bug/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ports test

Browse Source
This commit is contained in:
4DBug
2026-03-03 17:05:04 -06:00
parent 4974969c6f
commit c10eca565f
17 changed files with 85 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.stfolder/syncthing-folder-a0745f.txt
View File

@@ -2,4 +2,4 @@
# Do not delete. # Do not delete.
folderID: nix folderID: nix
created: 2026-01-29T23:06:32-06:00 created: 2026-01-29T23:05:44-06:00

3
modules/core/desktop/dms.nix Normal file
View File

@@ -0,0 +1,3 @@
{
}

3
modules/core/desktop/noctalia.nix Normal file
View File

@@ -0,0 +1,3 @@
{
}

14
modules/hosts/box/box.nix
View File

@@ -1,4 +1,3 @@
{ den, ... }: { { den, ... }: {
den.aspects.box = { den.aspects.box = {
includes = with den.aspects; [ includes = with den.aspects; [
@@ -8,13 +7,14 @@
dns dns
openssh openssh
# cloudflared cloudflared
syncthing syncthing
catppuccin catppuccin
fish fish
portmap
searxng searxng
copyparty copyparty
glances glances
@@ -25,19 +25,13 @@
# sish # sish
vscode-server vscode-server
gitea gitea
(tunnel 3001 "tvtun")
(tunnel 8888 "search")
(tunnel 3210 "files")
(tunnel 3030 "tube")
(tunnel 8975 "reddit")
(tunnel 3002 "git")
(tunnel 61208 "monitor")
]; ];
nixos = { nixos = {
networking.hostName = "box"; networking.hostName = "box";
# den.tunnels = [ "tvtun" ];
users.users.levi = { users.users.levi = {
isNormalUser = true; isNormalUser = true;
description = "levi"; description = "levi";

46
modules/infra/cloudflared.nix
View File

@@ -1,32 +1,34 @@
{ den, ... }: let let
tunnel_uuid = "4118935e-359b-4dd2-95bd-eb27f7b0c5bb"; uuid = "4118935e-359b-4dd2-95bd-eb27f7b0c5bb";
domain = "bug.tools"; domain = "bug.tools";
creds = "/home/bug/.cloudflared/${tunnel_uuid}.json"; creds = "/home/bug/.cloudflared/${uuid}.json";
in {
den.aspects.cloudflared = {
nixos = { config, pkgs, lib, ... }: {
options.den.tunnels = lib.mkOption {
default = [];
description = "Cloudflared tunnel subdomains, matched directly against portmap keys.";
type = lib.types.listOf lib.types.str;
};
tunnel = port: subdomain: { pkgs, ... }: { config = {
environment = { environment.systemPackages = [ pkgs.cloudflared ];
systemPackages = [ pkgs.cloudflared ]; environment.etc."cloudflared/${uuid}.json".source = creds;
etc."cloudflared/${tunnel_uuid}.json".source = creds; services.cloudflared = {
}; enable = true;
services.cloudflared = { tunnels.${uuid} = {
enable = true; credentialsFile = "/etc/cloudflared/${uuid}.json";
default = "http_status:404";
tunnels.${tunnel_uuid} = { ingress = lib.listToAttrs (map (subdomain: {
credentialsFile = "/etc/cloudflared/${tunnel_uuid}.json"; name = "${subdomain}.${domain}";
default = "http_status:404"; value = "http://127.0.0.1:${toString config.den.portmap.${subdomain}}";
}) config.den.tunnels);
ingress = { };
"${subdomain}.${domain}" = "http://127.0.0.1:${toString port}";
}; };
}; };
}; };
}; };
in {
den.aspects.tunnel = port: subdomain: den.lib.parametric {
includes = [
(_: { nixos = tunnel port subdomain; })
];
};
} }

