Refactored configurations for better readability

.gitignore

@@ -1 +1,2 @@
-nextcloud/adminpass
+
+nixos/imports/nextcloud-admin-pass

home-manager/cloud.txt

@@ -1,7 +1,12 @@
-[?25l          ▌▌▌▌▌▌          
+
- ▌▌▌▌▌  ▌░▌    ▌▒▌  ▌▌▌▌▌ 
+
-▌░▌  ▌░▌░▌      ▌░▌░▌  ▌░▌
+            
-▌░▌  ▌░▌░▌      ▌░▌░▌  ▌░▌
+    [?25l          ▌▌▌▌▌▌          
- ▌▌▌▌▌  ▌░▌    ▌░▌  ▌▌▌▌▌ 
+     ▌▌▌▌▌  ▌░▌    ▌▒▌  ▌▌▌▌▌ 
-          ▌▌▌▌▌▌          
+    ▌░▌  ▌░▌░▌      ▌░▌░▌  ▌░▌
-[?25h
+    ▌░▌  ▌░▌░▌      ▌░▌░▌  ▌░▌
+     ▌▌▌▌▌  ▌░▌    ▌░▌  ▌▌▌▌▌ 
+              ▌▌▌▌▌▌          
+    [?25h
+
+

home-manager/fastfetch.nix

@@ -6,19 +6,7 @@
         logo = {
             # Created with Chafa
             # chafa -s 26x13 -w 9 --symbols vhalf --view-size 26x13 cloud.png > cloud.txt
-            source = ''
+            source = builtins.readFile ./cloud.txt;
-
-            
-    [?25l          ▌▌▌▌▌▌          
-     ▌▌▌▌▌  ▌░▌    ▌▒▌  ▌▌▌▌▌ 
-    ▌░▌  ▌░▌░▌      ▌░▌░▌  ▌░▌
-    ▌░▌  ▌░▌░▌      ▌░▌░▌  ▌░▌
-     ▌▌▌▌▌  ▌░▌    ▌░▌  ▌▌▌▌▌ 
-              ▌▌▌▌▌▌          
-    [?25h
-
-
-'';
             type = "data";
             position = "left";
             padding = {

nixos/configuration.nix

@@ -10,16 +10,18 @@ in {
     [
       # Include the default lxc/lxd configuration.
       "${modulesPath}/virtualisation/lxc-container.nix"
-      # Include the container-specific autogenerated configuration.
-      #./lxd.nix - this has to be commented out from the system tarball
 
+      # Nginx
+      ./imports/nginx.nix
+      # Nextcloud
+      ./imports/nextcloud.nix
       # Snapraid-runner
-      ./imports/snapraid-runner.nix
+      ./imports/snapraid.nix
-      
       # Import hardware configuration.
       ./hardware-configuration.nix
     ];
 
+  # OVERLAYS for custom packages.
   nixpkgs.overlays = [ (import ./overlays) ];
 
   # NETWORKING
@@ -46,11 +48,6 @@ in {
     };
   };
 
-  security.acme = {
-    acceptTerms = true;
-    defaults.email = "chris@toph.cc";
-  };
-
   # LOCALE
   time.timeZone = timeZone;
   i18n.defaultLocale = defaultLocale;
@@ -104,13 +101,6 @@ in {
   # PROGRAMS & SERVICES
   programs.ssh.startAgent = true;
 
-  # Nextcloud
-  environment.etc."nextcloud-admin-pass".text = "snYBkSxkFZ6a7Y";
-  services.nextcloud = import ./imports/nextcloud.nix { inherit pkgs config; };
-  
-  # Nginx
-  services.nginx = import ./imports/nginx.nix;
-
   # Shells
   environment.shells = with pkgs; [ bash fish ];
   programs.fish.enable = true;

nixos/imports/nextcloud.nix

@@ -1,45 +1,50 @@
 { config, pkgs, ... }:
 
 {
-  enable = true;
+  # The Nextcloud admin password is stored in a separate file to avoid
-  hostName = "cloud.ryot.foo";
+  environment.etc."nextcloud-admin-pass".text = builtins.readFile ./nextcloud-admin-pass;
 
-  # Need to manually increment with every major upgrade.
+  services.nextcloud = { 
-  package = pkgs.nextcloud29;
+    enable = true;
+    hostName = "cloud.ryot.foo";
 
-  # Let NixOS install and configure the database automatically.
+    # Need to manually increment with every major upgrade.
-  database.createLocally = true;
+    package = pkgs.nextcloud29;
 
