more refactoring

features/client/home-manager/home.nix

@@ -1,81 +0,0 @@
-{ config, pkgs, ... }:
-
-{
-  # Home Manager needs a bit of information about you and the paths it should
-  # manage.
-  home.username = "katz";
-  home.homeDirectory = "/home/katz";
-
-  # This value determines the Home Manager release that your configuration is
-  # compatible with. This helps avoid breakage when a new Home Manager release
-  # introduces backwards incompatible changes.
-  #
-  # You should not change this value, even if you update Home Manager. If you do
-  # want to update the value, then make sure to first check the Home Manager
-  # release notes.
-  home.stateVersion = "24.05"; # Please read the comment before changing.
-
-  # The home.packages option allows you to install Nix packages into your
-  # environment.
-  home.packages = [
-    # # Adds the 'hello' command to your environment. It prints a friendly
-    # # "Hello, world!" when run.
-    # pkgs.hello
-    pkgs.neovim
-    pkgs.openarena
-    pkgs.xonotic
-    pkgs.jellyfin-mpv-shim
-    pkgs.bitwarden-cli
-    pkgs.moonlight-qt
-    # # It is sometimes useful to fine-tune packages, for example, by applying
-    # # overrides. You can do that directly here, just don't forget the
-    # # parentheses. Maybe you want to install Nerd Fonts with a limited number of
-    # # fonts?
-    # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; })
-
-    # # You can also create simple shell scripts directly inside your
-    # # configuration. For example, this adds a command 'my-hello' to your
-    # # environment:
-    # (pkgs.writeShellScriptBin "my-hello" ''
-    #   echo "Hello, ${config.home.username}!"
-    # '')
-  ];
-
-  # Home Manager is pretty good at managing dotfiles. The primary way to manage
-  # plain files is through 'home.file'.
-  home.file = {
-    # # Building this configuration will create a copy of 'dotfiles/screenrc' in
-    # # the Nix store. Activating the configuration will then make '~/.screenrc' a
-    # # symlink to the Nix store copy.
-    # ".screenrc".source = dotfiles/screenrc;
-
-    # # You can also set the file content immediately.
-    # ".gradle/gradle.properties".text = ''
-    #   org.gradle.console=verbose
-    #   org.gradle.daemon.idletimeout=3600000
-    # '';
-  };
-
-  # Home Manager can also manage your environment variables through
-  # 'home.sessionVariables'. These will be explicitly sourced when using a
-  # shell provided by Home Manager. If you don't want to manage your shell
-  # through Home Manager then you have to manually source 'hm-session-vars.sh'
-  # located at either
-  #
-  #  ~/.nix-profile/etc/profile.d/hm-session-vars.sh
-  #
-  # or
-  #
-  #  ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh
-  #
-  # or
-  #
-  #  /etc/profiles/per-user/katz/etc/profile.d/hm-session-vars.sh
-  #
-  home.sessionVariables = {
-    EDITOR = "nvim";
-  };
-
-  # Let Home Manager install and manage itself.
-  programs.home-manager.enable = true;
-}

features/client/vesktop.nix

@@ -1,3 +0,0 @@
-{
-
-  }

flake.nix

@@ -18,6 +18,10 @@
       flake = false;
     };
 
+    miovim = {
+      url = "https://git.hypervirtual.world/harry123/miovim";
+    };
+
     nixos-generators = {
       url = "github:nix-community/nixos-generators";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -25,13 +29,8 @@
 
     nix-darwin.url = "github:LnL7/nix-darwin";
     nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
-
     nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=v0.4.1";
     neovim-nightly-overlay.url = "github:nix-community/neovim-nightly-overlay";
-    nixvim = {
-      url = "github:nix-community/nixvim";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
 
     walker.url = "github:abenz1267/walker";
   };
@@ -48,6 +47,7 @@
       nix-flatpak,
       home-manager,
       nixvim,
+      miovim,
       ...
     }@inputs:
     let
@@ -153,6 +153,18 @@
           ];
           format = "proxmox";
         };
+
+        diva = nixos-generators.nixosGenerate {
+          system = "x86_64-linux";
+          specialArgs = {
+            diskSize = 20 * 1024;
+            inherit specialArgs;
+          };
+          modules = [
+            ./hosts/diva/configuration.nix
+          ];
+          format = "proxmox";
+        };
       };
 
