kitten.sh / system
Personal Nix setup
fork atom

Apply sshd config to macOS server

kitten.sh 0ea66d23 9c2c7bb8

options
unified split
Changed files
+19 -14
machines
irnbru
configuration.nix
modules
server
caddy.nix
hd-idle.nix
home-assistant.nix
jellyfin.nix
podman.nix
sshd.nix
tailscale.nix
vaultwarden.nix
+4
machines/irnbru/configuration.nix 
···

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
{


     

       
4

       
4

       
 

       
  imports = [ ];


     

       

       
5

       
+

       



     

       

       
6

       
+

       
  modules = {


     

       

       
7

       
+

       
    server.enable = true;


     

       

       
8

       
+

       
  };


     

       
5

       
9

       
 

       
}
+1 -1
modules/server/caddy.nix 
···

       
67

       
67

       
 

       
      }


     

       
68

       
68

       
 

       
    '') cfg.caddy.exposeFolders;


     

       
69

       
69

       
 

       
  in strings.concatStringsSep "\n\n" configs;


     

       
70

       

       
-

       
in {


     

       

       
70

       
+

       
in helpers.linuxAttrs {


     

       
71

       
71

       
 

       
  options.modules.server.caddy = {


     

       
72

       
72

       
 

       
    enable = mkOption {


     

       
73

       
73

       
 

       
      default = false;
+2 -2
modules/server/hd-idle.nix 
···

       
1

       

       
-

       
{ lib, config, pkgs, ... }:


     

       

       
1

       
+

       
{ lib, config, pkgs, helpers, ... }:


     

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
with lib;


     

       
4

       
4

       
 

       
let


     

       
5

       
5

       
 

       
  cfgRoot = config.modules.server;


     

       
6

       
6

       
 

       
  cfg = config.modules.server.hd-idle;


     

       
7

       

       
-

       
in {


     

       

       
7

       
+

       
in helpers.linuxAttrs {


     

       
8

       
8

       
 

       
  options.modules.server.hd-idle = {


     

       
9

       
9

       
 

       
    enable = mkOption {


     

       
10

       
10

       
 

       
      default = false;
+2 -2
modules/server/home-assistant.nix 
···

       
1

       

       
-

       
{ lib, config, pkgs, ... }:


     

       

       
1

       
+

       
{ lib, config, pkgs, helpers, ... }:


     

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
with lib;


     

       
4

       
4

       
 

       
let


     
···

       
10

       
10

       
 

       
  containerImage = if stdenv.isAarch64


     

       
11

       
11

       
 

       
    then "ghcr.io/home-assistant/aarch64-homeassistant:${cfg.revision}"


     

       
12

       
12

       
 

       
    else "ghcr.io/home-assistant/home-assistant:${cfg.revision}";


     

       
13

       

       
-

       
in {


     

       

       
13

       
+

       
in helpers.linuxAttrs {


     

       
14

       
14

       
 

       
  options.modules.server.home-assistant = {


     

       
15

       
15

       
 

       
    enable = mkOption {


     

       
16

       
16

       
 

       
      default = false;
+2 -2
modules/server/jellyfin.nix 
···

       
1

       

       
-

       
{ lib, config, pkgs, user, ... }:


     

       

       
1

       
+

       
{ lib, config, pkgs, user, helpers, ... }:


     

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
with lib;


     

       
4

       
4

       
 

       
let


     
···

       
6

       
6

       
 

       
  cfg = config.modules.server.jellyfin;


     

       
7

       
7

       
 

       



     

       
8

       
8

       
 

       
  group = "share";


     

       
9

       

       
-

       
in {


     

       

       
9

       
+

       
in helpers.linuxAttrs {


     

       
10

       
10

       
 

       
  options.modules.server.jellyfin = {


     

       
11

       
11

       
 

       
    enable = mkOption {


     

       
12

       
12

       
 

       
      default = false;
+2 -2
modules/server/podman.nix 
···

       
1

       

       
-

       
{ lib, config, user, pkgs, ... }:


     

       

       
1

       
+

       
{ lib, config, user, pkgs, helpers, ... }:


     

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
with lib;


     

       
4

       
4

       
 

       
let


     

       
5

       
5

       
 

       
  cfgRoot = config.modules.server;


     

       
6

       
6

       
 

       
  cfg = config.modules.server.podman;


     

       
7

       

       
-

       
in {


     

       

       
7

       
+

       
in helpers.linuxAttrs {


     

       
8

       
8

       
 

       
  options.modules.server.podman = {


     

       
9

       
9

       
 

       
    enable = mkOption {


     

       
10

       
10

       
 

       
      default = false;
+2 -1
modules/server/sshd.nix 
···

       
1

       

       
-

       
{ lib, config, user, ... }:


     

       

       
1

       
+

       
{ lib, config, user, helpers, ... }:


     

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
with lib;


     

       
4

       
4

       
 

       
let


     
···

       
20

       
20

       
 

       



     

       
21

       
21

       
 

       
    services.openssh = {


     

       
22

       
22

       
 

       
      enable = true;


     

       

       
23

       
+

       
    } // helpers.linuxAttrs {


     

       
23

       
24

       
 

       
      openFirewall = mkDefault (!config.modules.router.enable);


     

       
24

       
25

       
 

       
    };


     

       
25

       
26

       
 

       
  };
+2 -2
modules/server/tailscale.nix 
···

       
1

       

       
-

       
{ lib, config, pkgs, user, hostname, ... }:


     

       

       
1

       
+

       
{ lib, config, pkgs, user, helpers, hostname, ... }:


     

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
with lib;


     

       
4

       
4

       
 

       
let


     

       
5

       
5

       
 

       
  cfgRoot = config.modules.server;


     

       
6

       
6

       
 

       
  cfgRouter = config.modules.router;


     

       
7

       
7

       
 

       
  cfg = config.modules.server.tailscale;


     

       
8

       

       
-

       
in {


     

       

       
8

       
+

       
in helpers.linuxAttrs {


     

       
9

       
9

       
 

       
  options.modules.server.tailscale = {


     

       
10

       
10

       
 

       
    enable = mkOption {


     

       
11

       
11

       
 

       
      default = false;
+2 -2
modules/server/vaultwarden.nix 
···

       
1

       

       
-

       
{ lib, config, hostname, ... }:


     

       

       
1

       
+

       
{ lib, config, hostname, helpers, ... }:


     

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
with lib;


     

       
4

       
4

       
 

       
let


     

       
5

       
5

       
 

       
  address = config.modules.router.adress;


     

       
6

       
6

       
 

       
  cfg = config.modules.server;


     

       
7

       

       
-

       
in {


     

       

       
7

       
+

       
in helpers.linuxAttrs {


     

       
8

       
8

       
 

       
  options.modules.server.vaultwarden = {


     

       
9

       
9

       
 

       
    enable = mkOption {


     

       
10

       
10

       
 

       
      default = false;