···

       
11
       
 
       
    self.diskoConfigurations.btrfs-vps

     

       
12
       
 
       
  ];

     

       
13
       
 
       


     

       
14
       
-
       
  networking.hostName = "jezebel";

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
15
       
 
       
  system.stateVersion = "25.05";

     

       
16
       
 
       
  time.timeZone = "America/Sao_Paulo";

     

       
17
       
 
       
  nixpkgs.hostPlatform = "x86_64-linux";

     

···

       
11
       
 
       
    self.diskoConfigurations.btrfs-vps

     

       
12
       
 
       
  ];

     

       
13
       
 
       


     

       
14
       
+
       
  networking = {

     

       
15
       
+
       
    firewall.allowedTCPPorts = [80 443];

     

       
16
       
+
       
    hostName = "jezebel";

     

       
17
       
+
       
  };

     

       
18
       
 
       
  system.stateVersion = "25.05";

     

       
19
       
 
       
  time.timeZone = "America/Sao_Paulo";

     

       
20
       
 
       
  nixpkgs.hostPlatform = "x86_64-linux";

     

···

       
1
       
 
       
{config, ...}: {

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
2
       
 
       
  services = {

     

       
3
       
 
       
    caddy = {

     

       
0
       
 
       

     

       
0
       
 
       

     

       
4
       
 
       
      virtualHosts = {

     

       
5
       
 
       
        "${config.mySnippets.tailnet.networkMap.uptime-kuma.vHost}" = {

     

       
6
       
 
       
          extraConfig = ''

     

       
7
       
 
       
            bind tailscale/uptime-kuma

     

       
8
       
 
       
            encode zstd gzip

     

       
9
       
 
       
            reverse_proxy ${config.mySnippets.tailnet.networkMap.uptime-kuma.hostName}:${toString config.mySnippets.tailnet.networkMap.uptime-kuma.port}

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
10
       
 
       
          '';

     

       
11
       
 
       
        };

     

       
12
       
 
       
      };

     

···

       
1
       
 
       
{config, ...}: {

     

       
2
       
+
       
  security.acme = {

     

       
3
       
+
       
    acceptTerms = true;

     

       
4
       
+
       
    defaults.email = "contact@aylac.top";

     

       
5
       
+
       
  };

     

       
6
       
+
       


     

       
7
       
 
       
  services = {

     

       
8
       
 
       
    caddy = {

     

       
9
       
+
       
      email = "contact@aylac.top";

     

       
10
       
+
       


     

       
11
       
 
       
      virtualHosts = {

     

       
12
       
 
       
        "${config.mySnippets.tailnet.networkMap.uptime-kuma.vHost}" = {

     

       
13
       
 
       
          extraConfig = ''

     

       
14
       
 
       
            bind tailscale/uptime-kuma

     

       
15
       
 
       
            encode zstd gzip

     

       
16
       
 
       
            reverse_proxy ${config.mySnippets.tailnet.networkMap.uptime-kuma.hostName}:${toString config.mySnippets.tailnet.networkMap.uptime-kuma.port}

     

       
17
       
+
       
          '';

     

       
18
       
+
       
        };

     

       
19
       
+
       


     

       
20
       
+
       
        "${config.mySnippets.aylac-top.networkMap.uptime-kuma.vHost}" = {

     

       
21
       
+
       
          extraConfig = ''

     

       
22
       
+
       
            encode gzip zstd

     

       
23
       
+
       
            reverse_proxy ${config.mySnippets.aylac-top.networkMap.uptime-kuma.hostName}:${toString config.mySnippets.aylac-top.networkMap.uptime-kuma.port}

     

       
24
       
+
       
          '';

     

       
25
       
+
       
        };

     

       
26
       
+
       


     

       
27
       
+
       
        "${config.mySnippets.aylac-top.networkMap.glance.vHost}" = {

     

       
28
       
+
       
          extraConfig = ''

     

       
29
       
+
       
            encode gzip zstd

     

       
30
       
+
       
            reverse_proxy ${config.mySnippets.aylac-top.networkMap.glance.hostName}:${toString config.mySnippets.aylac-top.networkMap.glance.port}

     

       
31
       
 
       
          '';

     

       
32
       
 
       
        };

     

       
33
       
 
       
      };

     

···

       
6
       
 
       
    settings = {

     

       
7
       
 
       
      pages = [

     

       
8
       
 
       
        {

     

       
9
       
-
       
          name = config.mySnippets.tailnet.networkMap.glance.vHost;

     

       
10
       
 
       
          width = "slim";

     

       
11
       
 
       
          hide-desktop-navigation = true;

     

       
12
       
 
       
          center-vertically = true;

     
···

       
14
       
 
       
            {

     

       
15
       
 
       
              size = "full";

     

