From 40d6a40b1de18f28003c4aa5f36d9b4b0ef4afdd Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Mon, 21 Jul 2025 13:00:38 -0700 Subject: move all profiles, modules, and flakes to top-level --- modules/default-darwin.nix | 7 +++++ modules/default.nix | 7 +++++ modules/fcuny-net.nix | 70 ++++++++++++++++++++++++++++++++++++++++++++++ modules/home.nix | 38 +++++++++++++++++++++++++ modules/host-config.nix | 15 ++++++++++ 5 files changed, 137 insertions(+) create mode 100644 modules/default-darwin.nix create mode 100644 modules/default.nix create mode 100644 modules/fcuny-net.nix create mode 100644 modules/home.nix create mode 100644 modules/host-config.nix (limited to 'modules') diff --git a/modules/default-darwin.nix b/modules/default-darwin.nix new file mode 100644 index 0000000..b42a079 --- /dev/null +++ b/modules/default-darwin.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + imports = [ + ./home.nix + ./host-config.nix + ]; +} diff --git a/modules/default.nix b/modules/default.nix new file mode 100644 index 0000000..b42a079 --- /dev/null +++ b/modules/default.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + imports = [ + ./home.nix + ./host-config.nix + ]; +} diff --git a/modules/fcuny-net.nix b/modules/fcuny-net.nix new file mode 100644 index 0000000..eb5bf95 --- /dev/null +++ b/modules/fcuny-net.nix @@ -0,0 +1,70 @@ +{ + config, + lib, + pkgs, + ... +}: + +let + cfg = config.services.fcuny-net; + + # Import your site - you'll need to adjust the path relative to this module + fcunyNet = import ../../src/fcuny.net { inherit pkgs; }; +in +{ + options.services.fcuny-net = { + enable = lib.mkEnableOption "fcuny.net static site"; + + domain = lib.mkOption { + type = lib.types.str; + default = "fcuny.net"; + description = "Domain name for the site"; + }; + + port = lib.mkOption { + type = lib.types.port; + default = 80; + description = "Port to serve the site on"; + }; + + enableSSL = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable SSL/TLS with Let's Encrypt"; + }; + }; + + config = lib.mkIf cfg.enable { + services.nginx = { + enable = true; + virtualHosts.${cfg.domain} = { + root = fcunyNet.site; + + # SSL configuration + enableACME = cfg.enableSSL; + forceSSL = cfg.enableSSL; + + locations."/" = { + tryFiles = "$uri $uri/ =404"; + }; + + extraConfig = '' + # Cache static assets + location ~* \.(css|js|png|jpg|jpeg|gif|ico|svg)$ { + expires 1y; + add_header Cache-Control "public, immutable"; + } + ''; + }; + }; + + # Open firewall + networking.firewall.allowedTCPPorts = [ cfg.port ] ++ lib.optional cfg.enableSSL 443; + + # ACME/Let's Encrypt setup if SSL is enabled + security.acme = lib.mkIf cfg.enableSSL { + acceptTerms = true; + defaults.email = "franck@fcuny.net"; + }; + }; +} diff --git a/modules/home.nix b/modules/home.nix new file mode 100644 index 0000000..6b6b518 --- /dev/null +++ b/modules/home.nix @@ -0,0 +1,38 @@ +{ + userProfiles, + lib, + ... +}: +let + inherit (lib) mkOption; + inherit (lib.types) + submodule + listOf + attrsOf + str + ; +in +{ + options = { + home = mkOption { + type = attrsOf ( + submodule ( + { name, ... }: + { + options = { + name = mkOption { + type = str; + default = name; + }; + profiles = mkOption { + type = listOf str; + apply = map (v: userProfiles.${v}); + }; + }; + } + ) + ); + default = { }; + }; + }; +} diff --git a/modules/host-config.nix b/modules/host-config.nix new file mode 100644 index 0000000..b10d85f --- /dev/null +++ b/modules/host-config.nix @@ -0,0 +1,15 @@ +{ lib, ... }: +let + inherit (lib) mkOption; + inherit (lib.types) + attrs + ; +in +{ + options = { + adminUser = mkOption { + type = attrs; + default = { }; + }; + }; +} -- cgit v1.2.3