From c10eca565ff6fdb27a72af6f2539a01c1b675a14 Mon Sep 17 00:00:00 2001 From: 4DBug <4DBug@github.com> Date: Tue, 3 Mar 2026 17:05:04 -0600 Subject: [PATCH] ports test --- .stfolder/syncthing-folder-a0745f.txt | 2 +- modules/core/desktop/dms.nix | 3 ++ modules/core/desktop/noctalia.nix | 3 ++ modules/hosts/box/box.nix | 14 ++--- modules/infra/cloudflared.nix | 48 +++++++++--------- modules/services/copyparty.nix | 10 ++-- modules/services/gitea/gitea.nix | 6 ++- modules/services/glances.nix | 6 ++- modules/services/invidious.nix | 9 ++-- modules/services/matrix.nix | 5 +- modules/services/portmap.nix | 1 - modules/services/ports.nix | 7 +++ modules/services/redlib.nix | 6 ++- modules/services/searxng/searxng.nix | 6 ++- modules/software/janitor/janitor.nix | 4 +- .../software/music/.syncthing.music.nix.tmp | Bin 0 -> 124 bytes portmap.nix | 10 ++++ 17 files changed, 85 insertions(+), 55 deletions(-) create mode 100644 modules/core/desktop/dms.nix create mode 100644 modules/core/desktop/noctalia.nix delete mode 100644 modules/services/portmap.nix create mode 100644 modules/services/ports.nix create mode 100644 modules/software/music/.syncthing.music.nix.tmp create mode 100644 portmap.nix diff --git a/.stfolder/syncthing-folder-a0745f.txt b/.stfolder/syncthing-folder-a0745f.txt index 2f6a7df..b3ae570 100644 --- a/.stfolder/syncthing-folder-a0745f.txt +++ b/.stfolder/syncthing-folder-a0745f.txt @@ -2,4 +2,4 @@ # Do not delete. folderID: nix -created: 2026-01-29T23:06:32-06:00 +created: 2026-01-29T23:05:44-06:00 diff --git a/modules/core/desktop/dms.nix b/modules/core/desktop/dms.nix new file mode 100644 index 0000000..0db3279 --- /dev/null +++ b/modules/core/desktop/dms.nix @@ -0,0 +1,3 @@ +{ + +} diff --git a/modules/core/desktop/noctalia.nix b/modules/core/desktop/noctalia.nix new file mode 100644 index 0000000..0db3279 --- /dev/null +++ b/modules/core/desktop/noctalia.nix @@ -0,0 +1,3 @@ +{ + +} diff --git a/modules/hosts/box/box.nix b/modules/hosts/box/box.nix index fa13443..a6761f5 100644 --- a/modules/hosts/box/box.nix +++ b/modules/hosts/box/box.nix @@ -1,4 +1,3 @@ - { den, ... }: { den.aspects.box = { includes = with den.aspects; [ @@ -8,13 +7,14 @@ dns openssh - # cloudflared + cloudflared syncthing catppuccin fish + portmap searxng copyparty glances @@ -25,19 +25,13 @@ # sish vscode-server gitea - - (tunnel 3001 "tvtun") - (tunnel 8888 "search") - (tunnel 3210 "files") - (tunnel 3030 "tube") - (tunnel 8975 "reddit") - (tunnel 3002 "git") - (tunnel 61208 "monitor") ]; nixos = { networking.hostName = "box"; + # den.tunnels = [ "tvtun" ]; + users.users.levi = { isNormalUser = true; description = "levi"; diff --git a/modules/infra/cloudflared.nix b/modules/infra/cloudflared.nix index f206965..20e2b4c 100644 --- a/modules/infra/cloudflared.nix +++ b/modules/infra/cloudflared.nix @@ -1,32 +1,34 @@ -{ den, ... }: let - tunnel_uuid = "4118935e-359b-4dd2-95bd-eb27f7b0c5bb"; +let + uuid = "4118935e-359b-4dd2-95bd-eb27f7b0c5bb"; domain = "bug.tools"; - creds = "/home/bug/.cloudflared/${tunnel_uuid}.json"; + creds = "/home/bug/.cloudflared/${uuid}.json"; +in { + den.aspects.cloudflared = { + nixos = { config, pkgs, lib, ... }: { + options.den.tunnels = lib.mkOption { + default = []; + description = "Cloudflared tunnel subdomains, matched directly against portmap keys."; + type = lib.types.listOf lib.types.str; + }; - tunnel = port: subdomain: { pkgs, ... }: { - environment = { - systemPackages = [ pkgs.cloudflared ]; + config = { + environment.systemPackages = [ pkgs.cloudflared ]; + environment.etc."cloudflared/${uuid}.json".source = creds; - etc."cloudflared/${tunnel_uuid}.json".source = creds; - }; + services.cloudflared = { + enable = true; - services.cloudflared = { - enable = true; + tunnels.