diff --git a/README.md b/README.md index 23a4966..f8c7ecf 100644 --- a/README.md +++ b/README.md @@ -53,6 +53,7 @@ nix multi user, multi system, configuration with `sops` secret management, `home ## Tech Debt - [ ] monitor configuration in `~/.config/monitors.xml` should be sym linked to `/run/gdm/.config/monitors.xml` (https://www.reddit.com/r/NixOS/comments/u09cz9/home_manager_create_my_own_symlinks_automatically/) - [ ] migrate away from flakes and move to npins +- [ ] rework the reverse_proxy.nix file so that it is a normally named service. Then also change it so that we can hook into it with both a base domain and a subdomain to make migrating to vpn accessible services easier ## Broken things - [ ] figure out steam vr things? @@ -72,13 +73,12 @@ nix multi user, multi system, configuration with `sops` secret management, `home - [ ] offline access for nfs mounts (overlay with rsync might be a good option here? https://www.spinics.net/lists/linux-unionfs/msg07105.html note about nfs4 and overlay fs) - [ ] figure out why syncthing and jellyfins permissions don't propagate downwards - [ ] make radarr, sonarr, and bazarr accessible over vpn -- [ ] move searx, home-assistant, actual, vikunja, jellyfin, paperless, and immich to only be accessible via vpn +- [ ] move searx, home-assistant, actual, jellyfin, paperless, and immich to only be accessible via vpn ## Services - [ ] vikunja service for project management - [ ] Create Tor guard/relay server - [ ] mastodon instance -- [ ] screeps server ## DevOps - [ ] wake on LAN for updates diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index ae897ce..91a8c2c 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -310,7 +310,7 @@ forgejo = { enable = true; - reverseProxy.domain = "git.jan-leila.com"; + domain = "git.jan-leila.com"; }; searx = { diff --git a/modules/nixos-modules/server/actual/impermanence.nix b/modules/nixos-modules/server/actual/impermanence.nix index 5a2bb6c..5eee95a 100644 --- a/modules/nixos-modules/server/actual/impermanence.nix +++ b/modules/nixos-modules/server/actual/impermanence.nix @@ -6,14 +6,7 @@ const = import ./const.nix; dataDirectory = const.dataDirectory; in { - options.services.actual = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.actual.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.actual.impermanence.enable { + config = lib.mkIf (config.services.actual.enable && config.host.impermanence.enable) { assertions = [ { assertion = config.services.actual.settings.ACTUAL_DATA_DIR == dataDirectory; diff --git a/modules/nixos-modules/server/actual/proxy.nix b/modules/nixos-modules/server/actual/proxy.nix index 9d37574..bf1711a 100644 --- a/modules/nixos-modules/server/actual/proxy.nix +++ b/modules/nixos-modules/server/actual/proxy.nix @@ -14,13 +14,9 @@ description = "extra domains that should be configured for actual"; default = []; }; - reverseProxy.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.actual.enable && config.services.reverseProxy.enable; - }; }; - config = lib.mkIf config.services.actual.reverseProxy.enable { + config = lib.mkIf (config.services.actual.enable && config.services.reverseProxy.enable) { services.reverseProxy.services.actual = { target = "http://localhost:${toString config.services.actual.settings.port}"; domain = config.services.actual.domain; diff --git a/modules/nixos-modules/server/bazarr/impermanence.nix b/modules/nixos-modules/server/bazarr/impermanence.nix index 70a45d1..22fb0e6 100644 --- a/modules/nixos-modules/server/bazarr/impermanence.nix +++ b/modules/nixos-modules/server/bazarr/impermanence.nix @@ -5,14 +5,7 @@ }: let bazarr_data_directory = "/var/lib/bazarr"; in { - options.services.bazarr = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.bazarr.