diff --git a/src/system/machines/server/system.nix b/src/system/machines/server/system.nix index 5772f66..c3bafe2 100644 --- a/src/system/machines/server/system.nix +++ b/src/system/machines/server/system.nix @@ -2,19 +2,6 @@ { system.stateVersion = "23.11"; - imports = [ - ../modules - ]; - - modules = { - bitcoin = { - enable = true; - clightning = true; - electrs = true; - sparrow-server = true; - }; - }; - users.users = { ${config.user.name} = { isNormalUser = true; diff --git a/src/system/modules/bitcoin/default.nix b/src/system/modules/bitcoin/default.nix deleted file mode 100644 index a18f739..0000000 --- a/src/system/modules/bitcoin/default.nix +++ /dev/null @@ -1,63 +0,0 @@ -{ pkgs, lib, config, ... }: - -with lib; -let - cfg = config.modules.system.bitcoin; - -in -{ options.modules.system.bitcoin = { enable = mkEnableOption "system.bitcoin"; }; - - imports = [ ./modules ]; - - config = mkIf cfg.enable { - programs.bash.shellAliases = { - btc = "bitcoin-cli"; - }; - - users = { - users = { - "bitcoind" = { - description = "bitcoind system user"; - isSystemUser = true; - group = "bitcoin"; - home = /var/lib/bitcoind; - createHome = true; - }; - }; - groups = { - "bitcoin" = { - members = [ "clightning" "electrs" ]; - }; - }; - }; - - services.bitcoind = { - "bitcoind" = { - enable = true; - testnet = false; - user = "bitcoind"; - group = "bitcoin"; - configFile = /var/lib/bitcoind/bitcoin.conf; - - rpc = { - port = 8332; - }; - - extraConfig = '' - server=1 - mempoolfullrbf=1 - v2transport=1 - - rpcbind=127.0.0.1 - rpcallowip=127.0.0.1 - - proxy=127.0.0.1:9050 - listen=1 - listenonion=1 - torcontrol=127.0.0.1:9051 - torenablecircuit=1 - ''; - }; - }; - }; -} diff --git a/src/system/modules/bitcoin/modules/core-lightning/default.nix b/src/system/modules/bitcoin/modules/core-lightning/default.nix deleted file mode 100644 index 19e59fd..0000000 --- a/src/system/modules/bitcoin/modules/core-lightning/default.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ lib, pkgs, config, ... }: -#TODO: c-lightning config file - -with lib; - let cfg = config.modules.system.bitcoin.core-lightning; - -in -{ options.modules.system.bitcoin.core-lightning = { enable = mkEnableOption "system.bitcoin.core-lightning"; }; - config = mkIf cfg.enable { - imports = [ ./modules ]; - programs.bash.shellAliases = { - cln = "lightningd"; - }; - - environment.systemPackages = with pkgs; [ - clightning - ]; - - users = { - users = { - "c-lightning" = { - description = "core-lightning system user"; - isSystemUser = true; - group = "bitcoin"; - home = /var/lib/c-lightning; - createHome = true; - }; - }; - }; - - systemd.services.lightningd = { - Unit = { - Description = "Core Lightning daemon"; - Requires = [ "bitcoind.service" ]; - After = [ "bitcoind.service" "network-online.target" ]; - Wants = [ "network-online.target" ]; - }; - Service = { - ExecStartPre = - let - lightningConf = '' - ''; #put lightning conf here - in - "${pkgs.writeShellScript "prepare-clightning-config" '' - mkdir -p /var/lib/c-lightning/.lightning - chown -R c-lightning:bitcoin /var/lib/c-lightning - echo "${lightningConf}" > /var/lib/c-lightning/.lightning/config - chmod 600 /var/lib/c-lightning/.lightning/config - ''}"; - - ExecStart = "${pkgs.clightning}/bin/lightningd --conf=/var/lib/c-lightning/.lightning/config"; - - RuntimeDirectory = "lightningd"; - - User = "c-lightning"; - Group = "bitcoin"; - - Type = "forking"; - PIDFile = "/run/lightningd/lightningd.pid"; - Restart = "on-failute"; - - PrivateTmp = true; - ProtectSystem = "full"; - NoNewPrivileges = true; - PrivateDevies = true; - MemoryDenyWriteAccess = false; - }; - Install = { - WantedBy = [ "multi-user.target" ]; - }; - }; - }; -} diff --git a/src/system/modules/bitcoin/modules/core-lightning/modules/c-lightning-REST/default.nix b/src/system/modules/bitcoin/modules/core-lightning/modules/c-lightning-REST/default.nix deleted file mode 100644 index c04a9e8..0000000 --- a/src/system/modules/bitcoin/modules/core-lightning/modules/c-lightning-REST/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ lib, pkgs, config, ... }: - -with lib; - let - cfg = config.modules.system.bitcoin.core-lightning.REST; - cln = config.modules.system.bitcoin.core-lightning; - c-lightning-REST = import ./derivation.nix { inherit pkgs; }; - -in -{ options.modules.system.bitcoin.core-lightning.REST = { - enable = mkEnableOption "system.bitcoin.core-lightning.REST"; - }; - config = mkIf (cfg.enable && cln.enable) { - environment.systemPackages = with pkgs; [ - c-lightning-REST - ]; - }; -} diff --git a/src/system/modules/bitcoin/modules/core-lightning/modules/c-lightning-REST/derivation.nix b/src/system/modules/bitcoin/modules/core-lightning/modules/c-lightning-REST/derivation.nix deleted file mode 100644 index 4c7dd7e..0000000 --- a/src/system/modules/bitcoin/modules/core-lightning/modules/c-lightning-REST/derivation.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ pkgs, ... }: - -with pkgs; -stdenv.mkDerivation rec { - pname = "c-lightning-REST"; - version = "0.10.7"; - - src = fetchurl { - url = "https://github.com/Ride-The-Lightning/c-lightning-REST/archive/refs/tags/v${version}.tar.gz"; - sha256 = "1swg53vbacsrsgy79lni07dy2h44b0yf2kad7j4fv17az4gwnxk7"; - }; - - buildInputs = with pkgs; [ - nodejs - ]; - - installPhase = '' - mkdir -p $out - cp -r * $out/ - ''; - - meta = { - description = "c-lighting REST API"; - homepage = "https://github.com/Ride-The-Lightning/c-lightning-REST"; - license = stdenv.lib.licenses.mit; - platforms = stdenv.lib.platforms.linux; - }; -} diff --git a/src/system/modules/bitcoin/modules/core-lightning/modules/default.nix b/src/system/modules/bitcoin/modules/core-lightning/modules/default.nix deleted file mode 100644 index 2b2fd49..0000000 --- a/src/system/modules/bitcoin/modules/core-lightning/modules/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - imports = [ - ./c-lightning-REST - ]; -} diff --git a/src/system/modules/bitcoin/modules/default.nix b/src/system/modules/bitcoin/modules/default.nix deleted file mode 100644 index bbb0cbc..0000000 --- a/src/system/modules/bitcoin/modules/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - imports = [ - ./core-lightning - ./electrs - ./sparrow-server - ]; -} diff --git a/src/system/modules/bitcoin/modules/electrs/default.nix b/src/system/modules/bitcoin/modules/electrs/default.nix deleted file mode 100644 index 677bafd..0000000 --- a/src/system/modules/bitcoin/modules/electrs/default.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ lib, pkgs, config, ... }: -#TODO: electrs configuration file - -with lib; - let cfg = config.modules.bitcoin.electrs; -in -{ options.modules.bitcoin.electrs = { enable = mkEnableOption "bitcoin.electrs"; }; - config = mkIf cfg.enable { - environment.systemPackages = with pkgs; [ - electrs - ]; - - users = { - users = { - "electrs" = { - description = "electrs system user"; - isSystemUser = true; - group = "bitcoin"; - home = /var/lib/electrs; - createHome = true; - }; - }; - }; - - systemd.services.electrs = { - Unit = { - Description = "Electrs Bitcoin Indexer"; - After = [ "network.target" "bitcoind.service" ]; - Requires = [ "bitcoind.service" ]; - }; - Service = { - ExecStartPre = "/usr/bin/sleep 10"; - ExecStart = "${pkgs.electrs}/bin/electrs"; - - User = "electrs"; - Group = "bitcoin"; - Type = "simple"; - - KillMode = "process"; - TimeoutSec = 60; - Restart = "always"; - RestartSec = 60; - }; - Install = { - WantedBy = [ "multi-user.target" ]; - }; - }; - }; -} diff --git a/src/system/modules/bitcoin/modules/sparrow-server/default.nix b/src/system/modules/bitcoin/modules/sparrow-server/default.nix deleted file mode 100644 index 6629f8c..0000000 --- a/src/system/modules/bitcoin/modules/sparrow-server/default.