       darwinConfigurations."iMac-de-Eddie" = nix-darwin.lib.darwinSystem {

hosts/diva/configuration.nix

@@ -0,0 +1,25 @@
+{ inputs, ... }:
+{
+  imports = [ ./features ];
+  networking.hostName = "diva"; # Define your hostname.
+
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [
+      22 # ssh
+      80 # http
+      443 # ssl
+    ];
+  };
+
+  # reducing disk usage
+  boot.loader.systemd-boot.configurationLimit = 10;
+  nix.gc = {
+    automatic = true;
+    dates = "weekly";
+    options = "--delete-older-than 1w";
+  };
+
+  nix.settings.auto-optimise-store = true;
+  services.caddy.enable = true;
+}

hosts/diva/features/backups.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  services.borgmatic.enable = true;
+}

hosts/diva/features/default.nix

@@ -0,0 +1,9 @@
+{ config, ... }:
+{
+  imports = [
+    ./backups.nix
+    ./fail2ban.nix
+    ./nextcloud.nix
+    ./uptime-kuma.nix
+  ];
+}

hosts/diva/features/fail2ban.nix

@@ -0,0 +1,4 @@
+{ config, ... }:
+{
+
+}

hosts/diva/features/nextcloud.nix

@@ -0,0 +1,78 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+{
+  imports = [
+    "${
+      fetchTarball {
+        url = "https://github.com/onny/nixos-nextcloud-testumgebung/archive/fa6f062830b4bc3cedb9694c1dbf01d5fdf775ac.tar.gz";
+        sha256 = "0gzd0276b8da3ykapgqks2zhsqdv4jjvbv97dsxg0hgrhb74z0fs";
+      }
+    }/nextcloud-extras.nix"
+    ./nextcloud-network.nix
+  ]; # adding caddy support
+
+  sops.secrets.adminNextcloudPass = {
+    owner = "nextcloud";
+  };
+
+  services.nextcloud = {
+    enable = true;
+    hostName = "cloud.hypervirtual.world";
+    database.createLocally = true;
+    webserver = "caddy";
+    configureRedis = true;
+    package = pkgs.nextcloud30;
+    config = {
+      dbtype = "pgsql";
+      adminpassFile = config.sops.secrets.adminNextcloudPass.path;
+    };
+
+    settings = {
+      enabledPreviewProviders = [
+        "OC\\Preview\\BMP"
+        "OC\\Preview\\GIF"
+        "OC\\Preview\\JPEG"
+        "OC\\Preview\\Krita"
+        "OC\\Preview\\MarkDown"
+        "OC\\Preview\\MP3"
+        "OC\\Preview\\OpenDocument"
+        "OC\\Preview\\PNG"
+        "OC\\Preview\\TXT"
+        "OC\\Preview\\XBitmap"
+        "OC\\Preview\\HEIC"
+      ];
+
+      trustedDomains = [ "cloud.hypervirtual.world" ];
+      overwriteprotocol = "https";
+      log_type = "file"; # temporary fix for https://nixos.org/manual/nixos/stable/#module-services-nextcloud-warning-logreader
+      default_phone_region = "FR";
+      default_locale = "fr_FR";
+      default_language = "fr";
+      default_timezone = "Europe/Paris";
+      "memories.exiftool" = "${lib.getExe pkgs.exiftool}";
+    };
+
+    phpExtraExtensions = all: [
+      all.pdlib
+      all.redis
+      all.bz2
+    ];
+
+    phpOptions."opcache.interned_strings_buffer" = "23";
+    appstoreEnable = true; # why i would want appstore to be disabled ???
+    autoUpdateApps.enable = true;
+    cli.memoryLimit = "4G";
+  };
+
+  environment.systemPackages =
+    let
+      php = pkgs.php.buildEnv { extraConfig = "memory_limit = 4G"; };
+    in
+    [
+      php
+    ];
+}

hosts/diva/features/uptime-kuma.nix

@@ -0,0 +1,17 @@
+{ ... }:
+{
+  services.uptime-kuma = {
+    enable = true;
+    settings = {
+      PORT = "4000";
+    };
+  };
+
+  services.caddy.virtualHosts."http://status.hypervirtual.world".extraConfig = ''
+    reverse_proxy :4000
+  '';
+
+  services.caddy.virtualHosts."http://uptime.sisyphe.normandy.hypervirtual.world".extraConfig = ''
+    reverse_proxy :4000
+  '';
+}

hosts/sisyphe/configuration.nix

@@ -13,8 +13,8 @@ in
 {
   imports = [
     ./hardware-configuration.nix
-    ./features/default.nix
-    ../../features/shared/ssh.nix
+    ./features
+    ../shared
   ];
 
   # Use the GRUB 2 boot loader.
@@ -25,23 +25,6 @@ in
   services.qemuGuest.enable = true;
   networking.hostName = "sisyphe"; # Define your hostname.
 