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.bazarr.impermanence.enable { + config = lib.mkIf (config.services.bazarr.enable && config.host.impermanence.enable) { assertions = [ { assertion = config.services.bazarr.dataDir == bazarr_data_directory; diff --git a/modules/nixos-modules/server/crab-hole/impermanence.nix b/modules/nixos-modules/server/crab-hole/impermanence.nix index 51efc0c..8e1182c 100644 --- a/modules/nixos-modules/server/crab-hole/impermanence.nix +++ b/modules/nixos-modules/server/crab-hole/impermanence.nix @@ -5,14 +5,7 @@ }: let workingDirectory = "/var/lib/private/crab-hole"; in { - options.services.crab-hole = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.crab-hole.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.crab-hole.impermanence.enable { + config = lib.mkIf (config.services.crab-hole.enable && config.host.impermanence.enable) { assertions = [ { assertion = diff --git a/modules/nixos-modules/server/fail2ban/impermanence.nix b/modules/nixos-modules/server/fail2ban/impermanence.nix index 6e214b3..5bc4673 100644 --- a/modules/nixos-modules/server/fail2ban/impermanence.nix +++ b/modules/nixos-modules/server/fail2ban/impermanence.nix @@ -6,14 +6,7 @@ dataFolder = "/var/lib/fail2ban"; dataFile = "fail2ban.sqlite3"; in { - options.services.fail2ban = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.fail2ban.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.fail2ban.impermanence.enable { + config = lib.mkIf (config.services.fail2ban.enable && config.host.impermanence.enable) { assertions = [ { assertion = config.services.fail2ban.daemonSettings.Definition.dbfile == "${dataFolder}/${dataFile}"; diff --git a/modules/nixos-modules/server/flaresolverr/impermanence.nix b/modules/nixos-modules/server/flaresolverr/impermanence.nix index 4544e75..b568a56 100644 --- a/modules/nixos-modules/server/flaresolverr/impermanence.nix +++ b/modules/nixos-modules/server/flaresolverr/impermanence.nix @@ -3,14 +3,7 @@ config, ... }: { - options.services.flaresolverr = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.flaresolverr.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.flaresolverr.impermanence.enable { + config = lib.mkIf (config.services.flaresolverr.enable && config.host.impermanence.enable) { # FlareSolverr typically doesn't need persistent storage as it's a proxy service # but we'll add basic structure in case it's needed for logs or configuration environment.persistence."/persist/system/root" = { diff --git a/modules/nixos-modules/server/forgejo/fail2ban.nix b/modules/nixos-modules/server/forgejo/fail2ban.nix index dfe221a..213c804 100644 --- a/modules/nixos-modules/server/forgejo/fail2ban.nix +++ b/modules/nixos-modules/server/forgejo/fail2ban.nix @@ -4,16 +4,7 @@ pkgs, ... }: { - options.services.forgejo = { - fail2ban = { - enable = lib.mkOption { - type = lib.types.bool; - default = config.services.forgejo.enable && config.services.fail2ban.enable; - }; - }; - }; - - config = lib.mkIf config.services.forgejo.fail2ban.enable { + config = lib.mkIf (config.services.forgejo.enable && config.services.fail2ban.enable) { environment.etc = { "fail2ban/filter.d/forgejo.local".text = lib.mkIf config.services.forgejo.enable ( pkgs.lib.mkDefault (pkgs.lib.mkAfter '' diff --git a/modules/nixos-modules/server/forgejo/impermanence.nix b/modules/nixos-modules/server/forgejo/impermanence.nix index 6fe3de8..04f21a5 100644 --- a/modules/nixos-modules/server/forgejo/impermanence.nix +++ b/modules/nixos-modules/server/forgejo/impermanence.nix @@ -5,14 +5,7 @@ }: let stateDir = "/var/lib/forgejo"; in { - options.services.forgejo = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.forgejo.