-  # Let NixOS install and configure Redis caching automatically.
+    # Let NixOS install and configure the database automatically.
-  configureRedis = true;
+    database.createLocally = true;
 
-  # Increase the maximum file upload size to avoid problems uploading videos.
+    # Let NixOS install and configure Redis caching automatically.
-  maxUploadSize = "16G";
+    configureRedis = true;
-  https = true;
 
-  autoUpdateApps.enable = true;
+    # Increase the maximum file upload size to avoid problems uploading videos.
-  extraAppsEnable = true;
+    maxUploadSize = "16G";
-  extraApps = with config.services.nextcloud.package.packages.apps; {
+    https = true;
-    # https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/nextcloud/packages/nextcloud-apps.json
-    inherit calendar contacts mail notes tasks;
-    # inherit calendar contacts mail notes onlyoffice tasks;
 
-    # Custom app installation example.
+    autoUpdateApps.enable = true;
-    # cookbook = pkgs.fetchNextcloudApp rec {
+    extraAppsEnable = true;
-    #   url =
+    extraApps = with config.services.nextcloud.package.packages.apps; {
-    #     "https://github.com/nextcloud/cookbook/releases/download/v0.10.2/Cookbook-0.10.2.tar.gz";
+      # https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/nextcloud/packages/nextcloud-apps.json
-    #   sha256 = "sha256-XgBwUr26qW6wvqhrnhhhhcN4wkI+eXDHnNSm1HDbP6M=";
+      inherit calendar contacts mail notes tasks;
-    # };
+      # inherit calendar contacts mail notes onlyoffice tasks;
-  };
 
-  settings = {
+      # Custom app installation example.
-    overwriteProtocol = "https";
+      # cookbook = pkgs.fetchNextcloudApp rec {
-    default_phone_region = "US";
+      #   url =
-  };
+      #     "https://github.com/nextcloud/cookbook/releases/download/v0.10.2/Cookbook-0.10.2.tar.gz";
+      #   sha256 = "sha256-XgBwUr26qW6wvqhrnhhhhcN4wkI+eXDHnNSm1HDbP6M=";
+      # };
+    };
 
-  config = {
+    settings = {
-    dbtype = "pgsql";
+      overwriteProtocol = "https";
-    adminuser = "admin";
+      default_phone_region = "US";
-    adminpassFile = "/etc/nextcloud-admin-pass";
+    };
+
+    config = {
+      dbtype = "pgsql";
+      adminuser = "admin";
+      adminpassFile = "/etc/nextcloud-admin-pass";
+    };
   };
 }

nixos/imports/nginx.nix

@@ -1,23 +1,34 @@
 {
-    enable = true;
+    # letsencrypt this wont do shit but allows things to work
+    # i take care of this on dockge lxc
+    security.acme = {
+        acceptTerms = true;
+        defaults.email = "chris@toph.cc";
+    };
 
-    # Use recommended settings
+    # Nginx
-    recommendedGzipSettings = true;
+    services.nginx = {
-    recommendedOptimisation = true;
-    recommendedProxySettings = true;
-    recommendedTlsSettings = true;
 
-    # Only allow PFS-enabled ciphers with AES256
+        enable = true;
-    sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
 
-    # Setup Nextcloud virtual host to listen on ports
+        # Use recommended settings
-    virtualHosts = {
+        recommendedGzipSettings = true;
+        recommendedOptimisation = true;
+        recommendedProxySettings = true;
+        recommendedTlsSettings = true;
 
-    "cloud.ryot.foo" = {
+        # Only allow PFS-enabled ciphers with AES256
-        ## Force HTTP redirect to HTTPS
+        sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
-        forceSSL = true;
+
-        ## LetsEncrypt
+        # Setup Nextcloud virtual host to listen on ports
-        enableACME = true;
+        virtualHosts = {
+
+        "cloud.ryot.foo" = {
+            ## Force HTTP redirect to HTTPS
+            forceSSL = true;
+            ## LetsEncrypt
+            enableACME = true;
+            };
         };
     };
 }

nixos/imports/snapraid-runner.nix

@@ -1,5 +0,0 @@
-{ pkgs, ... }:
-
-{
-    environment.etc."snapraid-runner.conf".text = builtins.readFile ../pkgs/snapraid-runner/snapraid-runner.conf;
-}

