From 375758a958c4dd9f1ba99d25fc6840c52a5582a7 Mon Sep 17 00:00:00 2001
From: coolneng <akasroua@gmail.com>
Date: Sun, 26 Jan 2020 08:45:56 +0100
Subject: [PATCH] Clean up packages and refactor nginx config

---
 configuration.nix      |  3 +--
 modules/datasync.nix   |  8 +-------
 modules/devops.nix     |  8 --------
 modules/networking.nix |  5 -----
 modules/printing.nix   |  6 ------
 modules/webstack.nix   | 42 ++++++++++++++++++++++--------------------
 6 files changed, 24 insertions(+), 48 deletions(-)

diff --git a/configuration.nix b/configuration.nix
index c97a4c6..bd84cf3 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -19,7 +19,6 @@
   environment.systemPackages = with pkgs; [
     raspberrypi-tools
     git
-    tmux
     htop
     vim
   ];
@@ -43,7 +42,7 @@
   users.users.coolneng = {
     isNormalUser = true;
     home = "/home/coolneng";
-    extraGroups = [ "wheel" "lp" "scanner" ];
+    extraGroups = [ "wheel" "lp" "scanner" "docker" ];
     openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDG7JtfAqcbZV28wkNTfSWSqTOo5buH+dyT0w6SlTqq+KFh5DxREB0yGuM1UfjLpyLQ0XI7UbhCwNG28Li4yv/hwPGq63TF1kl+w4sjQKFn4bOUv1NvsfSN3oTamjfYoVsrapCiXqOvZkzEKMF47MSwOfPkqZ6ihU5V3INA0IZbl1Ri+r9MsIzvY76ZHBiF6rVqQJjdXVDbcLMViOrM56FpyK+ICo+uTkErsEbYFwevVTv9memOh778RRPesBobpZjggWOI4HXXxqk35myInYjHve9K4ox6YZMjwnwnEftONr2HyoBBcBNT+wWd1jtYxCoCWQ3vVkn4LGBDOQ3+HKb4rT3JxI66VfFyQWGJPdgJL5/ZNRlBqA7CpAtE7JaR6l7d3mCCoGW2B0atWiEXecwb8dz4CzzYm1r9Wz27L74OtPzUqcV7mQjCVDcnRsY/MtfhzyWzhB3tujVqnRtF3VrFSrm0YXS1ZWG4dltX1cfgud8s8XwwBKcFw5NdCrVxq3nRMNlGcSqbXC+RnrkK/i6ciAriZdXgFrmnBl+6qEmqIO15u2IPvDhnQs18DzRkHnPQegphhHhHix5aaqNbLfSRZNCTQaqE774X+0kuU/RWylI4muIyf4k9x+et4txeU2OC6l0W0LMpbsELzXIRr/ZBFrGHbE7/KLi8HNiAJ0KmAQ== coolneng@monolith" ];
     shell = "/run/current-system/sw/bin/fish";
   };
diff --git a/modules/datasync.nix b/modules/datasync.nix
index 18d3023..5c26121 100644
--- a/modules/datasync.nix
+++ b/modules/datasync.nix
@@ -1,13 +1,7 @@
 # Syncthing and Radicale configuration
 { config, pkgs, lib, ... }:
 {
-
-  environment.systemPackages = with pkgs; [
-    syncthing
-    radicale
-  ];
-
-  # Enable syncthing
+  # Enable Syncthing
   services.syncthing = {
     enable = true;
     openDefaultPorts = true;
diff --git a/modules/devops.nix b/modules/devops.nix
index 8a18228..7f97c55 100644
--- a/modules/devops.nix
+++ b/modules/devops.nix
@@ -1,10 +1,6 @@
 # Software development configuration
 { config, pkgs, lib, ... }:
 {
-  environment.systemPackages = with pkgs; [
-    gitea
-  ];
-
   # Gitea setup with daily backup
   services.gitea = {
     enable = true;
@@ -20,8 +16,4 @@
     dump.enable = true;
     appName = "Gitea";
   };
-
-  # Restart nginx after startup
-  systemd.services.nginx.after = [ "gitea.service" ];
-
 }
diff --git a/modules/networking.nix b/modules/networking.nix
index d114dcb..af2a213 100644
--- a/modules/networking.nix
+++ b/modules/networking.nix
@@ -4,11 +4,6 @@
 
   in
 {
-
-  environment.systemPackages = with pkgs; [
-    ddclient
-  ];
-
   # Dynamic DNS configuration
   services.ddclient = {
     enable = true;
diff --git a/modules/printing.nix b/modules/printing.nix
index a85d082..b61b6e5 100644
--- a/modules/printing.nix
+++ b/modules/printing.nix
@@ -1,12 +1,6 @@
 # CUPS and SANE configuration
 { config, pkgs, lib, ... }:
 {
-
-  environment.systemPackages = with pkgs; [
-    cups
-    sane-backends
-  ];
-
   # Enable CUPS with Zeroconf
   services.printing = {
     enable = true;
diff --git a/modules/webstack.nix b/modules/webstack.nix
index fa7a3bd..dcd79d4 100644
--- a/modules/webstack.nix
+++ b/modules/webstack.nix
@@ -3,10 +3,8 @@
 {
 
   environment.systemPackages = with pkgs; [
-    nginx
     postgresql_11
     libressl
-    miniflux
   ];
 
   services.nginx = {
@@ -52,24 +50,26 @@
         forceSSL = true;
         sslCertificate = "/var/lib/acme/coolneng.duckdns.org/fullchain.pem";
         sslCertificateKey = "/var/lib/acme/coolneng.duckdns.org/key.pem";
-        locations."/radicale/" = {
-          proxyPass = "http://localhost:5232/";
-          extraConfig = ''
-            proxy_set_header     X-Script-Name /radicale;
-            proxy_pass_header Authorization;
-          '';
-        };
-        locations."/syncthing/" = {
-          proxyPass = "http://localhost:8384/";
-        };
-        locations."/gitea/" = {
-          proxyPass = "http://localhost:3000/";
-        };
-        locations."/miniflux/" = {
-          proxyPass = "http://localhost:8080/miniflux/";
-        };
-        locations."/wallabag/" = {
-          proxyPass = "http://localhost:8081/";
+        locations = {
+          "/radicale/" = {
+            proxyPass = "http://localhost:5232/";
+            extraConfig = ''
+              proxy_set_header     X-Script-Name /radicale;
+              proxy_pass_header Authorization;
+            '';
+          };
+          "/syncthing/" = {
+            proxyPass = "http://localhost:8384/";
+          };
+          "/gitea/" = {
+            proxyPass = "http://localhost:3000/";
+          };
+          "/miniflux/" = {
+            proxyPass = "http://localhost:8080/miniflux/";
+          };
+          "/wallabag/" = {
+            proxyPass = "http://localhost:8081/";
+          };
         };
       };
     };
@@ -133,4 +133,6 @@
     };
   };
 
+  # Restart nginx after
+  systemd.services.nginx.after = [ "gitea.service" "syncthing.service" "miniflux.service" ];
 }