stuff

hosts/headless/abacus/headscale.nix

@@ -1,23 +1,22 @@
-# {config, ...}: let
-#   virtualHostName = "";
-# in {
-#   services.headscale = {
-#     enable = true;
-#     address = "127.0.0.1";
-#     port = 8070;
-#     server_url = "https://${virtualHostName}";
-#     settings = {
-#       logtail.enabled = false;
-#     };
-#   };
-#
-#   services.nginx.virtualHosts.${virtualHostName} = {
-#     forceSSL = true;
-#     enableACME = true;
-#     locations."/" = {
-#       proxyPass = "http://localhost:${toString config.services.headscale.port}";
-#       proxyWebsockets = true;
-#     };
-#   };
-# }
-{}
+{config, ...}: let
+  virtualHostName = "headscale.helveticanonstandard.net";
+in {
+  services.headscale = {
+    enable = true;
+    address = "127.0.0.1";
+    port = 8010;
+    server_url = "https://${virtualHostName}";
+    settings = {
+      logtail.enabled = false;
+    };
+  };
+
+  services.nginx.virtualHosts.${virtualHostName} = {
+    forceSSL = true;
+    enableACME = true;
+    locations."/" = {
+      proxyPass = "http://localhost:${builtins.toString config.services.headscale.port}";
+      proxyWebsockets = true;
+    };
+  };
+}

hosts/headless/abacus/microbin.nix

@@ -1,50 +0,0 @@
-# TODO: use another service for this
-{
-  config,
-  lib,
-  ...
-}: let
-  inherit (config.networking) domain;
-  virtualHostName = "bin.${domain}";
-in {
-  age.secrets = lib.mkSecrets {microbin = {};};
-
-  services.microbin = {
-    enable = true;
-    passwordFile = config.age.secrets.microbin.path;
-    settings = {
-      MICROBIN_BIND = "127.0.0.1";
-      MICROBIN_PORT = 8020;
-
-      MICROBIN_PUBLIC_PATH = "https://${virtualHostName}/";
-
-      MICROBIN_READONLY = true;
-
-      MICROBIN_EDITABLE = true;
-      MICROBIN_ETERNAL_PASTA = true;
-      MICROBIN_HIGHLIGHTSYNTAX = true;
-      MICROBIN_PRIVATE = true;
-      MICROBIN_ENABLE_BURN_AFTER = true;
-      MICROBIN_QR = true;
-      MICROBIN_NO_FILE_UPLOAD = false;
-      MICROBIN_ENCRYPTION_CLIENT_SIDE = true;
-
-      MICROBIN_MAX_FILE_SIZE_ENCRYPTED_MB = 1024;
-      MICROBIN_MAX_FILE_SIZE_UNENCRYPTED_MB = 4096;
-
-      MICROBIN_DISABLE_UPDATE_CHECKING = true;
-      MICROBIN_DISABLE_TELEMETRY = true;
-      MICROBIN_LIST_SERVER = false;
-    };
-  };
-
-  services.nginx.virtualHosts.${virtualHostName} = {
-    enableACME = true;
-    forceSSL = true;
-
-    locations."/".proxyPass = let
-      host = config.services.microbin.settings.MICROBIN_BIND;
-      port = builtins.toString config.services.microbin.settings.MICROBIN_PORT;
-    in "http://${host}:${port}";
-  };
-}

hosts/headless/abacus/syncthing.nix

@@ -1,18 +0,0 @@
-{config, ...}: let
-  inherit (config.networking) domain;
-  virtualHostName = "sync.${domain}";
-in {
-  services.syncthing = {
-    enable = true;
-    systemService = true;
-    openDefaultPorts = true;
-    guiAddress = "localhost:8040";
-  };
-
-  services.nginx.virtualHosts.${virtualHostName} = {
-    enableACME = true;
-    forceSSL = true;
-
-    locations."/".proxyPass = "http://${config.services.syncthing.guiAddress}";
-  };
-}

hosts/headless/vessel/syncthing.nix

@@ -1,16 +0,0 @@
-# TODO: unify syncthing.nix files
-let
-  guiPort = 8384;
-in {
-  services.syncthing = {
-    enable = true;
-    systemService = true;
-    openDefaultPorts = true;
-    guiAddress = let
-      host = "0.0.0.0";
-      port = builtins.toString guiPort;
-    in "${host}:${port}";
-  };
-
-  networking.firewall.allowedTCPPorts = [guiPort];
-}