nixos/applications/_base.nix

{
  config,
  lib,
  pkgs,
  ...
}:
with lib; let
  # root service
  cfg = config.services.skynet;
in {
  imports = [
    # every server needs to have a dns record
    ./dns/dns.nix

    # every server should have proper certs
    ./acme.nix
    ./nginx.nix

    # every server may need the firewall config stuff
    ./firewall.nix

    # every server needs teh ldap client for admins
    ./ldap/client.nix

    # every server will need the config to backup to
    ./restic.nix

    # every server will be monitored for grafana
    ./prometheus.nix
  ];

  options.services.skynet = {
    # since we use this basically everywhere provide a standard way to set it
    host = {
      ip = mkOption {
        type = types.str;
      };
      name = mkOption {
        type = types.str;
      };
      hostname = mkOption {
        type = types.str;
        default = "${cfg.host.name}.skynet.ie";
      };
      interface = mkOption {
        type = types.str;
        description = "Will most likely be ``eno1`` for physical servers.";
        default = "eth0";
      };
      cidr = mkOption {
        type = types.int;
        description = "Most of our servers are /26, ";
        default = 26;
      };
    };
  };

  config = {
    services.skynet.dns.records = [
      {
        record = cfg.host.name;
        r_type = "A";
        value = cfg.host.ip;
        server = true;
      }
      {
        record = cfg.host.ip;
        r_type = "PTR";
        value = cfg.host.hostname;
      }
    ];

    # set
    networking = {
      hostName = cfg.host.name;
      defaultGateway.interface = lib.mkForce cfg.host.interface;

      # needs to have an address statically assigned
      interfaces."${cfg.host.interface}".ipv4.addresses = [
        {
          address = cfg.host.ip;
          prefixLength = cfg.host.cidr;
        }
      ];
    };

    services.nginx = {
      virtualHosts = {
        # for every server unless explisitly defined redirect the ip to skynet.ie
        "${cfg.host.ip}" = {
          forceSSL = true;
          useACMEHost = "skynet";
          locations."/".return = "307 https://skynet.ie";
        };
      };
    };
  };
}
feat: simplified the config for running services, only one hosts config is required now in each server config file 2024-05-30 17:55:29 +01:00			`{`
			`config,`
			`lib,`
			`pkgs,`
			`...`
			`}:`
			`with lib; let`
			`# root service`
			`cfg = config.services.skynet;`
			`in {`
			`imports = [`
fmt: remove duplicate imports, now unified in applications/_base.nix 2024-07-16 23:09:22 +01:00			`# every server needs to have a dns record`
			`./dns/dns.nix`

			`# every server should have proper certs`
feat: simplified the config for running services, only one hosts config is required now in each server config file 2024-05-30 17:55:29 +01:00			`./acme.nix`
			`./nginx.nix`
fmt: remove duplicate imports, now unified in applications/_base.nix 2024-07-16 23:09:22 +01:00
			`# every server may need the firewall config stuff`
			`./firewall.nix`

			`# every server needs teh ldap client for admins`
			`./ldap/client.nix`

			`# every server will need the config to backup to`
			`./restic.nix`

			`# every server will be monitored for grafana`
			`./prometheus.nix`
feat: simplified the config for running services, only one hosts config is required now in each server config file 2024-05-30 17:55:29 +01:00			`];`

			`options.services.skynet = {`
			`# since we use this basically everywhere provide a standard way to set it`
			`host = {`
			`ip = mkOption {`
			`type = types.str;`
			`};`
			`name = mkOption {`
			`type = types.str;`
			`};`
			`hostname = mkOption {`
			`type = types.str;`
			`default = "${cfg.host.name}.skynet.ie";`
			`};`
feat: fixed how sometimes updating servers mean that ye had to reset teh MAC address in Proxmox. This is done by letting each server manage its own network interface. 2025-06-18 03:14:35 +01:00			`interface = mkOption {`
			`type = types.str;`
			description = "Will most likely be ``eno1`` for physical servers.";
			`default = "eth0";`
			`};`
			`cidr = mkOption {`
			`type = types.int;`
			`description = "Most of our servers are /26, ";`
			`default = 26;`
			`};`
feat: simplified the config for running services, only one hosts config is required now in each server config file 2024-05-30 17:55:29 +01:00			`};`
			`};`

			`config = {`
			`services.skynet.dns.records = [`
			`{`
			`record = cfg.host.name;`
			`r_type = "A";`
			`value = cfg.host.ip;`
			`server = true;`
			`}`
			`{`
			`record = cfg.host.ip;`
			`r_type = "PTR";`
			`value = cfg.host.hostname;`
			`}`
			`];`

feat: fixed how sometimes updating servers mean that ye had to reset teh MAC address in Proxmox. This is done by letting each server manage its own network interface. 2025-06-18 03:14:35 +01:00			`# set`
			`networking = {`
			`hostName = cfg.host.name;`
			`defaultGateway.interface = lib.mkForce cfg.host.interface;`

			`# needs to have an address statically assigned`
			`interfaces."${cfg.host.interface}".ipv4.addresses = [`
			`{`
			`address = cfg.host.ip;`
			`prefixLength = cfg.host.cidr;`
			`}`
			`];`
			`};`

feat: simplified the config for running services, only one hosts config is required now in each server config file 2024-05-30 17:55:29 +01:00			`services.nginx = {`
			`virtualHosts = {`
			`# for every server unless explisitly defined redirect the ip to skynet.ie`
			`"${cfg.host.ip}" = {`
			`forceSSL = true;`
			`useACMEHost = "skynet";`
			`locations."/".return = "307 https://skynet.ie";`
			`};`
			`};`
			`};`
			`};`
			`}`