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ lib, pkgs, config, ... }: - -with lib; - let - cfg = config.modules.system.bitcoin.sparrow-server; - sparrow-server = import ./derivation.nix { inherit pkgs; }; -in -{ options.modules.system.bitcoin.sparrow-server = { enable = mkEnableOption "system.bitcoin.sparrow-server"; }; - config = mkIf cfg.enable { - environment.systemPackages = with pkgs; [ - sparrow-server - ]; - }; -} diff --git a/src/system/modules/bitcoin/modules/sparrow-server/derivation.nix b/src/system/modules/bitcoin/modules/sparrow-server/derivation.nix deleted file mode 100644 index 8e5e698..0000000 --- a/src/system/modules/bitcoin/modules/sparrow-server/derivation.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ pkgs, ... }: - -with pkgs; -stdenv.mkDerivation rec { - pname = "sparrow-server"; - version = "1.8.2"; - - src = fetchurl { - url = "https://github.com/sparrowwallet/sparrow/releases/download/${version}/sparrow-server-${version}-x86_64.tar.gz"; - sha256 = "16hyrf8j7mv3m1ry7r2k3w70yxbf6smgcm5d35xy2hjqfmahv65m"; - }; - - installPhase = '' - mkdir -p $out/bin - cp -r * $out/bin - ''; - - meta = { - description = "Sparrow Server"; - homepage = "https://sparrowwallet.com/"; - license = stdenv.lib.licenses.mit; - platforms = stdenv.lib.platforms.linux; - }; -} diff --git a/src/system/modules/default.nix b/src/system/modules/default.nix deleted file mode 100644 index 77c150a..0000000 --- a/src/system/modules/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - imports = [ - ./bitcoin - ./nginx - ./tor - ]; -} diff --git a/src/system/modules/nginx/default.nix b/src/system/modules/nginx/default.nix deleted file mode 100644 index 6079a17..0000000 --- a/src/system/modules/nginx/default.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ lib, config, pkgs, ... }: - -with lib; -let - cfg = config.modules.system.nginx; - -in -{ options.modules.system.nginx = { enable = mkEnableOption "system.nginx"; }; - config = mkIf cfg.enable { - imports = [ ./sites ]; - security.acme = { - defaults = { - email = config.user.email; - }; - }; - services.nginx = { - enable = true; - package = pkgs.nginxMainLine; - }; - }; -} diff --git a/src/system/modules/nginx/sites/default.nix b/src/system/modules/nginx/sites/default.nix deleted file mode 100644 index 94b7201..0000000 --- a/src/system/modules/nginx/sites/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - imports = [ - ./mySite - ]; -} diff --git a/src/system/modules/nginx/sites/mySite/default.nix b/src/system/modules/nginx/sites/mySite/default.nix deleted file mode 100644 index 56932e2..0000000 --- a/src/system/modules/nginx/sites/mySite/default.