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.forgejo.impermanence.enable { + config = lib.mkIf (config.services.forgejo.enable && config.host.impermanence.enable) { assertions = [ { assertion = config.services.forgejo.stateDir == stateDir; diff --git a/modules/nixos-modules/server/forgejo/proxy.nix b/modules/nixos-modules/server/forgejo/proxy.nix index c2d3131..bde59d1 100644 --- a/modules/nixos-modules/server/forgejo/proxy.nix +++ b/modules/nixos-modules/server/forgejo/proxy.nix @@ -8,10 +8,6 @@ in { options.services.forgejo = { reverseProxy = { - enable = lib.mkOption { - type = lib.types.bool; - default = config.services.forgejo.enable && config.services.reverseProxy.enable; - }; domain = lib.mkOption { type = lib.types.str; description = "domain that forgejo will be hosted at"; @@ -25,7 +21,7 @@ in { }; }; - config = lib.mkIf config.services.forgejo.reverseProxy.enable { + config = lib.mkIf (config.services.forgejo.enable && config.services.reverseProxy.enable) { services.reverseProxy.services.forgejo = { target = "http://localhost:${toString httpPort}"; domain = config.services.forgejo.reverseProxy.domain; diff --git a/modules/nixos-modules/server/home-assistant/fail2ban.nix b/modules/nixos-modules/server/home-assistant/fail2ban.nix index 25194ef..6ac5900 100644 --- a/modules/nixos-modules/server/home-assistant/fail2ban.nix +++ b/modules/nixos-modules/server/home-assistant/fail2ban.nix @@ -3,46 +3,36 @@ pkgs, config, ... -}: { - options.services.home-assistant = { - fail2ban = { - enable = lib.mkOption { - type = lib.types.bool; - default = config.services.fail2ban.enable && config.services.home-assistant.enable; - }; - }; +}: +lib.mkIf (config.services.fail2ban.enable && config.services.home-assistant.enable) { + environment.etc = { + "fail2ban/filter.d/hass.local".text = ( + pkgs.lib.mkDefault (pkgs.lib.mkAfter '' + [INCLUDES] + before = common.conf + + [Definition] + failregex = ^%(__prefix_line)s.*Login attempt or request with invalid authentication from .*$ + + ignoreregex = + + [Init] + datepattern = ^%%Y-%%m-%%d %%H:%%M:%%S + '') + ); }; - config = lib.mkIf config.services.home-assistant.fail2ban.enable { - environment.etc = { - "fail2ban/filter.d/hass.local".text = ( - pkgs.lib.mkDefault (pkgs.lib.mkAfter '' - [INCLUDES] - before = common.conf - - [Definition] - failregex = ^%(__prefix_line)s.*Login attempt or request with invalid authentication from .*$ - - ignoreregex = - - [Init] - datepattern = ^%%Y-%%m-%%d %%H:%%M:%%S - '') - ); - }; - - services.fail2ban = { - jails = { - home-assistant-iptables.settings = { - enabled = true; - filter = "hass"; - action = ''iptables-multiport[name=HTTP, port="http,https"]''; - logpath = "${config.services.home-assistant.configDir}/*.log"; - backend = "auto"; - findtime = 600; - bantime = 600; - maxretry = 5; - }; + services.fail2ban = { + jails = { + home-assistant-iptables.settings = { + enabled = true; + filter = "hass"; + action = ''iptables-multiport[name=HTTP, port="http,https"]''; + logpath = "${config.services.home-assistant.configDir}/*.log"; + backend = "auto"; + findtime = 600; + bantime = 600; + maxretry = 5; }; }; }; diff --git a/modules/nixos-modules/server/home-assistant/proxy.nix b/modules/nixos-modules/server/home-assistant/proxy.nix index b756459..1075c59 100644 --- a/modules/nixos-modules/server/home-assistant/proxy.nix +++ b/modules/nixos-modules/server/home-assistant/proxy.nix @@ -14,15 +14,9 @@ description = "extra domains that should be configured for home-assistant"; default = []; }; - reverseProxy = { - enable = lib.mkOption { - type = lib.types.bool; - default = config.services.reverseProxy.enable && config.services.home-assistant.enable; - }; - }; }; - config = lib.mkIf config.services.home-assistant.reverseProxy.enable { + config = lib.mkIf (config.services.reverseProxy.enable && config.services.home-assistant.enable) { services.reverseProxy.services.home-assistant = { target = "http://localhost:${toString config.services.home-assistant.config.http.server_port}"; domain = config.services.home-assistant.domain; diff --git a/modules/nixos-modules/server/immich/fail2ban.nix b/modules/nixos-modules/server/immich/fail2ban.nix index 21593e7..c9ec87b 100644 --- a/modules/nixos-modules/server/immich/fail2ban.nix +++ b/modules/nixos-modules/server/immich/fail2ban.nix @@ -4,16 +4,7 @@ pkgs, ... }: { - options.services.immich = { - fail2ban = { - enable = lib.mkOption { - type = lib.types.bool; - default = config.services.fail2ban.enable && config.services.immich.enable; - }; - }; - }; - - config = lib.mkIf config.services.immich.fail2ban.enable { + config = lib.mkIf (config.services.fail2ban.enable && config.services.immich.enable) { environment.etc = { "fail2ban/filter.d/immich.local".text = pkgs.lib.mkDefault (pkgs.lib.mkAfter '' [Definition] diff --git a/modules/nixos-modules/server/immich/impermanence.nix b/modules/nixos-modules/server/immich/impermanence.nix index 56e51d0..f63d178 100644 --- a/modules/nixos-modules/server/immich/impermanence.nix +++ b/modules/nixos-modules/server/immich/impermanence.nix @@ -5,14 +5,7 @@ }: let mediaLocation = "/var/lib/immich"; in { - options.services.immich = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.immich.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.immich.impermanence.enable { + config = lib.mkIf (config.services.immich.enable && config.host.impermanence.enable) { assertions = [ { assertion = config.services.immich.mediaLocation == mediaLocation; diff --git a/modules/nixos-modules/server/immich/proxy.nix b/modules/nixos-modules/server/immich/proxy.nix index 9c8c165..a50ea1e 100644 --- a/modules/nixos-modules/server/immich/proxy.nix +++ b/modules/nixos-modules/server/immich/proxy.nix @@ -14,15 +14,9 @@ description = "extra domains that should be configured for immich"; default = []; }; - reverseProxy = { - enable = lib.mkOption { - type = lib.types.bool; - default = config.services.immich.enable && config.services.reverseProxy.enable; - }; - }; }; - config = lib.mkIf config.services.immich.reverseProxy.enable { + config = lib.mkIf (config.services.immich.enable && config.services.reverseProxy.enable) { services.reverseProxy.services.immich = { target = "http://localhost:${toString config.services.immich.port}"; domain = config.services.immich.domain; diff --git a/modules/nixos-modules/server/jackett/impermanence.nix b/modules/nixos-modules/server/jackett/impermanence.nix index 24fc5e6..5826a54 100644 --- a/modules/nixos-modules/server/jackett/impermanence.nix +++ b/modules/nixos-modules/server/jackett/impermanence.nix @@ -5,14 +5,7 @@ }: let jackett_data_directory = "/var/lib/jackett/.config/Jackett"; in { - options.services.jackett = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.jackett.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.jackett.impermanence.enable { + config = lib.mkIf (config.services.jackett.enable && config.host.impermanence.enable) { assertions = [ { assertion = config.services.jackett.dataDir == jackett_data_directory; diff --git a/modules/nixos-modules/server/jellyfin/impermanence.nix b/modules/nixos-modules/server/jellyfin/impermanence.nix index cbcb54f..e0b3b5d 100644 --- a/modules/nixos-modules/server/jellyfin/impermanence.nix +++ b/modules/nixos-modules/server/jellyfin/impermanence.nix @@ -6,14 +6,7 @@ jellyfin_data_directory = "/var/lib/jellyfin"; jellyfin_cache_directory = "/var/cache/jellyfin"; in { - options.services.jellyfin = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.jellyfin.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.jellyfin.impermanence.enable { + config = lib.mkIf (config.services.jellyfin.enable && config.host.impermanence.enable) { fileSystems."