Sovran_Systems/Sovran_SystemsOS
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

fixed roles

Browse Source
This commit is contained in:
naturallaw77
2026-03-27 15:42:21 -05:00
parent adc1efc811
commit 29493f7caf
3 changed files with 40 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
modules/core/caddy.nix
View File

@@ -1,5 +1,8 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let
exposeBtcpay = config.sovran_systemsOS.web.btcpayserver;
in
{ {
services.caddy = { services.caddy = {
enable = true; enable = true;
@@ -95,7 +98,8 @@ $NEXTCLOUD {
EOF EOF
fi fi
# BTCPay # BTCPay (only if web exposure is enabled)
${if exposeBtcpay then ''
if [ -n "$BTCPAY" ]; then if [ -n "$BTCPAY" ]; then
cat >> /run/caddy/Caddyfile <<EOF cat >> /run/caddy/Caddyfile <<EOF
@@ -105,6 +109,9 @@ $BTCPAY {
} }
EOF EOF
fi fi
'' else ''
# BTCPay web exposure disabled by sovran_systemsOS.web.btcpayserver = false
''}
# Vaultwarden # Vaultwarden
if [ -n "$VAULTWARDEN" ]; then if [ -n "$VAULTWARDEN" ]; then

34
modules/core/role-logic.nix
View File

@@ -3,28 +3,40 @@
{ {
config = lib.mkMerge [ config = lib.mkMerge [
# Server-Desktop Role — services already default to on, # ── Server-Desktop Role (default) ─────────────────────────
# so we only need to set features here
(lib.mkIf config.sovran_systemsOS.roles.server-desktop { (lib.mkIf config.sovran_systemsOS.roles.server-desktop {
# All services are default=true, nothing to set
# All features are default=false, nothing to set
}) })
# Desktop role # ── Desktop Only Role ─────────────────────────────────────
(lib.mkIf config.sovran_systemsOS.roles.desktop { (lib.mkIf config.sovran_systemsOS.roles.desktop {
services.xserver.enable = true; services.xserver.enable = true;
services.desktopManager.gnome.enable = true; services.desktopManager.gnome.enable = true;
sovran_systemsOS.services = {
synapse = lib.mkDefault false;
bitcoin = lib.mkDefault false;
vaultwarden = lib.mkDefault false;
wordpress = lib.mkDefault false;
nextcloud = lib.mkDefault false;
};
sovran_systemsOS.web.btcpayserver = lib.mkDefault false;
}) })
# Bitcoin node role — only bitcoin, disable other services # ── Bitcoin Node Only Role ────────────────────────────────
# Bitcoin ecosystem + mempool, BTCPay runs but not exposed via Caddy
(lib.mkIf config.sovran_systemsOS.roles.node { (lib.mkIf config.sovran_systemsOS.roles.node {
sovran_systemsOS.services = { sovran_systemsOS.services = {
bitcoin = true; bitcoin = lib.mkDefault true;
synapse = false; synapse = lib.mkDefault false;
vaultwarden = false; vaultwarden = lib.mkDefault false;
wordpress = false; wordpress = lib.mkDefault false;
nextcloud = false; nextcloud = lib.mkDefault false;
}; };
sovran_systemsOS.features.mempool = lib.mkDefault true;
sovran_systemsOS.web.btcpayserver = lib.mkDefault false;
}) })
]; ];

10
modules/core/roles.nix
View File

@@ -50,11 +50,19 @@
rdp = lib.mkEnableOption "Gnome Remote Desktop"; rdp = lib.mkEnableOption "Gnome Remote Desktop";
}; };
# ── Web exposure (controls Caddy vhosts) ──────────────────
web = {
btcpayserver = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Expose BTCPay Server via Caddy (service still runs via nix-bitcoin regardless)";
};
};
nostr_npub = lib.mkOption { nostr_npub = lib.mkOption {
type = lib.types.str; type = lib.types.str;
default = ""; default = "";
description = "Nostr public key (npub1...) for Haven relay"; description = "Nostr public key (npub1...) for Haven relay";
}; };
}; };
} }