${uuid} = { + credentialsFile = "/etc/cloudflared/${uuid}.json"; + default = "http_status:404"; - tunnels.${tunnel_uuid} = { - credentialsFile = "/etc/cloudflared/${tunnel_uuid}.json"; - default = "http_status:404"; - - ingress = { - "${subdomain}.${domain}" = "http://127.0.0.1:${toString port}"; + ingress = lib.listToAttrs (map (subdomain: { + name = "${subdomain}.${domain}"; + value = "http://127.0.0.1:${toString config.den.portmap.${subdomain}}"; + }) config.den.tunnels); + }; }; }; }; }; -in { - den.aspects.tunnel = port: subdomain: den.lib.parametric { - includes = [ - (_: { nixos = tunnel port subdomain; }) - ]; - }; -} +} \ No newline at end of file diff --git a/modules/services/copyparty.nix b/modules/services/copyparty.nix index 1a8a9cc..33c5715 100644 --- a/modules/services/copyparty.nix +++ b/modules/services/copyparty.nix @@ -1,10 +1,12 @@ { inputs, ... }: { den.aspects.copyparty = { - nixos = { + nixos = { config, ... }: { imports = [ inputs.copyparty.nixosModules.default ]; nixpkgs.overlays = [ inputs.copyparty.overlays.default ]; + den.tunnels = [ "files" ]; + services.copyparty = { enable = true; @@ -13,7 +15,7 @@ settings = { i = "0.0.0.0"; - p = [ 3210 3211 ]; + p = [ config.den.portmap.files (config.den.portmap.files + 1) ]; no-reload = true; ignored-flag = false; }; @@ -22,10 +24,6 @@ bug = { passwordFile = "/home/bug/mailserver/bug.passwd"; }; - - #sang = { - #passwordFile = "/home/bug/nix/sang.passwd"; - #}; }; groups = { diff --git a/modules/services/gitea/gitea.nix b/modules/services/gitea/gitea.nix index 4053ba5..355ffb0 100644 --- a/modules/services/gitea/gitea.nix +++ b/modules/services/gitea/gitea.nix @@ -2,7 +2,9 @@ den.aspects.gitea = { includes = [ den.aspects.gitea-mirrors ]; - nixos = { + nixos = { config, ... }: { + den.tunnels = [ "git" ]; + services.gitea = { enable = true; @@ -12,7 +14,7 @@ DISABLE_REGISTRATION = true; }; - settings.server.HTTP_PORT = 3002; + settings.server.HTTP_PORT = config.den.portmap.git; mirrors = { admin = { diff --git a/modules/services/glances.nix b/modules/services/glances.nix index 7c67e9b..ffb02b6 100644 --- a/modules/services/glances.nix +++ b/modules/services/glances.nix @@ -1,6 +1,8 @@ { den.aspects.glances = { - nixos = { pkgs, ... }: { + nixos = { pkgs, config, ... }: { + den.tunnels = [ "monitor" ]; + environment.systemPackages = [ pkgs.glances ]; users.users.glances = { @@ -24,7 +26,7 @@ ExecStart = '' ${pkgs.glances}/bin/glances \ -w \ - -p 61208 \ + -p ${toString config.den.portmap.monitor} \ -B 0.0.0.0 ''; diff --git a/modules/services/invidious.nix b/modules/services/invidious.nix index ab7a7a6..504cb1a 100644 --- a/modules/services/invidious.nix +++ b/modules/services/invidious.nix @@ -1,10 +1,13 @@ { den, lib, ... }: { den.aspects.invidious = { - nixos = { pkgs, ... }: let + nixos = { pkgs, config, ... }: let companionPort = 8282; companionPath = "/companion"; companionKey = "kKg3RKeZjE7frmvw"; + port = config.den.portmap.tube; in { + den.tunnels = [ "tube" ]; + virtualisation.podman.enable = true; virtualisation.oci-containers.backend = lib.mkDefault "podman"; @@ -29,7 +32,7 @@ package = pkgs.invidious; address = "127.0.0.1"; - port = 3030; + port = port; nginx.enable = false; sig-helper.enable = false; @@ -37,7 +40,7 @@ settings = { domain = "tube.bug.tools"; https_only = false; - external_port = 3030; + external_port = port; invidious_companion = [ { private_url = "http://127.0.0.1:${toString companionPort}${companionPath}"; } diff --git a/modules/services/matrix.nix b/modules/services/matrix.nix index 5eab5ff..06e0bf5 100644 --- a/modules/services/matrix.nix +++ b/modules/services/matrix.nix @@ -6,6 +6,7 @@ lib, ... }: let + port = config.den.portmap.matrix; domain = "bug.tools"; matrixDomain = "matrix.