/persist/system/jellyfin".neededForBoot = true; host.storage.pool.extraDatasets = { diff --git a/modules/nixos-modules/server/jellyfin/proxy.nix b/modules/nixos-modules/server/jellyfin/proxy.nix index 35289e7..f803ecb 100644 --- a/modules/nixos-modules/server/jellyfin/proxy.nix +++ b/modules/nixos-modules/server/jellyfin/proxy.nix @@ -16,15 +16,9 @@ in { description = "extra domains that should be configured for jellyfin"; default = []; }; - reverseProxy = { - enable = lib.mkOption { - type = lib.types.bool; - default = config.services.jellyfin.enable && config.services.reverseProxy.enable; - }; - }; }; - config = lib.mkIf config.services.jellyfin.reverseProxy.enable { + config = lib.mkIf (config.services.jellyfin.enable && config.services.reverseProxy.enable) { services.reverseProxy.services.jellyfin = { target = "http://localhost:${toString jellyfinPort}"; domain = config.services.jellyfin.domain; diff --git a/modules/nixos-modules/server/lidarr/impermanence.nix b/modules/nixos-modules/server/lidarr/impermanence.nix index 5d3aa3f..689b924 100644 --- a/modules/nixos-modules/server/lidarr/impermanence.nix +++ b/modules/nixos-modules/server/lidarr/impermanence.nix @@ -5,14 +5,7 @@ }: let lidarr_data_directory = "/var/lib/lidarr/.config/Lidarr"; in { - options.services.lidarr = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.lidarr.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.lidarr.impermanence.enable { + config = lib.mkIf (config.services.lidarr.enable && config.host.impermanence.enable) { assertions = [ { assertion = config.services.lidarr.dataDir == lidarr_data_directory; diff --git a/modules/nixos-modules/server/panoramax/impermanence.nix b/modules/nixos-modules/server/panoramax/impermanence.nix index e25ef92..41b1401 100644 --- a/modules/nixos-modules/server/panoramax/impermanence.nix +++ b/modules/nixos-modules/server/panoramax/impermanence.nix @@ -3,14 +3,7 @@ config, ... }: { - options.services.panoramax = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.panoramax.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.panoramax.impermanence.enable { + config = lib.mkIf (config.services.panoramax.enable && config.host.impermanence.enable) { # TODO: configure impermanence for panoramax data # This would typically include directories like: # - /var/lib/panoramax diff --git a/modules/nixos-modules/server/panoramax/proxy.nix b/modules/nixos-modules/server/panoramax/proxy.nix index 7cd7111..35bc79b 100644 --- a/modules/nixos-modules/server/panoramax/proxy.nix +++ b/modules/nixos-modules/server/panoramax/proxy.nix @@ -14,15 +14,9 @@ description = "extra domains that should be configured for panoramax"; default = []; }; - reverseProxy = { - enable = lib.mkOption { - type = lib.types.bool; - default = config.services.panoramax.enable && config.services.reverseProxy.enable; - }; - }; }; - config = lib.mkIf config.services.panoramax.reverseProxy.enable { + config = lib.mkIf (config.services.panoramax.enable && config.services.reverseProxy.enable) { services.reverseProxy.services.panoramax = { target = "http://localhost:${toString config.services.panoramax.port}"; domain = config.services.panoramax.domain; diff --git a/modules/nixos-modules/server/paperless/impermanence.nix b/modules/nixos-modules/server/paperless/impermanence.nix index fc87ea7..d9e17bd 100644 --- a/modules/nixos-modules/server/paperless/impermanence.nix +++ b/modules/nixos-modules/server/paperless/impermanence.nix @@ -5,14 +5,7 @@ }: let dataDir = "/var/lib/paperless"; in { - options.services.paperless = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.paperless.