-  # Set your time zone.
-  time.timeZone = lib.mkDefault "Europe/Paris";
-
-  i18n.defaultLocale = "fr_FR.UTF-8";
-  console = {
-    font = "Lat2-Terminus16";
-    keyMap = "fr";
-  };
-
-  nix.settings.experimental-features = [
-    "nix-command"
-    "flakes"
-  ];
-
-  system.autoUpgrade.enable = true;
-  system.autoUpgrade.allowReboot = true;
-
   users.users.homelab = {
     isNormalUser = true;
     extraGroups = [
@@ -68,11 +51,8 @@ in
   environment.systemPackages = with pkgs; [
     git
     neovim
-    curl
   ];
 
-  environment.variables.EDITOR = "nvim";
-
   # setting up networking!!
   networking = {
     interfaces = {
@@ -125,15 +105,6 @@ in
   sops.age.generateKey = true;
   sops.defaultSopsFile = "${secrets}/secrets/secrets.yaml";
 
-  # reducing disk usage
-  boot.loader.systemd-boot.configurationLimit = 10;
-  nix.gc = {
-    automatic = true;
-    dates = "weekly";
-    options = "--delete-older-than 1w";
-  };
-  nix.settings.auto-optimise-store = true;
-
   # sonarr needs some EoL packages to be build
   nixpkgs.config.permittedInsecurePackages = [
     "aspnetcore-runtime-6.0.36"
@@ -143,10 +114,11 @@ in
   ];
 
   # seems like sabnzbd needs some unfree pkgs...
-  nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
-    "unrar"
-  ];
-
+  nixpkgs.config.allowUnfreePredicate =
+    pkg:
+    builtins.elem (lib.getName pkg) [
+      "unrar"
+    ];
 
   # This option defines the first version of NixOS you have installed on this particular machine,
   # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
@@ -166,5 +138,4 @@ in
   #
   # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
   system.stateVersion = "24.05"; # Did you read the comment?
-
 }

hosts/sisyphe/features/default.nix

@@ -1,10 +1,10 @@
 { config, pkgs, ... }:
 {
   imports = [
-    ./containers/default.nix
-    ./multimedia/default.nix
-    ./databases/default.nix
-    ./services/default.nix
+    ./containers
+    ./multimedia
+    ./databases
+    ./services
     ./backups.nix
     ./caddy.nix
     ./prometheus.nix

shared/default.nix

@@ -0,0 +1,45 @@
+{
+  pkgs,
+  inputs,
+  system,
+  lib,
+  ...
+}:
+{
+  imports = [
+    ../shared
+  ];
+
+  environment.systemPackages = [
+    inputs.miovim.packages.${system}.default
+    pkgs.curl
+    pkgs.unzip
+  ];
+
+  environment.variables.EDITOR = "nvim";
+
+  nix.settings.experimental-features = [
+    "nix-command"
+    "flakes"
+  ];
+
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "fr";
+  };
+
+  services.tailscale.enable = true;
+
+  # Set your time zone.
+  time.timeZone = lib.mkDefault "Europe/Paris";
+  i18n.defaultLocale = "fr_FR.UTF-8";
+
+  # reducing disk usage
+  boot.loader.systemd-boot.configurationLimit = 10;
+  nix.gc = {
+    automatic = true;
+    dates = "weekly";
+    options = "--delete-older-than 1w";
+  };
+  nix.settings.auto-optimise-store = true;
+}

shared/ssh.nix

@@ -1,4 +1,8 @@
-{ config, ... }:
+{
+  config,
+
+  ...
+}:
 {
   services.openssh = {
     enable = true;
@@ -11,11 +15,12 @@
 
   services.fail2ban.jails.sshd.settings = {
     ssh = ''
-    enabled = true
-    port = ssh
-    filter = sshd
-    logpath = %(sshd_log)s
-    maxretry = 5
+      enabled = true
+      port = ssh
+      filter = sshd
+      logpath = %(sshd_log)s
+      maxretry = 5
     '';
   };
+
 }