21 changed files with 3 additions and 231 deletions
--- a/home/default.nix
+++ b/home/default.nix
@ -1,4 +1,4 @@
-{ config, profile-path, ... }:
+{ config, profile-path, pkgs, ... }:
 let
  user = config.profile.user;
  stateVersion = config.profile.system.stateVersion;
@ -10,7 +10,6 @@ in
    ./programs
    ./modules
    ./games
    ./environments
    ./direnv.nix
    ./config/ideavim
@ -44,10 +43,5 @@ in
        path = "${config.home.homeDirectory}/.ssh/id_ed25519";
        mode = "0400";
      };
      "netrc" = {
        sopsFile = ../secrets/netrc.yaml;
        path = "${config.home.homeDirectory}/.netrc";
        mode = "0400";
      };
    };
 }
--- a/home/environments/default.nix
+++ b/home/environments/default.nix
@ -1,6 +0,0 @@
 { ... }:
 {
  imports = [
    ./protobuf.nix
  ];
 }
--- a/home/environments/protobuf.nix
+++ b/home/environments/protobuf.nix
@ -1,17 +0,0 @@
 { config, lib, pkgs, ... }:
 let
  cfg = config.profile.home.environments.protobuf;
  inherit (lib) mkIf;
 in
 {
  config = mkIf cfg.enable {
    home.packages = with pkgs; [
      buf
      buf-language-server
      protoc-gen-go
      protoc-gen-go-grpc
      protoc-gen-js
      protoc-gen-connect-go
    ];
  };
 }
--- a/home/programs/default.nix
+++ b/home/programs/default.nix
@ -7,7 +7,6 @@
    ./dbeaver.nix
    ./discord.nix
    ./easyeffects.nix
    ./elisa.nix
    ./foot.nix
    ./git.nix
    ./github.nix
--- a/home/programs/elisa.nix
+++ b/home/programs/elisa.nix
@ -1,12 +0,0 @@
 { pkgs, config, lib, ... }:
 let
  cfg = config.profile.home.programs.elisa;
  inherit (lib) mkIf;
 in
 {
  config = mkIf cfg.enable {
    home.packages = with pkgs; [
      kdePackages.elisa
    ];
  };
 }
--- a/options/default.nix
+++ b/options/default.nix
@ -7,7 +7,6 @@
    ./podman.nix
    ./services.nix
    ./games.nix
    ./environments.nix
  ];
  options.profile = {
--- a/options/environments.nix
+++ b/options/environments.nix
@ -1,11 +0,0 @@
 { lib, ... }:
 let
  inherit (lib) mkEnableOption;
 in
 {
  options.profile = {
    home.environments = {
      protobuf.enable = mkEnableOption "protobuf environments";
    };
  };
 }
--- a/options/podman.nix
+++ b/options/podman.nix
@ -16,7 +16,6 @@ in
    minecraft.enable = mkEnableOption "minecraft server podman";
    memos.enable = mkEnableOption "memos podman";
    morphos.enable = mkEnableOption "morphos podman";
    soulseek.enable = mkEnableOption "soulseek podman";
    servarr = {
      enable = mkEnableOption "servarr group";
--- a/options/programs.nix
+++ b/options/programs.nix
@ -110,7 +110,6 @@
      foot.enable = lib.mkEnableOption "foot";
      bruno.enable = lib.mkEnableOption "bruno";
      zoom.enable = lib.mkEnableOption "zoom";
      elisa.enable = lib.mkEnableOption "elisa";
    };
    programs = {
--- a/options/services.nix
+++ b/options/services.nix
@ -21,6 +21,5 @@ in
    rust-motd.enable = mkEnableOption "rust-motd";
    wireguard.enable = mkEnableOption "wireguard";
    photoprism.enable = mkEnableOption "photoprism";
    navidrome.enable = mkEnableOption "navidrome";
  };
 }
--- a/profiles/castle.nix
+++ b/profiles/castle.nix
@ -82,7 +82,6 @@ in
      zathura.enable = true;
      bruno.enable = true;
      zoom.enable = true;
      elisa.enable = true;
    };
    programs.easyeffects.enable = true;
    programs.wezterm.enable = true;
--- a/profiles/fort.nix
+++ b/profiles/fort.nix
@ -74,11 +74,6 @@
      foot.enable = true;
      zellij.enable = false;
      bruno.enable = true;
      elisa.enable = true;
    };
    home.environments = {
      protobuf.enable = true;