nixos/imports/snapraid.conf

@@ -0,0 +1,96 @@
+## /etc/snapraid.conf ##
+
+# Example configuration for snapraid
+
+# Defines the file to use as parity storage
+# It must NOT be in a data disk
+# Format: "parity FILE [,FILE] ..."
+parity /mnt/parity/snapraid.parity
+
+# Defines the files to use as additional parity storage.
+# If specified, they enable the multiple failures protection
+# from two to six level of parity.
+# To enable, uncomment one parity file for each level of extra
+# protection required. Start from 2-parity, and follow in order.
+# It must NOT be in a data disk
+# Format: "X-parity FILE [,FILE] ..."
+#2-parity /mnt/parity2/snapraid.2-parity
+#3-parity /mnt/diskr/snapraid.3-parity
+#4-parity /mnt/disks/snapraid.4-parity
+#5-parity /mnt/diskt/snapraid.5-parity
+#6-parity /mnt/disku/snapraid.6-parity
+
+# Defines the files to use as content list
+# You can use multiple specification to store more copies
+# You must have least one copy for each parity file plus one. Some more don't hurt
+# They can be in the disks used for data, parity or boot,
+# but each file must be in a different disk
+# Format: "content FILE"
+content /var/snapraid.content
+content /mnt/drive1/snapraid.content
+content /mnt/drive2/snapraid.content
+content /mnt/drive3/snapraid.content
+content /mnt/parity/snapraid.content
+
+# Defines the data disks to use
+# The name and mount point association is relevant for parity, do not change it
+# WARNING: Adding here your /home, /var or /tmp disks is NOT a good idea!
+# SnapRAID is better suited for files that rarely changes!
+# Format: "data DISK_NAME DISK_MOUNT_POINT"
+data d1 /mnt/drive1/
+data d2 /mnt/drive2/
+data d3 /mnt/drive3/
+
+# Excludes hidden files and directories (uncomment to enable).
+#nohidden
+
+# Defines files and directories to exclude
+# Remember that all the paths are relative at the mount points
+# Format: "exclude FILE"
+# Format: "exclude DIR/"
+# Format: "exclude /PATH/FILE"
+# Format: "exclude /PATH/DIR/"
+exclude *.unrecoverable
+exclude /tmp/
+exclude /lost+found/
+
+# Defines the block size in kibi bytes (1024 bytes) (uncomment to enable).
+# WARNING: Changing this value is for experts only!
+# Default value is 256 -> 256 kibi bytes -> 262144 bytes
+# Format: "blocksize SIZE_IN_KiB"
+#blocksize 256
+
+# Defines the hash size in bytes (uncomment to enable).
+# WARNING: Changing this value is for experts only!
+# Default value is 16 -> 128 bits
+# Format: "hashsize SIZE_IN_BYTES"
+#hashsize 16
+
+# Automatically save the state when syncing after the specified amount
+# of GB processed (uncomment to enable).
+# This option is useful to avoid to restart from scratch long 'sync'
+# commands interrupted by a machine crash.
+# It also improves the recovering if a disk break during a 'sync'.
+# Default value is 0, meaning disabled.
+# Format: "autosave SIZE_IN_GB"
+#autosave 500
+
+# Defines the pooling directory where the virtual view of the disk
+# array is created using the "pool" command (uncomment to enable).
+# The files are not really copied here, but just linked using
+# symbolic links.
+# This directory must be outside the array.
+# Format: "pool DIR"
+#pool /pool
+
+# Defines a custom smartctl command to obtain the SMART attributes
+# for each disk. This may be required for RAID controllers and for
+# some USB disk that cannot be autodetected.
+# In the specified options, the "%s" string is replaced by the device name.
+# Refers at the smartmontools documentation about the possible options:
+# RAID -> https://www.smartmontools.org/wiki/Supported_RAID-Controllers
+# USB -> https://www.smartmontools.org/wiki/Supported_USB-Devices
+#smartctl d1 -d sat %s
+#smartctl d2 -d usbjmicron %s
+#smartctl parity -d areca,1/1 /dev/sg0
+#smartctl 2-parity -d areca,2/1 /dev/sg0

nixos/imports/snapraid.nix

@@ -0,0 +1,12 @@
+{ pkgs, ... }:
+
+{
+    environment.etc."snapraid-runner.conf".text = builtins.readFile ../pkgs/snapraid-runner/snapraid-runner.conf;
+    environment.etc."snapraid.conf".text = builtins.readFile ./snapraid.conf;
+
+    # Enable the SnapRAID service
+    # services.snapraid = {
+    #     enable = true;
+    #     configFile = "/etc/snapraid.conf";
+    # };
+}