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ lib, config, ... }: - -with lib; -let - cfg = config.modules.system.nginx.mySite; - nginxCfg = config.modules.system.nginx; - -in -{ options.modules.system.nginx.mySite = { enable = mkEnableOption "system.nginx.mySite"; }; - config = mkIf (cfg.enable && nginxCfg) { - security.acme = { - certs = { - "*.ramos.codes" = { - #TODO: configure ACME certs - }; - }; - }; - services.nginx = { - #TODO: check if configure as vhost or stream - virtualHosts = { - "*.ramos.codes" = { - addSSL = true; - onlySSL = true; - forceSSL = true; - acmeRoot = null; - }; - }; - }; - }; -} diff --git a/src/system/modules/nginx/sites/mySite/modules/btc/default.nix b/src/system/modules/nginx/sites/mySite/modules/btc/default.nix deleted file mode 100644 index fa7f50c..0000000 --- a/src/system/modules/nginx/sites/mySite/modules/btc/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ lib, config, ... }: - -with lib; -let - cfg = config.modules.system.nginx.mySite.btc; - mySiteCfg = config.modules.system.nginx.mySite; - btcCfg = config.modules.system.bitcoin; - -in -{ options.modules.system.nginx.mySite.btc = { enable = mkEnableOption "system.nginx.mySite.btc"; }; - config = mkIf (cfg.enable && mySiteCfg && btcCfg) { - #security.acme = { - # certs = { - # "btc.ramos.codes" = { - # #TODO: configure ACME certs - # }; - # }; - #}; - #services.nginx = { - # #TODO: check if configure as vhost or stream - # virtualHosts = { - # "btc.ramos.codes" = { - # addSSL = true; - # onlySSL = true; - # forceSSL = true; - # acmeRoot = null; - # }; - # }; - #}; - }; -} diff --git a/src/system/modules/nginx/sites/mySite/modules/git/default.nix b/src/system/modules/nginx/sites/mySite/modules/git/default.nix deleted file mode 100644 index 62b8f66..0000000 --- a/src/system/modules/nginx/sites/mySite/modules/git/default.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ lib, config, ... }: - -with lib; -let - cfg = config.modules.system.nginx.mySite.git; - mySiteCfg = config.modules.system.nginx.mySite; - -in -{ options.modules.system.nginx.mySite.git = { enable = mkEnableOption "system.nginx.mySite.git"; }; - config = mkIf (cfg.enable && mySiteCfg) { - #security.acme = { - # certs = { - # "ramos.codes" = { - # #TODO: configure ACME certs - # }; - # }; - #}; - #services.nginx = { - # #TODO: check if configure as vhost or stream - # streamConfig = services.nginx.streamConfig ++ { - # "*.ramos.codes" = { - # addSSL = true; - # onlySSL = true; - # forceSSL = true; - # acmeRoot = null; - # }; - # }; - #}; - }; -} diff --git a/src/system/modules/tor/default.nix b/src/system/modules/tor/default.nix deleted file mode 100644 index efdf41c..0000000 --- a/src/system/modules/tor/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ lib, config, ... }: - -with lib; -let - cfg = config.modules.system.tor; - -in -{ options.modules.system.tor = { enable = mkEnableOption "system.tor"; }; - config = mkIf cfg.enable { - imports = [ ./modules ]; - services.tor = { - enable = true; - client = { - enable = lib.mkDefault true; - dns.enable = mkIf services.tor.client.enable true; - }; - relay.enable = lib.mkDefault false; - enableGeoIP = false; - DoSConnectionEnabled = true; - DoSCircuitCreationEnabled = true; - }; - }; -} diff --git a/src/system/modules/tor/modules/default.nix b/src/system/modules/tor/modules/default.nix deleted file mode 100644 index 893538e..0000000 --- a/src/system/modules/tor/modules/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - imports = [ - ./relay - ]; -} diff --git a/src/system/modules/tor/modules/relay.nix b/src/system/modules/tor/modules/relay.nix deleted file mode 100644 index 17044a6..0000000 --- a/src/system/modules/tor/modules/relay.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ lib, config, ... }: - -with lib; -let - cfg = config.modules.system.tor.relay; - torCfg = config.modules.system.tor; - -in -{ options.modules.system.tor.relay = { enable = mkEnableOption "system.tor.relay"; }; - config = mkIf (cfg.enable && torCfg.enable) { - services.tor = { - client.enable = false; - relay.enable = true; - }; - }; -}