirewall) castUdpRanges;
        };
        allowedTCPPorts = mkIf cfg.homekit.openFirewall homekitTcp;
--- a/modules/nixos/shared.nix
+++ b/modules/nixos/shared.nix
@ -0,0 +1,98 @@
+{ config, lib, utils, ... }: let
+  inherit (lib.options) mkOption;
+  inherit (lib.modules) mkIf mkMerge mkOptionDefault;
+  inherit (lib.attrsets) mapAttrsToList;
+  inherit (lib.lists) head;
+  inherit (lib.strings) splitString;
+  inherit (utils) escapeSystemdPath;
+  mountModule = { config, name, ... }: {
+    options = with lib.types; {
+      source = mkOption {
+        type = path;
+        default = "${config.rootDir}/${config.subpath}";
+      };
+      path = mkOption {
+        type = path;
+      };
+      subpath = mkOption {
+        type = str;
+        default = name;
+      };
+      root = mkOption {
+        type = path;
+        default = "${config.rootDir}/${head (splitString "/" config.subpath)}";
+      };
+      mountUnit = mkOption {
+        type = nullOr str;
+        default = "${escapeSystemdPath config.root}.mount";
+      };
+      rootDir = mkOption {
+        type = path;
+        internal = true;
+      };
+    };
+  };
+  mkMountType' = { rootDir, specialArgs, modules ? [ ] }: let
+    rootDirModule = { ... }: {
+      config.rootDir = mkOptionDefault rootDir;
+    };
+  in lib.types.submoduleWith {
+    modules = [ mountModule rootDirModule ] ++ modules;
+    inherit specialArgs;
+  };
+  mkMountType = args: with lib.types; coercedTo path (path: { path = mkOptionDefault path; }) (mkMountType' args);
+  serviceModule = { config, nixosConfig, ... }: let
+    cfg = config.gensokyo-zone;
+    mapSharedMounts = f: mapAttrsToList (_: target:
+      f target
+    ) cfg.sharedMounts;
+    mapCacheMounts = f: mapAttrsToList (_: target:
+      f target
+    ) cfg.cacheMounts;
+    mkRequire = mount: mount.mountUnit;
+    mkBindPath = mount: "${mount.source}:${mount.path}";
+    specialArgs = {
+      service = config;
+      inherit nixosConfig;
+    };
+    mountUnits = mkMerge [
+      (mkIf (cfg.sharedMounts != { }) (mapSharedMounts mkRequire))
+      (mkIf (cfg.cacheMounts != { }) (mapCacheMounts mkRequire))
+    ];
+  in {
+    options.gensokyo-zone = with lib.types; {
+      sharedMounts = mkOption {
+        type = attrsOf (mkMountType { rootDir = "/mnt/shared"; inherit specialArgs; });
+        default = { };
+      };
+      cacheMounts = mkOption {
+        type = attrsOf (mkMountType { rootDir = "/mnt/caches"; inherit specialArgs; });
+        default = { };
+      };
+    };
+    config = {
+      requires = mountUnits;
+      after = mountUnits;
+      serviceConfig = mkMerge [
+        (mkIf (cfg.sharedMounts != { }) {
+          BindPaths = mapSharedMounts mkBindPath;
+        })
+        (mkIf (cfg.cacheMounts != { }) {
+          BindPaths = mapCacheMounts mkBindPath;
+        })
+      ];
+    };
+  };
+in {
+  options = with lib.types; {
+    systemd.services = mkOption {
+      type = attrsOf (submoduleWith {
+        modules = [ serviceModule ];
+        shorthandOnlyDefinesConfig = true;
+        specialArgs = {
+          nixosConfig = config;
+        };
+      });
+    };
+  };
+}