10
modules/services/copyparty.nix
View File

@@ -1,10 +1,12 @@
{ inputs, ... }: { { inputs, ... }: {
den.aspects.copyparty = { den.aspects.copyparty = {
nixos = { nixos = { config, ... }: {
imports = [ inputs.copyparty.nixosModules.default ]; imports = [ inputs.copyparty.nixosModules.default ];
nixpkgs.overlays = [ inputs.copyparty.overlays.default ]; nixpkgs.overlays = [ inputs.copyparty.overlays.default ];
den.tunnels = [ "files" ];
services.copyparty = { services.copyparty = {
enable = true; enable = true;
@@ -13,7 +15,7 @@
settings = { settings = {
i = "0.0.0.0"; i = "0.0.0.0";
p = [ 3210 3211 ]; p = [ config.den.portmap.files (config.den.portmap.files + 1) ];
no-reload = true; no-reload = true;
ignored-flag = false; ignored-flag = false;
}; };
@@ -22,10 +24,6 @@
bug = { bug = {
passwordFile = "/home/bug/mailserver/bug.passwd"; passwordFile = "/home/bug/mailserver/bug.passwd";
}; };
#sang = {
#passwordFile = "/home/bug/nix/sang.passwd";
#};
}; };
groups = { groups = {

6
modules/services/gitea/gitea.nix
View File

@@ -2,7 +2,9 @@
den.aspects.gitea = { den.aspects.gitea = {
includes = [ den.aspects.gitea-mirrors ]; includes = [ den.aspects.gitea-mirrors ];
nixos = { nixos = { config, ... }: {
den.tunnels = [ "git" ];
services.gitea = { services.gitea = {
enable = true; enable = true;
@@ -12,7 +14,7 @@
DISABLE_REGISTRATION = true; DISABLE_REGISTRATION = true;
}; };
settings.server.HTTP_PORT = 3002; settings.server.HTTP_PORT = config.den.portmap.git;
mirrors = { mirrors = {
admin = { admin = {

6
modules/services/glances.nix
View File

@@ -1,6 +1,8 @@
{ {
den.aspects.glances = { den.aspects.glances = {
nixos = { pkgs, ... }: { nixos = { pkgs, config, ... }: {
den.tunnels = [ "monitor" ];
environment.systemPackages = [ pkgs.glances ]; environment.systemPackages = [ pkgs.glances ];
users.users.glances = { users.users.glances = {
@@ -24,7 +26,7 @@
ExecStart = '' ExecStart = ''
${pkgs.glances}/bin/glances \ ${pkgs.glances}/bin/glances \
-w \ -w \
-p 61208 \ -p ${toString config.den.portmap.monitor} \
-B 0.0.0.0 -B 0.0.0.0
''; '';

9
modules/services/invidious.nix
View File

@@ -1,10 +1,13 @@
{ den, lib, ... }: { { den, lib, ... }: {
den.aspects.invidious = { den.aspects.invidious = {
nixos = { pkgs, ... }: let nixos = { pkgs, config, ... }: let
companionPort = 8282; companionPort = 8282;
companionPath = "/companion"; companionPath = "/companion";
companionKey = "kKg3RKeZjE7frmvw"; companionKey = "kKg3RKeZjE7frmvw";
port = config.den.portmap.tube;
in { in {
den.tunnels = [ "tube" ];
virtualisation.podman.enable = true; virtualisation.podman.enable = true;
virtualisation.oci-containers.backend = lib.mkDefault "podman"; virtualisation.oci-containers.backend = lib.mkDefault "podman";
@@ -29,7 +32,7 @@
package = pkgs.invidious; package = pkgs.invidious;
address = "127.0.0.1"; address = "127.0.0.1";
port = 3030; port = port;
nginx.enable = false; nginx.enable = false;
sig-helper.enable = false; sig-helper.enable = false;
@@ -37,7 +40,7 @@
settings = { settings = {
domain = "tube.bug.tools"; domain = "tube.bug.tools";
https_only = false; https_only = false;
external_port = 3030; external_port = port;
invidious_companion = [ invidious_companion = [
{ private_url = "http://127.0.0.1:${toString companionPort}${companionPath}"; } { private_url = "http://127.0.0.1:${toString companionPort}${companionPath}"; }

