push

2026-02-24 11:17:37 -06:00
parent ca84fd5165
commit 6b5e71dd6c
6 changed files with 51 additions and 111 deletions
--- a/modules/hosts/box/box.nix
+++ b/modules/hosts/box/box.nix
@@ -21,14 +21,13 @@
      openssh
      gitea
-
+      (tunnel 3001 "tvtun")
-      (den.provides.cloudflared-tunnel "tvtun"   3001)
+      (tunnel 8888 "search")
-      (den.provides.cloudflared-tunnel "search"  8888)
+      (tunnel 3210 "files")
-      (den.provides.cloudflared-tunnel "files"   3210)
+      (tunnel 3030 "tube")
-      (den.provides.cloudflared-tunnel "tube"    3030)
+      (tunnel 8975 "reddit")
-      (den.provides.cloudflared-tunnel "monitor" 61208)
+      (tunnel 3002 "git")
-      (den.provides.cloudflared-tunnel "reddit"  8975)
+      (tunnel 61208 "monitor")
      (den.provides.cloudflared-tunnel "git"     3000)
    ];
    nixos = {
--- a/modules/hosts/laptop/laptop.nix
+++ b/modules/hosts/laptop/laptop.nix
@@ -1,28 +1,28 @@
 { den, ... }: {
  den.aspects.laptop = {
-    includes = [
+    includes = with den.aspects; [
      den.default
-      <amdgpu>
+      den.aspects.amdgpu
-      <cosmic>
+      cosmic
-      <firefox>
+      firefox
-      <audio>
+      audio
      den.provides.home-manager
-      <stylix>
+      stylix
-      <syncthing>
+      syncthing
-      <swap>
+      swap
-      <cloudflare-warp>
+      cloudflare-warp
-      <packages>
+      packages
-      <development>
+      development
-      <cad>
+      cad
-      <mpd>
+      mpd
-      <virtualisation>
+      virtualisation
-      <flatpak>
+      flatpak
-      <fish>
+      fish
-      <dns>
+      dns
-      <openssh>
+      openssh
-      <beets>
+      beets
    ];
    nixos = {
@@ -32,6 +32,8 @@
        HandleLidSwitch = "ignore";
        HandleLidSwitchDocked = "ignore";
      };
      users.users.bug.extraGroups = [ "networkmanager" "wheel" "audio" "video" "libvirtd" "ydotool" "dialout" ];
    };
  };
 }
--- a/modules/infra/cloudflare-tunnel.nix
+++ b/modules/infra/cloudflare-tunnel.nix
@@ -1,55 +0,0 @@
 # cloudflared/battery.nix
 { den, ... }:
 let
  description = ''
    Configures a Cloudflare tunnel ingress rule for a given subdomain and port.
    Assumes the tunnel UUID and credentials are fixed for this machine.
    Usage:
      den.aspects.bug.includes = [
        (den.provides.cloudflared-tunnel "search" 8888)
        (den.provides.cloudflared-tunnel "tube"   3030)
        (den.provides.cloudflared-tunnel "git"    3000)
      ];
    Each call adds one ingress entry: <subdomain>.bug.tools -> http://127.0.0.1:<port>
    The base tunnel setup (enable, credentials, default) is included every time
    and merges safely via the NixOS module system.
  '';
  TUNNEL_UUID = "4118935e-359b-4dd2-95bd-eb27f7b0c5bb";
  DOMAIN      = "bug.tools";
  CREDS_PATH  = "/home/bug/.cloudflared/${TUNNEL_UUID}.json";
  tunnelNixos = subdomain: port: { pkgs, ... }: {
    environment.systemPackages = [ pkgs.cloudflared ];
    environment.etc."cloudflared/${TUNNEL_UUID}.json".source = CREDS_PATH;
    services.cloudflared = {
      enable = true;
      tunnels.${TUNNEL_UUID} = {
        credentialsFile = "/etc/cloudflared/${TUNNEL_UUID}.json";
        default = "http_status:404";
        ingress = {
          "${subdomain}.${DOMAIN}" = "http://127.0.0.1:${toString port}";
        };
      };
    };
  };
 in
 {
  den.provides.cloudflared-tunnel =
    subdomain: port:
    den.lib.parametric {
      inherit description;
      includes = [
        (_: { nixos = tunnelNixos subdomain port; })
      ];
    };
 }
--- a/modules/infra/cloudflared.nix
+++ b/modules/infra/cloudflared.nix
@@ -1,36 +1,30 @@
-/*
+{ den, ... }: let
-{
+  tunnel_uuid = "4118935e-359b-4dd2-95bd-eb27f7b0c5bb";
-  den.aspects.cloudflared = {
+  domain = "bug.tools";
-    nixos = { pkgs, ...}: let
+  creds  = "/home/bug/.cloudflared/${tunnel_uuid}.json";
-      TUNNEL_UUID = "4118935e-359b-4dd2-95bd-eb27f7b0c5bb";
+
-    in {
+  tunnel = port: subdomain: { pkgs, ... }: {
    environment.systemPackages = [ pkgs.cloudflared ];
-      environment.etc."cloudflared/${TUNNEL_UUID}.json".source = "/home/bug/.cloudflared/${TUNNEL_UUID}.json";
+    environment.etc."cloudflared/${tunnel_uuid}.json".source = creds;
    services.cloudflared = {
      enable = true;
-        tunnels."${TUNNEL_UUID}" = {
+      tunnels.${tunnel_uuid} = {
-          credentialsFile = "/etc/cloudflared/${TUNNEL_UUID}.json";
+        credentialsFile = "/etc/cloudflared/${tunnel_uuid}.json";
        default = "http_status:404";
        ingress = {
-            "tvtun.bug.tools" = "http://127.0.0.1:3001";
+          "${subdomain}.${domain}" = "http://127.0.0.1:${toString port}";
            "search.bug.tools" = "http://127.0.0.1:8888";
            "files.bug.tools" = "http://127.0.0.1:3210";
            "tube.bug.tools" = "http://127.0.0.1:3030";
            "monitor.bug.tools" = "http://127.0.0.1:61208";
            "reddit.bug.tools" = "http://127.0.0.1:8975";
            #"matrix.bug.tools" = "http://127.0.0.1:8008";
            #"bug.tools" = "http://127.0.0.1:8080";
            "git.bug.tools" = "http://127.0.0.1:3000";
        };
      };
    };
  };
 in {
  den.aspects.tunnel = port: subdomain: den.lib.parametric {
    includes = [
      (_: { nixos = tunnel port subdomain; })
    ];
  };
 }
 */
 {}
--- a/modules/services/glances.nix
+++ b/modules/services/glances.nix
@@ -1,4 +1,4 @@
-{
+{ den, ...}: {
  den.aspects.glances = {
    nixos = { pkgs, ... }: {
      environment.systemPackages = [ pkgs.glances ];
--- a/modules/services/mailserver.nix
+++ b/modules/services/mailserver.nix
@@ -2,7 +2,7 @@
  den.aspects.mailserver = {
    nixos = {
      imports = [
-        (builtins.fetchTarball {
+        (fetchTarball {
          url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/master.tar.gz";
          sha256 = "0rm5f749xakmkqrpkl5ay1pydbnlinr50pvwg1vm795js2infmj5";
        })