nix-config/globals.nix

157 lines
4.1 KiB
Nix
Raw Normal View History

2024-12-20 20:40:27 +01:00
{
config,
lib,
inputs,
...
}:
let
inherit (config) globals;
# Try to access the extra builtin we loaded via nix-plugins.
# Throw an error if that doesn't exist.
rageImportEncrypted =
assert lib.assertMsg (builtins ? extraBuiltins.rageImportEncrypted)
"The extra builtin 'rageImportEncrypted' is not available, so repo.secrets cannot be decrypted. Did you forget to add nix-plugins and point it to `./nix/extra-builtins.nix` ?";
builtins.extraBuiltins.rageImportEncrypted;
in
{
imports = [
(rageImportEncrypted inputs.self.secretsConfig.masterIdentities ./secrets/global.nix.age)
];
globals = {
net.vlans = {
home = rec {
id = 10;
cidrv4 = "10.99.${toString id}.0/24";
cidrv6 = "fd${toString id}::/64";
};
services = rec {
id = 20;
cidrv4 = "10.99.${toString id}.0/24";
cidrv6 = "fd${toString id}::/64";
};
devices = rec {
id = 30;
cidrv4 = "10.99.${toString id}.0/24";
cidrv6 = "fd${toString id}::/64";
};
iot = rec {
id = 40;
cidrv4 = "10.99.${toString id}.0/24";
cidrv6 = "fd${toString id}::/64";
2025-01-07 21:23:06 +01:00
internet = false;
2024-12-20 20:40:27 +01:00
};
guests = rec {
id = 50;
cidrv4 = "10.99.${toString id}.0/24";
cidrv6 = "fd${toString id}::/64";
};
};
services = {
adguardhome = {
domain = "adguardhome.${globals.domains.web}";
host = "nucnix-adguardhome";
2024-12-21 14:06:00 +01:00
ip = 10;
2024-12-20 20:40:27 +01:00
};
forgejo = {
domain = "forge.${globals.domains.web}";
host = "elisabeth-forgejo";
2024-12-22 00:10:37 +01:00
ip = 13;
2024-12-20 20:40:27 +01:00
};
immich = {
domain = "immich.${globals.domains.web}";
host = "elisabeth-immich";
};
nextcloud = {
domain = "nc.${globals.domains.web}";
host = "elisabeth-nextcloud";
};
ollama = {
domain = "ai.${globals.domains.web}";
host = "elisabeth-ollama";
};
paperless = {
domain = "ppl.${globals.domains.web}";
host = "elisabeth-paperless";
};
2025-01-07 21:23:06 +01:00
fritz = {
domain = "fritz.${globals.domains.web}";
};
2024-12-20 20:40:27 +01:00
ttrss = {
domain = "rss.${globals.domains.web}";
host = "elisabeth-ttrss";
};
vaultwarden = {
domain = "pw.${globals.domains.web}";
host = "elisabeth-vaultwarden";
};
yourspotify = {
domain = "sptfy.${globals.domains.web}";
host = "elisabeth-yourspotify";
};
apispotify = {
domain = "apisptfy.${globals.domains.web}";
2024-12-21 14:06:00 +01:00
host = "elisabeth-yourspotify";
2024-12-20 20:40:27 +01:00
};
kanidm = {
domain = "auth.${globals.domains.web}";
host = "elisabeth-kanidm";
};
oauth2-proxy = {
domain = "oauth2.${globals.domains.web}";
host = "elisabeth-oauth2-proxy";
};
actual = {
domain = "actual.${globals.domains.web}";
host = "elisabeth-actual";
};
firefly = {
domain = "money.${globals.domains.web}";
host = "elisabeth-firefly";
};
homebox = {
domain = "homebox.${globals.domains.web}";
host = "elisabeth-homebox";
};
invidious = {
domain = "yt.${globals.domains.web}";
host = "elisabeth-invidious";
};
blog = {
domain = "blog.${globals.domains.web}";
host = "elisabeth-blog";
};
netbird = {
domain = "netbird.${globals.domains.web}";
host = "elisabeth-netbird";
2024-12-22 00:10:37 +01:00
ip = 16;
2024-12-20 20:40:27 +01:00
};
2024-12-21 14:06:00 +01:00
nginx = {
domain = globals.domains.web;
host = "nucnix-nginx";
ip = 5;
};
samba = {
domain = "smb.${globals.domains.web}";
host = "elisabeth-samba";
ip = 12;
};
2024-12-22 00:10:37 +01:00
ddclient = {
host = "elisabeth-ddclient";
};
2024-12-23 12:42:21 +01:00
hostapd = {
host = "nucnix-hostapd";
2024-12-23 19:22:45 +01:00
ip = 19;
2024-12-23 12:42:21 +01:00
};
2024-12-22 00:10:37 +01:00
murmur = {
domain = "ts.${globals.domains.web}";
host = "elisabeth-murmur";
ip = 9;
};
2025-01-05 22:27:49 +01:00
homeassistant = {
domain = "hs.${globals.domains.web}";
host = "elisabeth-homeassistant";
};
2024-12-20 20:40:27 +01:00
};
};
}