{ config, lib, pkgs, ... }: with lib; let # root service cfg = config.services.skynet; in { imports = [ # every server needs to have a dns record ./dns/dns.nix # every server should have proper certs ./acme.nix ./nginx.nix # every server may need the firewall config stuff ./firewall.nix # every server needs teh ldap client for admins ./ldap/client.nix # every server will need the config to backup to ./restic.nix # every server will be monitored for grafana ./prometheus.nix ]; options.services.skynet = { # since we use this basically everywhere provide a standard way to set it host = { ip = mkOption { type = types.str; }; name = mkOption { type = types.str; }; hostname = mkOption { type = types.str; default = "${cfg.host.name}.skynet.ie"; }; }; }; config = { services.skynet.dns.records = [ { record = cfg.host.name; r_type = "A"; value = cfg.host.ip; server = true; } { record = cfg.host.ip; r_type = "PTR"; value = cfg.host.hostname; } ]; services.nginx = { virtualHosts = { # for every server unless explisitly defined redirect the ip to skynet.ie "${cfg.host.ip}" = { forceSSL = true; useACMEHost = "skynet"; locations."/".return = "307 https://skynet.ie"; }; }; }; }; }