       
16
       
 
       
              widgets = [

     

       
17
       
-
       
                {

     

       
18
       
-
       
                  type = "search";

     

       
19
       
-
       
                  autofocus = true;

     

       
20
       
-
       
                }

     

       
21
       
 
       
                {

     

       
22
       
 
       
                  type = "monitor";

     

       
23
       
 
       
                  cache = "1m";

     
···

       
41
       
 
       
                      url = "https://${config.mySnippets.aylac-top.networkMap.vaultwarden.vHost}/";

     

       
42
       
 
       
                      check-url = "http://${config.mySnippets.aylac-top.networkMap.vaultwarden.hostName}:${toString config.mySnippets.aylac-top.networkMap.vaultwarden.port}/";

     

       
43
       
 
       
                      icon = "di:vaultwarden";

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
44
       
 
       
                    }

     

       
45
       
 
       
                  ];

     

       
46
       
 
       
                }

     

···

       
6
       
 
       
    settings = {

     

       
7
       
 
       
      pages = [

     

       
8
       
 
       
        {

     

       
9
       
+
       
          name = config.mySnippets.aylac-top.networkMap.glance.vHost;

     

       
10
       
 
       
          width = "slim";

     

       
11
       
 
       
          hide-desktop-navigation = true;

     

       
12
       
 
       
          center-vertically = true;

     
···

       
14
       
 
       
            {

     

       
15
       
 
       
              size = "full";

     

       
16
       
 
       
              widgets = [

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
17
       
 
       
                {

     

       
18
       
 
       
                  type = "monitor";

     

       
19
       
 
       
                  cache = "1m";

     
···

       
37
       
 
       
                      url = "https://${config.mySnippets.aylac-top.networkMap.vaultwarden.vHost}/";

     

       
38
       
 
       
                      check-url = "http://${config.mySnippets.aylac-top.networkMap.vaultwarden.hostName}:${toString config.mySnippets.aylac-top.networkMap.vaultwarden.port}/";

     

       
39
       
 
       
                      icon = "di:vaultwarden";

     

       
40
       
+
       
                    }

     

       
41
       
+
       
                    {

     

       
42
       
+
       
                      title = "ntfy";

     

       
43
       
+
       
                      url = "https://${config.mySnippets.aylac-top.networkMap.ntfy.vHost}/";

     

       
44
       
+
       
                      check-url = "http://${config.mySnippets.aylac-top.networkMap.ntfy.hostName}:${toString config.mySnippets.aylac-top.networkMap.ntfy.port}/";

     

       
45
       
+
       
                      icon = "di:ntfy";

     

       
46
       
 
       
                    }

     

       
47
       
 
       
                  ];

     

       
48
       
 
       
                }

     

···

       
31
       
 
       
            "${config.mySnippets.aylac-top.networkMap.vaultwarden.vHost}" = "http://${config.mySnippets.aylac-top.networkMap.vaultwarden.hostName}:${toString config.mySnippets.aylac-top.networkMap.vaultwarden.port}";

     

       
32
       
 
       


     

       
33
       
 
       
            "${config.mySnippets.aylac-top.networkMap.forgejo.vHost}" = "http://${config.mySnippets.aylac-top.networkMap.forgejo.hostName}:${toString config.mySnippets.aylac-top.networkMap.forgejo.port}";

     

       
0
       
 
       

     

       
0
       
 
       

     

       
34
       
 
       
          };

     

       
35
       
 
       
        };

     

       
36
       
 
       
      };

     
···

       
229
       
 
       
        PORT = "7020";

     

       
230
       
 
       
      };

     

       
231
       
 
       
      environmentFile = config.age.secrets.gemini.path;

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
232
       
 
       
    };

     

       
233
       
 
       


     

       
234
       
 
       
    copyparty = {

     

···

       
31
       
 
       
            "${config.mySnippets.aylac-top.networkMap.vaultwarden.vHost}" = "http://${config.mySnippets.aylac-top.networkMap.vaultwarden.hostName}:${toString config.mySnippets.aylac-top.networkMap.vaultwarden.port}";

     

       
32
       
 
       


     

       
33
       
 
       
            "${config.mySnippets.aylac-top.networkMap.forgejo.vHost}" = "http://${config.mySnippets.aylac-top.networkMap.forgejo.hostName}:${toString config.mySnippets.aylac-top.networkMap.forgejo.port}";

     

       
34
       
+
       


     

       
35
       
+
       
            "${config.mySnippets.aylac-top.networkMap.ntfy.vHost}" = "http://${config.mySnippets.aylac-top.networkMap.ntfy.hostName}:${toString config.mySnippets.aylac-top.networkMap.ntfy.port}";

     

       
36
       
 
       
          };

     

       
37
       
 
       
        };

     

       
38
       
 
       
      };