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.paperless.impermanence.enable { + config = lib.mkIf (config.services.paperless.enable && config.host.impermanence.enable) { assertions = [ { assertion = config.services.paperless.dataDir == dataDir; diff --git a/modules/nixos-modules/server/paperless/proxy.nix b/modules/nixos-modules/server/paperless/proxy.nix index 9d152c9..04c8304 100644 --- a/modules/nixos-modules/server/paperless/proxy.nix +++ b/modules/nixos-modules/server/paperless/proxy.nix @@ -9,15 +9,9 @@ description = "extra domains that should be configured for paperless"; default = []; }; - reverseProxy = { - enable = lib.mkOption { - type = lib.types.bool; - default = config.services.paperless.enable && config.services.reverseProxy.enable; - }; - }; }; - config = lib.mkIf config.services.paperless.reverseProxy.enable { + config = lib.mkIf (config.services.paperless.enable && config.services.reverseProxy.enable) { services.reverseProxy.services.paperless = { target = "http://${config.services.paperless.address}:${toString config.services.paperless.port}"; domain = config.services.paperless.domain; diff --git a/modules/nixos-modules/server/qbittorent/impermanence.nix b/modules/nixos-modules/server/qbittorent/impermanence.nix index 1489e7d..da47d1a 100644 --- a/modules/nixos-modules/server/qbittorent/impermanence.nix +++ b/modules/nixos-modules/server/qbittorent/impermanence.nix @@ -5,14 +5,7 @@ }: let qbittorent_profile_directory = "/var/lib/qBittorrent/"; in { - options.services.qbittorrent = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.qbittorrent.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.qbittorrent.impermanence.enable { + config = lib.mkIf (config.services.qbittorrent.enable && config.host.impermanence.enable) { fileSystems."/persist/system/qbittorrent".neededForBoot = true; host.storage.pool.extraDatasets = { diff --git a/modules/nixos-modules/server/radarr/impermanence.nix b/modules/nixos-modules/server/radarr/impermanence.nix index c948e3a..4a3242c 100644 --- a/modules/nixos-modules/server/radarr/impermanence.nix +++ b/modules/nixos-modules/server/radarr/impermanence.nix @@ -5,14 +5,7 @@ }: let radarr_data_directory = "/var/lib/radarr/.config/Radarr"; in { - options.services.radarr = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.radarr.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.radarr.impermanence.enable { + config = lib.mkIf (config.services.radarr.enable && config.host.impermanence.enable) { assertions = [ { assertion = config.services.radarr.dataDir == radarr_data_directory; diff --git a/modules/nixos-modules/server/searx/proxy.nix b/modules/nixos-modules/server/searx/proxy.nix index e994e4a..fbc80e0 100644 --- a/modules/nixos-modules/server/searx/proxy.nix +++ b/modules/nixos-modules/server/searx/proxy.nix @@ -9,15 +9,9 @@ description = "extra domains that should be configured for searx"; default = []; }; - reverseProxy = { - enable = lib.mkOption { - type = lib.types.bool; - default = config.services.searx.enable && config.services.reverseProxy.enable; - }; - }; }; - config = lib.mkIf config.services.searx.reverseProxy.enable { + config = lib.mkIf (config.services.searx.enable && config.services.reverseProxy.enable) { services.reverseProxy.services.searx = { target = "http://localhost:${toString config.services.searx.settings.server.port}"; domain = config.services.searx.domain; diff --git a/modules/nixos-modules/server/sonarr/impermanence.nix b/modules/nixos-modules/server/sonarr/impermanence.nix index 5b90ee9..abc843c 100644 --- a/modules/nixos-modules/server/sonarr/impermanence.nix +++ b/modules/nixos-modules/server/sonarr/impermanence.nix @@ -5,14 +5,7 @@ }: let sonarr_data_directory = "/var/lib/sonarr/.config/NzbDrone"; in { - options.services.sonarr = { - impermanence.enable = lib.mkOption { - type = lib.types.bool; - default = config.services.sonarr.enable && config.host.impermanence.enable; - }; - }; - - config = lib.mkIf config.services.sonarr.impermanence.enable { + config = lib.mkIf (config.services.sonarr.enable && config.host.impermanence.enable) { assertions = [ { assertion = config.services.sonarr.dataDir == sonarr_data_directory;