5
modules/services/matrix.nix
View File

@@ -6,6 +6,7 @@
lib, lib,
... ...
}: let }: let
port = config.den.portmap.matrix;
domain = "bug.tools"; domain = "bug.tools";
matrixDomain = "matrix.${domain}"; matrixDomain = "matrix.${domain}";
clientConfig = { clientConfig = {
@@ -29,7 +30,7 @@
listeners = [ listeners = [
{ {
port = 8008; port = port;
bind_addresses = ["127.0.0.1"]; bind_addresses = ["127.0.0.1"];
type = "http"; type = "http";
tls = false; tls = false;
@@ -89,7 +90,7 @@
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:8008"; proxyPass = "http://127.0.0.1:${toString port}";
extraConfig = '' extraConfig = ''
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;

1
modules/services/portmap.nix
View File

@@ -1 +0,0 @@
{}

7
modules/services/ports.nix Normal file
View File

@@ -0,0 +1,7 @@
{ lib, ... }: {
den.aspects.portmap.nixos.options.den.portmap = lib.mkOption {
type = lib.types.attrsOf lib.types.port;
readOnly = true;
default = import ../../../portmap.nix;
};
}

6
modules/services/redlib.nix
View File

@@ -1,11 +1,13 @@
{ {
den.aspects.redlib = { den.aspects.redlib = {
nixos = { nixos = { config, ... }: {
den.tunnels = [ "reddit" ];
services.redlib = { services.redlib = {
enable = true; enable = true;
address = "127.0.0.1"; address = "127.0.0.1";
port = 8975; port = config.den.portmap.reddit;
openFirewall = false; openFirewall = false;
settings = { settings = {

6
modules/services/searxng/searxng.nix
View File

@@ -1,6 +1,8 @@
{ {
den.aspects.searxng = { den.aspects.searxng = {
nixos = { nixos = { config, ... }: {
den.tunnels = [ "search" ];
systemd.services.searx-init.serviceConfig.EnvironmentFile = [ systemd.services.searx-init.serviceConfig.EnvironmentFile = [
"/home/bug/.searxng.env" "/home/bug/.searxng.env"
]; ];
@@ -15,7 +17,7 @@
settings = { settings = {
general.instance_name = "search.bug.tools"; general.instance_name = "search.bug.tools";
server.port = 8888; server.port = config.den.portmap.search;
server.bind_address = "0.0.0.0"; server.bind_address = "0.0.0.0";
server.secret_key = "$SEARX_SECRET_KEY"; server.secret_key = "$SEARX_SECRET_KEY";
}; };

4
modules/software/janitor/janitor.nix
View File

@@ -1,6 +1,6 @@
{ den, ... }: { { den, ... }: {
den.aspects.janitor = { den.aspects.janitor = {
includes = [ den.aspects.janitor-backend ]; includes = with den.aspects; [ janitor-backend ];
nixos = { nixos = {
services.janitor = { services.janitor = {
@@ -34,8 +34,10 @@
"Games/GBC" = [ "gbc" ]; "Games/GBC" = [ "gbc" ];
"Games/GB" = [ "gb" ]; "Games/GB" = [ "gb" ];
"Games/PS1" = [ "cue" "bin" ]; "Games/PS1" = [ "cue" "bin" ];
"Games/Xbox" = [ "xiso" ];
"Games/Genesis" = [ "gen" ]; "Games/Genesis" = [ "gen" ];
"Games/Dreamcast" = [ "gdi" "cdi" ]; "Games/Dreamcast" = [ "gdi" "cdi" ];
"Games/Saturn" = [ "sat" ];
}; };
}; };
}; };

BIN
modules/software/music/.syncthing.music.nix.tmp Normal file
View File

Binary file not shown.

10
portmap.nix Normal file
View File

@@ -0,0 +1,10 @@
{
tvtun = 3001;
search = 8888;
files = 3210;
tube = 3030;
reddit = 8975;
git = 3002;
monitor = 61208;
matrix = 8008;
}