fixed roles
This commit is contained in:
@@ -1,5 +1,8 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
exposeBtcpay = config.sovran_systemsOS.web.btcpayserver;
|
||||
in
|
||||
{
|
||||
services.caddy = {
|
||||
enable = true;
|
||||
@@ -95,7 +98,8 @@ $NEXTCLOUD {
|
||||
EOF
|
||||
fi
|
||||
|
||||
# ── BTCPay ──────────────────────────────────────
|
||||
# ── BTCPay (only if web exposure is enabled) ────
|
||||
${if exposeBtcpay then ''
|
||||
if [ -n "$BTCPAY" ]; then
|
||||
cat >> /run/caddy/Caddyfile <<EOF
|
||||
|
||||
@@ -105,6 +109,9 @@ $BTCPAY {
|
||||
}
|
||||
EOF
|
||||
fi
|
||||
'' else ''
|
||||
# BTCPay web exposure disabled by sovran_systemsOS.web.btcpayserver = false
|
||||
''}
|
||||
|
||||
# ── Vaultwarden ─────────────────────────────────
|
||||
if [ -n "$VAULTWARDEN" ]; then
|
||||
|
||||
@@ -3,28 +3,40 @@
|
||||
{
|
||||
config = lib.mkMerge [
|
||||
|
||||
# Server-Desktop Role — services already default to on,
|
||||
# so we only need to set features here
|
||||
# ── Server-Desktop Role (default) ─────────────────────────
|
||||
(lib.mkIf config.sovran_systemsOS.roles.server-desktop {
|
||||
# All services are default=true, nothing to set
|
||||
# All features are default=false, nothing to set
|
||||
})
|
||||
|
||||
# Desktop role
|
||||
# ── Desktop Only Role ─────────────────────────────────────
|
||||
(lib.mkIf config.sovran_systemsOS.roles.desktop {
|
||||
services.xserver.enable = true;
|
||||
services.desktopManager.gnome.enable = true;
|
||||
|
||||
sovran_systemsOS.services = {
|
||||
synapse = lib.mkDefault false;
|
||||
bitcoin = lib.mkDefault false;
|
||||
vaultwarden = lib.mkDefault false;
|
||||
wordpress = lib.mkDefault false;
|
||||
nextcloud = lib.mkDefault false;
|
||||
};
|
||||
|
||||
sovran_systemsOS.web.btcpayserver = lib.mkDefault false;
|
||||
})
|
||||
|
||||
# Bitcoin node role — only bitcoin, disable other services
|
||||
# ── Bitcoin Node Only Role ────────────────────────────────
|
||||
# Bitcoin ecosystem + mempool, BTCPay runs but not exposed via Caddy
|
||||
(lib.mkIf config.sovran_systemsOS.roles.node {
|
||||
sovran_systemsOS.services = {
|
||||
bitcoin = true;
|
||||
synapse = false;
|
||||
vaultwarden = false;
|
||||
wordpress = false;
|
||||
nextcloud = false;
|
||||
bitcoin = lib.mkDefault true;
|
||||
synapse = lib.mkDefault false;
|
||||
vaultwarden = lib.mkDefault false;
|
||||
wordpress = lib.mkDefault false;
|
||||
nextcloud = lib.mkDefault false;
|
||||
};
|
||||
|
||||
sovran_systemsOS.features.mempool = lib.mkDefault true;
|
||||
|
||||
sovran_systemsOS.web.btcpayserver = lib.mkDefault false;
|
||||
})
|
||||
|
||||
];
|
||||
|
||||
@@ -50,11 +50,19 @@
|
||||
rdp = lib.mkEnableOption "Gnome Remote Desktop";
|
||||
};
|
||||
|
||||
# ── Web exposure (controls Caddy vhosts) ──────────────────
|
||||
web = {
|
||||
btcpayserver = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = "Expose BTCPay Server via Caddy (service still runs via nix-bitcoin regardless)";
|
||||
};
|
||||
};
|
||||
|
||||
nostr_npub = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "";
|
||||
description = "Nostr public key (npub1...) for Haven relay";
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user