${domain}"; clientConfig = { @@ -29,7 +30,7 @@ listeners = [ { - port = 8008; + port = port; bind_addresses = ["127.0.0.1"]; type = "http"; tls = false; @@ -89,7 +90,7 @@ enableACME = true; forceSSL = true; locations."/" = { - proxyPass = "http://127.0.0.1:8008"; + proxyPass = "http://127.0.0.1:${toString port}"; extraConfig = '' proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; diff --git a/modules/services/portmap.nix b/modules/services/portmap.nix deleted file mode 100644 index 9e26dfe..0000000 --- a/modules/services/portmap.nix +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/modules/services/ports.nix b/modules/services/ports.nix new file mode 100644 index 0000000..66c4566 --- /dev/null +++ b/modules/services/ports.nix @@ -0,0 +1,7 @@ +{ lib, ... }: { + den.aspects.portmap.nixos.options.den.portmap = lib.mkOption { + type = lib.types.attrsOf lib.types.port; + readOnly = true; + default = import ../../../portmap.nix; + }; +} \ No newline at end of file diff --git a/modules/services/redlib.nix b/modules/services/redlib.nix index abe987a..fcc0fcf 100644 --- a/modules/services/redlib.nix +++ b/modules/services/redlib.nix @@ -1,11 +1,13 @@ { den.aspects.redlib = { - nixos = { + nixos = { config, ... }: { + den.tunnels = [ "reddit" ]; + services.redlib = { enable = true; address = "127.0.0.1"; - port = 8975; + port = config.den.portmap.reddit; openFirewall = false; settings = { diff --git a/modules/services/searxng/searxng.nix b/modules/services/searxng/searxng.nix index 68c3494..97f70e2 100644 --- a/modules/services/searxng/searxng.nix +++ b/modules/services/searxng/searxng.nix @@ -1,6 +1,8 @@ { den.aspects.searxng = { - nixos = { + nixos = { config, ... }: { + den.tunnels = [ "search" ]; + systemd.services.searx-init.serviceConfig.EnvironmentFile = [ "/home/bug/.searxng.env" ]; @@ -15,7 +17,7 @@ settings = { general.instance_name = "search.bug.tools"; - server.port = 8888; + server.port = config.den.portmap.search; server.bind_address = "0.0.0.0"; server.secret_key = "$SEARX_SECRET_KEY"; }; diff --git a/modules/software/janitor/janitor.nix b/modules/software/janitor/janitor.nix index 73bc3bf..6202e1d 100644 --- a/modules/software/janitor/janitor.nix +++ b/modules/software/janitor/janitor.nix @@ -1,6 +1,6 @@ { den, ... }: { den.aspects.janitor = { - includes = [ den.aspects.janitor-backend ]; + includes = with den.aspects; [ janitor-backend ]; nixos = { services.janitor = { @@ -34,8 +34,10 @@ "Games/GBC" = [ "gbc" ]; "Games/GB" = [ "gb" ]; "Games/PS1" = [ "cue" "bin" ]; + "Games/Xbox" = [ "xiso" ]; "Games/Genesis" = [ "gen" ]; "Games/Dreamcast" = [ "gdi" "cdi" ]; + "Games/Saturn" = [ "sat" ]; }; }; }; diff --git a/modules/software/music/.syncthing.music.nix.tmp b/modules/software/music/.syncthing.music.nix.tmp new file mode 100644 index 0000000000000000000000000000000000000000..65dcf04117f74ba1750dcecb1d58c83f50a9cfa6 GIT binary patch literal 124 KcmZP=KmY&$d;kFe literal 0 HcmV?d00001 diff --git a/portmap.nix b/portmap.nix new file mode 100644 index 0000000..d28215e --- /dev/null +++ b/portmap.nix @@ -0,0 +1,10 @@ +{ + tvtun = 3001; + search = 8888; + files = 3210; + tube = 3030; + reddit = 8975; + git = 3002; + monitor = 61208; + matrix = 8008; +} \ No newline at end of file