    };
    games.minecraft.enable = true;
--- a/profiles/homeserver.nix
+++ b/profiles/homeserver.nix
@ -40,7 +40,6 @@
      minecraft.enable = true;
      memos.enable = true;
      morphos.enable = true;
      soulseek.enable = true;
    };
    docker = {
@ -60,7 +59,7 @@
      forgejo.enable = true;
      kavita.enable = true;
      samba.enable = true;
-      nextcloud.enable = false;
+      nextcloud.enable = true;
      syncthing.enable = true;
      openvpn.enable = false;
      stubby.enable = true;
@ -68,7 +67,6 @@
      rust-motd.enable = true;
      wireguard.enable = true;
      photoprism.enable = true;
      navidrome.enable = true;
    };
  };
 }
--- a/secrets/netrc.yaml
+++ b/secrets/netrc.yaml
@ -1,21 +0,0 @@
 netrc: ENC[AES256_GCM,data:aTCNh1OJVqIf8PrHxjR2wgejZmap43aHRCAQVmlW2voEIBbTe5UWTyT/HaEd5YUW/F3fe1bTlBExhKNKJSFAmq9cDNYb7QTrCSBOWMccfryozY7THLVrOMK9A5weI8RwNJDTYhkShsuYhGVl2Q==,iv:c3kA0peOyim68oKbEluX99FnLDBIzc9unV2SgbJj234=,tag:w7vaspE2ndSO0HAQMmQoUg==,type:str]
 sops:
    kms: []
    gcp_kms: []
    azure_kv: []
    hc_vault: []
    age:
        - recipient: age1kruum2varzua7w5n6n52vhwyek2arc685rhcwt0u7k2jf5mecsjslkl9ll
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrZExlc3VwOE1xYjl6YzlU
            K2ZUTEV3UHA3UDNSdDFvRUg4SXc1YXVnQm1FCkNRcnBMQlFvRHNIQzBXemQ0YURi
            ZTlPc3lqMlVKOXlkMnBUNTdJQ1VqUDAKLS0tIEVPS01vTWljQWpiZldFc3g0YmYv
            dDE2NU5oZFZnQXV6NEZKU3dZcXBuQm8KzmHuRnb82JdMXsVBBKVof1h56fDlDxPV
            vRzS1RZ6KkYFjmCDwK6TJhqJGijTFBKpXGzOcB/wvD6Dg6jK0ZR1PQ==
            -----END AGE ENCRYPTED FILE-----
    lastmodified: "2024-08-22T03:40:38Z"
    mac: ENC[AES256_GCM,data:558OTZqpP/YT7IRNEgHS44Nzsi1yL+dP7ekk8BYkzLLOnZd4OOwX+nppnLy6/jwOOsz/FTS/kjhKwmEnivUUt29jjCOs40A3X4ifSLFYVjLaqR0QEy+Gj4rtZM+b1w2s6gtIVek8Euy5BddU2KYrd8hhEnsEsMxGwXw6vZCmDt0=,iv:YgiUPUr7HVkfn0YPqxgVaGbRXg82aidzhF+zDaBSNmc=,tag:6S7nPeGPiCb6Hw+sS1CmCw==,type:str]
    pgp: []
    unencrypted_suffix: _unencrypted
    version: 3.8.1
--- a/secrets/soulseek.yaml
+++ b/secrets/soulseek.yaml
@ -1,22 +0,0 @@
 soulseek:
    env: ENC[AES256_GCM,data:r9AABW2U8Zr4fnYwF66SkJts/ljRyLsqpXQZWMQdtRpe6bkSY+s7hwXYVexjp1UVruLcAu+x7A==,iv:rngXQd3Xn/8nl5fE33BDQl++EGdHMMJPvg9KQfDA/II=,tag:r5WvaCGpo6pq8SgYEwv3UA==,type:str]
 sops:
    kms: []
    gcp_kms: []
    azure_kv: []
    hc_vault: []
    age:
        - recipient: age1kruum2varzua7w5n6n52vhwyek2arc685rhcwt0u7k2jf5mecsjslkl9ll
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRZWNVU2szamhkZFlBcjF1
            UDZxZHJqZjRETCs1YlpHUTFtUmFWWGErbENJClNJNWxkVVc1YXBxdVRXVCt2SGRy
            SVdRY2lYOW9Ob1d6ZUkrYWJ2Yno4WlkKLS0tIFBMT3FGdVhWRDVaTnNYTlpuZ2x1
            M3NzdHlsL2hENll3QnVBaXBiN2JPRzgKytdiV9iYS69v1+ub790lu4sPaMe4Auac
            dnYZHUyMBFqvHjdQH+y4wYZ+k/O6vLwWJE0uR7ErhShrpLQmYVwdAw==
            -----END AGE ENCRYPTED FILE-----
    lastmodified: "2024-08-20T12:21:42Z"
    mac: ENC[AES256_GCM,data:n4zNdElxX38hgAUpVNpbfSlyFedriNoB1jXB8whrXVVu/X7Y5GX2Jg1sxNjLGrY/UXHen2sc7v25iz+2eM/IGXZhKn9ZOfuLUedRyR4wJP48h1RsPt9a20Mo6dTsUKHnyHBbbGA2iLlmt815yUtEwQPbj28SMGh1Ir6ppxNrLvI=,iv:3lC6pSyB1K7gN8yHhfaLL8JEa9pwTSKqMKgTlxDK9XU=,tag:fALAy3QdW0iTIu+vv4T5qw==,type:str]
    pgp: []
    unencrypted_suffix: _unencrypted
    version: 3.8.1
--- a/system/podman/default.nix
+++ b/system/podman/default.nix
@ -50,7 +50,6 @@ in
    ./redmage-demo.nix
    ./redmage.nix
    ./servarr
    ./soulseek.nix
    ./suwayomi.nix
    ./ytptube.nix
  ];
--- a/system/podman/minecraft.nix
+++ b/system/podman/minecraft.nix
@ -46,9 +46,6 @@ in
          EOF 200 
    '';
