more refactoring

hosts/diva/configuration.nix

@@ -0,0 +1,25 @@
+{ inputs, ... }:
+{
+  imports = [ ./features ];
+  networking.hostName = "diva"; # Define your hostname.
+
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [
+      22 # ssh
+      80 # http
+      443 # ssl
+    ];
+  };
+
+  # reducing disk usage
+  boot.loader.systemd-boot.configurationLimit = 10;
+  nix.gc = {
+    automatic = true;
+    dates = "weekly";
+    options = "--delete-older-than 1w";
+  };
+
+  nix.settings.auto-optimise-store = true;
+  services.caddy.enable = true;
+}

hosts/diva/features/backups.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  services.borgmatic.enable = true;
+}

hosts/diva/features/default.nix

@@ -0,0 +1,9 @@
+{ config, ... }:
+{
+  imports = [
+    ./backups.nix
+    ./fail2ban.nix
+    ./nextcloud.nix
+    ./uptime-kuma.nix
+  ];
+}

hosts/diva/features/fail2ban.nix

@@ -0,0 +1,4 @@
+{ config, ... }:
+{
+
+}

hosts/diva/features/nextcloud.nix

@@ -0,0 +1,78 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+{
+  imports = [
+    "${
+      fetchTarball {
+        url = "https://github.com/onny/nixos-nextcloud-testumgebung/archive/fa6f062830b4bc3cedb9694c1dbf01d5fdf775ac.tar.gz";
+        sha256 = "0gzd0276b8da3ykapgqks2zhsqdv4jjvbv97dsxg0hgrhb74z0fs";
+      }
+    }/nextcloud-extras.nix"
+    ./nextcloud-network.nix
+  ]; # adding caddy support
+
+  sops.secrets.adminNextcloudPass = {
+    owner = "nextcloud";
+  };
+
+  services.nextcloud = {
+    enable = true;
+    hostName = "cloud.hypervirtual.world";
+    database.createLocally = true;
+    webserver = "caddy";
+    configureRedis = true;
+    package = pkgs.nextcloud30;
+    config = {
+      dbtype = "pgsql";
+      adminpassFile = config.sops.secrets.adminNextcloudPass.path;
+    };
+
+    settings = {
+      enabledPreviewProviders = [
+        "OC\\Preview\\BMP"
+        "OC\\Preview\\GIF"
+        "OC\\Preview\\JPEG"
+        "OC\\Preview\\Krita"
+        "OC\\Preview\\MarkDown"
+        "OC\\Preview\\MP3"
+        "OC\\Preview\\OpenDocument"
+        "OC\\Preview\\PNG"
+        "OC\\Preview\\TXT"
+        "OC\\Preview\\XBitmap"
+        "OC\\Preview\\HEIC"
+      ];
+
+      trustedDomains = [ "cloud.hypervirtual.world" ];
+      overwriteprotocol = "https";
+      log_type = "file"; # temporary fix for https://nixos.org/manual/nixos/stable/#module-services-nextcloud-warning-logreader
+      default_phone_region = "FR";
+      default_locale = "fr_FR";
+      default_language = "fr";
+      default_timezone = "Europe/Paris";
+      "memories.exiftool" = "${lib.getExe pkgs.exiftool}";
+    };
+
+    phpExtraExtensions = all: [
+      all.pdlib
+      all.redis
+      all.bz2
+    ];
+
+    phpOptions."opcache.interned_strings_buffer" = "23";
+    appstoreEnable = true; # why i would want appstore to be disabled ???
+    autoUpdateApps.enable = true;
+    cli.memoryLimit = "4G";
+  };
+
+  environment.systemPackages =
+    let
+      php = pkgs.php.buildEnv { extraConfig = "memory_limit = 4G"; };
+    in
+    [
+      php
+    ];
+}

hosts/diva/features/uptime-kuma.nix

@@ -0,0 +1,17 @@
+{ ... }:
+{
+  services.uptime-kuma = {
+    enable = true;
+    settings = {
+      PORT = "4000";
+    };
+  };
+
+  services.caddy.virtualHosts."http://status.hypervirtual.world".extraConfig = ''
+    reverse_proxy :4000
+  '';
+
+  services.caddy.virtualHosts."http://uptime.sisyphe.normandy.hypervirtual.world".extraConfig = ''
+    reverse_proxy :4000
+  '';
+}

hosts/sisyphe/configuration.nix

@@ -5,7 +5,7 @@
   secrets,
   ...
 }:
-let 
+let
   ip = "192.168.1.177";
   gateway = "192.168.1.1";
   username = "homelab";
@@ -13,8 +13,8 @@ in
 {
   imports = [
     ./hardware-configuration.nix
-    ./features/default.nix
-    ../../features/shared/ssh.nix
+    ./features
+    ../shared
   ];
 
   # Use the GRUB 2 boot loader.
@@ -25,23 +25,6 @@ in
   services.qemuGuest.enable = true;
   networking.hostName = "sisyphe"; # Define your hostname.
 
-  # Set your time zone.
-  time.timeZone = lib.mkDefault "Europe/Paris";
-
-  i18n.defaultLocale = "fr_FR.UTF-8";
-  console = {
-    font = "Lat2-Terminus16";
-    keyMap = "fr";
-  };
-
-  nix.settings.experimental-features = [
-    "nix-command"
-    "flakes"
-  ];
-
-  system.autoUpgrade.enable = true;
-  system.autoUpgrade.allowReboot = true;
-
   users.users.homelab = {
     isNormalUser = true;
     extraGroups = [
@@ -68,11 +51,8 @@ in
   environment.systemPackages = with pkgs; [
     git
     neovim
-    curl
   ];
 
-  environment.variables.EDITOR = "nvim";
-
   # setting up networking!!
   networking = {
     interfaces = {
@@ -125,15 +105,6 @@ in
   sops.age.generateKey = true;
   sops.defaultSopsFile = "${secrets}/secrets/secrets.yaml";
 
-  # reducing disk usage
-  boot.loader.systemd-boot.configurationLimit = 10;
-  nix.gc = {
-    automatic = true;
-    dates = "weekly";
-    options = "--delete-older-than 1w";
-  };
-  nix.settings.auto-optimise-store = true;
-
   # sonarr needs some EoL packages to be build
   nixpkgs.config.permittedInsecurePackages = [
     "aspnetcore-runtime-6.0.36"
@@ -143,10 +114,11 @@ in
   ];
 
   # seems like sabnzbd needs some unfree pkgs...
-  nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
-    "unrar"
-  ];
-
+  nixpkgs.config.allowUnfreePredicate =
+    pkg:
+    builtins.elem (lib.getName pkg) [
+      "unrar"
+    ];
 
   # This option defines the first version of NixOS you have installed on this particular machine,
   # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
@@ -166,5 +138,4 @@ in
   #
   # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
   system.stateVersion = "24.05"; # Did you read the comment?
-
 }

hosts/sisyphe/features/default.nix

@@ -1,10 +1,10 @@
 { config, pkgs, ... }:
 {
   imports = [
-    ./containers/default.nix
-    ./multimedia/default.nix
-    ./databases/default.nix
-    ./services/default.nix
+    ./containers
+    ./multimedia
+    ./databases
+    ./services
     ./backups.nix
     ./caddy.nix
     ./prometheus.nix