diff --git a/hosts/tsuki/services/grafana/default.nix b/hosts/tsuki/services/grafana/default.nix index e8e29f5..e30b39f 100644 --- a/hosts/tsuki/services/grafana/default.nix +++ b/hosts/tsuki/services/grafana/default.nix @@ -1,4 +1,4 @@ -{ pkgs, config, lib, secrets, ... }: +{ pkgs, config, lib, ... }: { imports = [ ./prometheus.nix diff --git a/hosts/tsuki/services/grafana/prometheus.nix b/hosts/tsuki/services/grafana/prometheus.nix index f3e07b6..69494d6 100644 --- a/hosts/tsuki/services/grafana/prometheus.nix +++ b/hosts/tsuki/services/grafana/prometheus.nix @@ -1,4 +1,4 @@ -{ secrets, ... }: { +{ ... }: { # TODO: Autogenerate port infrastructure imports = [ @@ -17,6 +17,6 @@ services.prometheus = { enable = true; - port = secrets.ports.prometheus; + port = 7001; }; } diff --git a/hosts/tsuki/services/headscale.nix b/hosts/tsuki/services/headscale.nix index 7b99587..a5db47e 100644 --- a/hosts/tsuki/services/headscale.nix +++ b/hosts/tsuki/services/headscale.nix @@ -1,4 +1,4 @@ -{ pkgs, secrets, config, ... }: +{ config, pkgs, ... }: { sops.secrets."headscale/oauth2_secret" = rec { restartUnits = [ "headscale.service" ]; @@ -17,7 +17,7 @@ # TODO: make PR # dataDir = "${config.machineVars.dataDrives.default}/var/headscale"; - port = secrets.ports.headscale; + port = 39304; settings = { server_url = "https://vpn.nani.wtf"; diff --git a/hosts/tsuki/services/matrix/bridges/matrix-appservice-irc.nix b/hosts/tsuki/services/matrix/bridges/matrix-appservice-irc.nix index 96276b7..9f9f8fe 100644 --- a/hosts/tsuki/services/matrix/bridges/matrix-appservice-irc.nix +++ b/hosts/tsuki/services/matrix/bridges/matrix-appservice-irc.nix @@ -1,4 +1,4 @@ -{ config, secrets, ... }: let +{ config, ... }: let cfg = config.services.matrix-appservice-irc; in { services.matrix-appservice-irc = { @@ -14,7 +14,7 @@ in { database = { engine = "postgres"; - connectionString = "postgres://matrix-appservice-irc:@localhost:${toString secrets.ports.postgres}/matrix-appservice-irc?sslmode=disable"; + connectionString = "postgres://matrix-appservice-irc:@localhost:${toString config.services.postgresql.port}/matrix-appservice-irc?sslmode=disable"; }; ircService.servers."irc.lainchan.org" = { diff --git a/hosts/tsuki/services/matrix/bridges/mx-puppet-discord.nix b/hosts/tsuki/services/matrix/bridges/mx-puppet-discord.nix index d4a840d..88944a7 100644 --- a/hosts/tsuki/services/matrix/bridges/mx-puppet-discord.nix +++ b/hosts/tsuki/services/matrix/bridges/mx-puppet-discord.nix @@ -1,4 +1,4 @@ -{ secrets, ... }: +{ config, ... }: { services.mx-puppet-discord = { enable = false; @@ -15,11 +15,11 @@ # TODO: connect via localhost homeserverUrl = "https://matrix.nani.wtf"; - port = secrets.ports.matrix.mx-puppet-discord; + port = 8434; enableGroupSync = true; }; - database.connString = "postgres://mx-puppet-discord:@localhost:${toString secrets.ports.postgres}/mx-puppet-discord?sslmode=disable"; + database.connString = "postgres://mx-puppet-discord:@localhost:${toString config.services.postgresql.port}/mx-puppet-discord?sslmode=disable"; namePatterns = { room = ":name"; diff --git a/hosts/tsuki/services/matrix/postgres.nix b/hosts/tsuki/services/matrix/postgres.nix index 446004a..e3d1152 100644 --- a/hosts/tsuki/services/matrix/postgres.nix +++ b/hosts/tsuki/services/matrix/postgres.nix @@ -1,4 +1,4 @@ -{ lib, config, secrets, ... }: +{ lib, config, ... }: { services.postgresql = let o = lib.optional; diff --git a/hosts/tsuki/services/osuchan.nix b/hosts/tsuki/services/osuchan.nix index 3c4759b..c7e45ed 100644 --- a/hosts/tsuki/services/osuchan.nix +++ b/hosts/tsuki/services/osuchan.nix @@ -2,9 +2,8 @@ { services.osuchan = { enable = true; - port = secrets.ports.osuchan; + port = 9283; secretFile = "${config.machineVars.dataDrives.default}/keys/osuchan/envfile"; - }; systemd.services.osuchan.after = [ diff --git a/hosts/tsuki/services/plex.nix b/hosts/tsuki/services/plex.nix index 78c9fe7..f21c80e 100644 --- a/hosts/tsuki/services/plex.nix +++ b/hosts/tsuki/services/plex.nix @@ -1,4 +1,4 @@ -{ config, secrets, ... }: let +{ config, ... }: let cfg = config.services.plex; in { services.plex = { @@ -29,6 +29,4 @@ in { # RestrictAddressFamilies = [ "AF_UNIX AF_INET AF_INET6" ]; SystemCallArchitectures = "native"; }; - - # networking.firewall.allowedTCPPorts = [ secrets.ports.plex ]; } diff --git a/hosts/tsuki/services/postgres.nix b/hosts/tsuki/services/postgres.nix index aa20b29..198fa45 100644 --- a/hosts/tsuki/services/postgres.nix +++ b/hosts/tsuki/services/postgres.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, secrets, ... }: let +{ config, pkgs, lib, ... }: let cfg = config.services.postgresql; in { services.postgresql = { @@ -10,7 +10,6 @@ in { host all all 127.0.0.1/32 trust host all all ::1/128 trust ''; - port = secrets.ports.postgres; dataDir = "${config.machineVars.dataDrives.drives.postgres}/${config.services.postgresql.package.psqlSchema}"; settings = { max_connections = 150; diff --git a/hosts/tsuki/services/taskserver.nix b/hosts/tsuki/services/taskserver.nix index 16e304a..f353625 100644 --- a/hosts/tsuki/services/taskserver.nix +++ b/hosts/tsuki/services/taskserver.nix @@ -1,4 +1,4 @@ -{ pkgs, config, secrets, ... }: +{ pkgs, config, ... }: { security.acme.certs."tasks.nani.wtf" = { group = config.services.taskserver.group; @@ -11,7 +11,7 @@ services.taskserver = { enable = true; fqdn = "todo.nani.wtf"; - listenPort = secrets.ports.taskserver; + listenPort = 19233; dataDir = "${config.machineVars.dataDrives.default}/var/taskserver"; organisations.h7x4 = {