    # Minecraft only autoupdates at startup
    #
    # To keep up with the update, restart the server at 4am everyday.
    systemd =
      let serviceName = "podman-${name}"; in
      {
@ -62,7 +59,7 @@ in
          description = "Podman container ${name} autorestart";
          serviceConfig = {
            Type = "oneshot";
-            ExecStart = "${pkgs.podman}/bin/podman restart ${name}";
+            ExecStart = "${pkgs.podman}/bin/podman restart podman-${name}";
          };
        };
--- a/system/podman/soulseek.nix
+++ b/system/podman/soulseek.nix
@ -1,81 +0,0 @@
 { config, lib, pkgs, ... }:
 let
  name = "soulseek";
  podman = config.profile.podman;
  inherit (lib) mkIf;
  ip = "10.88.60.80";
  image = "ghcr.io/fletchto99/nicotine-plus-docker:latest";
  rootVolume = "/nas/podman/soulseek";
  rootVolumeMusic = "/nas/Syncthing/Sync/Music";
  domain = "${name}.tigor.web.id";
  user = config.profile.user;
  uid = toString user.uid;
  gid = toString user.gid;
 in
 {
  config = mkIf (podman.enable && podman.${name}.enable) {
    services.caddy.virtualHosts.${domain}.extraConfig = ''
      reverse_proxy ${ip}:6080
    '';
    system.activationScripts."podman-${name}" = ''
      mkdir -p ${rootVolume}/{config,downloads,incomplete}
      chown ${uid}:${gid} ${rootVolume} ${rootVolume}/{config,downloads,incomplete}
    '';
    # Soulseek only autoscans on startup
    #
    # Once a day at 4am, restart the container to trigger a rescan
    systemd =
      let
        serviceName = "podman-${name}-autorestart";
      in
      {
        services.${serviceName} = {
          description = "Podman container ${name} autorestart";
          serviceConfig = {
            Type = "oneshot";
            ExecStart = "${pkgs.podman}/bin/podman restart ${name}";
          };
        };
        timers.${serviceName} = {
          description = "Podman container ${name} autorestart";
          timerConfig = {
            OnCalendar = "*-*-* 04:00:00";
          };
          wantedBy = [ "timers.target" ];
        };
      };
    virtualisation.oci-containers.containers.${name} = {
      inherit image;
      hostname = name;
      autoStart = true;
      environment = {
        TZ = "Asia/Jakarta";
        PUID = uid;
        PGID = gid;
      };
      volumes = [
        "${rootVolume}/config:/config"
        "${rootVolume}/incomplete:/data/incomplete_downloads"
        "${rootVolumeMusic}:/data/shared"
      ];
      ports = [
        "2234-2239:2234-2239"
      ];
      extraOptions = [
        "--network=podman"
        "--ip=${ip}"
        "--security-opt=seccomp=unconfined"
        "--device=/dev/dri:/dev/dri"
      ];
      labels = {
        "io.containers.autoupdate" = "registry";
      };
    };
  };
 }
--- a/system/services/default.nix
+++ b/system/services/default.nix
@ -6,7 +6,6 @@
    ./forgejo.nix
    ./jellyfin.nix
    ./kavita.nix
    ./navidrome.nix
    ./nextcloud.nix
    ./openvpn.nix
    ./rust-motd.nix
--- a/system/services/navidrome.nix
+++ b/system/services/navidrome.nix
@ -1,24 +0,0 @@
 { config, lib, ... }:
 let
  cfg = config.profile.services.navidrome;
  user = config.profile.user;
  inherit (lib) mkIf;
 in
 {
  config = mkIf cfg.enable {
    services.caddy.virtualHosts."navidrome.tigor.web.id".extraConfig = ''
      reverse_proxy 0.0.0.0:${toString config.services.navidrome.settings.Port}
    '';
    users.groups.navidrome.members = [ user.name ];
    users.groups.${user.name}.members = [ "navidrome" ];
    services.navidrome = {
      enable = true;
      settings = {
        Address = "0.0.0.0";
        MusicFolder = "/nas/Syncthing/Sync/Music";
      };
    };
  };
 }
--- a/system/services/syncthing.nix
+++ b/system/services/syncthing.nix
@ -133,16 +133,6 @@ in
              "windows"
            ];
          };
          "/nas/Syncthing/Sync/Music" = {
            label = "Music";
            id = "Music";
            devices = [
              "s20fe"
              "work-laptop"
              "windows"
              "living-room-system"
            ];
          };
        };
        devices = {
          s20fe = {