     
···

       
231
       
 
       
        PORT = "7020";

     

       
232
       
 
       
      };

     

       
233
       
 
       
      environmentFile = config.age.secrets.gemini.path;

     

       
234
       
+
       
    };

     

       
235
       
+
       


     

       
236
       
+
       
    ntfy-sh = {

     

       
237
       
+
       
      enable = true;

     

       
238
       
+
       
      user = "ntfy";

     

       
239
       
+
       
      group = "ntfy";

     

       
240
       
+
       
      settings = {

     

       
241
       
+
       
        listen-http = ":${toString config.mySnippets.aylac-top.networkMap.ntfy.port}";

     

       
242
       
+
       
        base-url = "https://${config.mySnippets.aylac-top.networkMap.ntfy.vHost}";

     

       
243
       
+
       
        cache-duration = "30d";

     

       
244
       
+
       
        cache-startup-queries = ''

     

       
245
       
+
       
          pragma journal_mode = WAL;

     

       
246
       
+
       
          pragma synchronous = normal;

     

       
247
       
+
       
          pragma temp_store = memory;

     

       
248
       
+
       
        '';

     

       
249
       
+
       
        behind-proxy = true;

     

       
250
       
+
       
        auth-default-access = "deny-all";

     

       
251
       
+
       
        auth-users = [

     

       
252
       
+
       
          "ayla:$2a$10$hh05DMOuVQ3Zf67Rn8VUl.HYUop/.90V04IhNPmOsSYh9FSHCbL1K:admin"

     

       
253
       
+
       
          "auto:$2a$10$w7EDB/6orrpM9JVBqu4jHeBKvXliA4jvRI7Nd.fn.Fo4rGTHD50ju:user"

     

       
254
       
+
       
        ];

     

       
255
       
+
       
        auth-access = [

     

       
256
       
+
       
          "everyone:up*:wo"

     

       
257
       
+
       
          "auto:*:wo"

     

       
258
       
+
       
          "everyone:message-to-ayla:wo"

     

       
259
       
+
       
        ];

     

       
260
       
+
       
      };

     

       
261
       
 
       
    };

     

       
262
       
 
       


     

       
263
       
 
       
    copyparty = {

     

···

       
1
       
-
       
{lib, ...}: {

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
2
       
 
       
  options.mySnippets.aylac-top.networkMap = lib.mkOption {

     

       
3
       
 
       
    type = lib.types.attrs;

     

       
4
       
 
       
    description = "Hostnames, ports, and vHosts for aylac.top services.";

     
···

       
23
       
 
       
        vHost = "vault.aylac.top";

     

       
24
       
 
       
      };

     

       
25
       
 
       


     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
26
       
 
       
      uptime-kuma = {

     

       
27
       
-
       
        # Only used for status pages

     

       
28
       
-
       
        hostName = "jezebel";

     

       
29
       
-
       
        port = 3008;

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
30
       
 
       
      };

     

       
31
       
 
       
    };

     

       
32
       
 
       
  };

     

···

       
1
       
+
       
{

     

       
2
       
+
       
  lib,

     

       
3
       
+
       
  config,

     

       
4
       
+
       
  ...

     

       
5
       
+
       
}: {

     

       
6
       
 
       
  options.mySnippets.aylac-top.networkMap = lib.mkOption {

     

       
7
       
 
       
    type = lib.types.attrs;

     

       
8
       
 
       
    description = "Hostnames, ports, and vHosts for aylac.top services.";

     
···

       
27
       
 
       
        vHost = "vault.aylac.top";

     

       
28
       
 
       
      };

     

       
29
       
 
       


     

       
30
       
+
       
      ntfy = {

     

       
31
       
+
       
        hostName = "nanpi";

     

       
32
       
+
       
        port = 9024;

     

       
33
       
+
       
        vHost = "ntfy.aylac.top";

     

       
34
       
+
       
      };

     

       
35
       
+
       


     

       
36
       
 
       
      uptime-kuma = {

     

       
37
       
+
       
        inherit (config.mySnippets.tailnet.networkMap.uptime-kuma) hostName;

     

       
38
       
+
       
        inherit (config.mySnippets.tailnet.networkMap.uptime-kuma) port;

     

       
39
       
+
       
        vHost = "status.aylac.top";

     

       
40
       
+
       
      };

     

       
41
       
+
       


     

       
42
       
+
       
      glance = {

     

       
43
       
+
       
        inherit (config.mySnippets.tailnet.networkMap.glance) hostName;

     

       
44
       
+
       
        inherit (config.mySnippets.tailnet.networkMap.glance) port;

     

       
45
       
+
       
        vHost = "services.aylac.top";

     

       
46
       
 
       
      };

     

       
47
       
 
       
    };

     

       
48
       
 
       
  };