joint ips & ports open through lambda

hosts/server/configuration.nix

@@ -1,4 +1,9 @@
-{ pkgs, config, ... }:
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}:
 {
   imports = [
     ./hardware-configuration.nix
@@ -9,32 +14,15 @@
   sops.secrets."vps/home/private".sopsFile = ../../secrets/wireguard.yaml;
   networking =
     let
-      ports = [
+      enabledPorts =
+        config.my.servers
+        |> lib.filterAttrs (_: srv: (srv.enable or false) && (srv ? port))
+        |> lib.attrValues
+        |> map (srv: srv.port);
+      ports = enabledPorts ++ [
         2049 # idk
-        9999 # stash
         8384 # syncthing
-        5201 # vps speed test
         3452 # sonarqube
-        config.my.servers.audiobookshelf.port
-        config.my.servers.bazarr.port
-        config.my.servers.collabora.port
-        config.my.servers.homepage.port
-        config.my.servers.kavita.port
-        config.my.servers.lidarr.port
-        config.my.servers.maloja.port
-        config.my.servers.microbin.port
-        config.my.servers.multi-scrobbler.port
-        config.my.servers.plex.port
-        config.my.servers.prowlarr.port
-        config.my.servers.radarr.port
-        config.my.servers.readeck.port
-        config.my.servers.ryot.port
-        config.my.servers.sonarr.port
-        config.my.servers.synapse.port
-        config.my.servers.vaultwarden.port
-        config.my.servers.jellyfin.port
-        config.my.servers.mealie.port
-        config.my.servers.gitea.port
         config.services.gitea.settings.server.SSH_PORT
       ];
     in
@@ -46,13 +34,13 @@
         interfaces.wg0.allowedTCPPorts = [ 8081 ];
       };
       wireguard.interfaces.wg0 = {
-        ips = [ "${config.my.wgServerIp}/32" ];
+        ips = [ "${config.my.ips.wg-server}/32" ];
         privateKeyFile = config.sops.secrets."vps/home/private".path;
         peers = [
           {
             publicKey = "dFbiSekBwnZomarcS31o5+w6imHjMPNCipkfc2fZ3GY=";
-            endpoint = "51.222.141.104:51820";
-            allowedIPs = [ "${config.my.wgVpsIp}/32" ];
+            endpoint = "${config.my.ips.vps}:51820";
+            allowedIPs = [ "${config.my.ips.wg-vps}/32" ];
             persistentKeepalive = 25;
           }
         ];

hosts/server/toggles.nix

@@ -8,14 +8,7 @@ let
     inherit name;
     value = {
       enable = true;
-      ip = config.my.wgServerIp;
-    };
-  };
-  mkEnabledProxy = name: {
-    inherit name;
-    value = {
-      enable = true;
-      enableProxy = true;
+      ip = config.my.ips.wg-server;
     };
   };
   enableList = func: list: list |> map func |> builtins.listToAttrs;
@@ -74,8 +67,6 @@ in
     "postgres"
     "paperless"
     # "stash"
-    # ]
-    # // enableList mkEnabledProxy [
     "bazarr"
     "collabora"
     "homepage"

modules/modules.nix

@@ -40,21 +40,6 @@ in
       default = "::1";
       description = "The localhost ipv6 address.";
     };
-    wgVpsIp = lib.mkOption {
-      type = lib.types.str;
-      default = "10.77.0.1";
-      description = "The ip address of my router.";
-    };
-    wgServerIp = lib.mkOption {
-      type = lib.types.str;
-      default = "10.77.0.2";
-      description = "The ip address of my router.";
-    };
-    routerIp = lib.mkOption {
-      type = lib.types.str;
-      default = "192.168.100.1";
-      description = "The ip address of my router.";
-    };
     domain = lib.mkOption {
       type = lib.types.str;
       default = "servidos.lat";
@@ -63,9 +48,13 @@ in
     ips = lib.mkOption {
       type = lib.types.attrsOf lib.types.str;
       default = {
+        router = "192.168.100.1";
         server = "192.168.100.15";
         miniserver = "192.168.1.100";
         workstation = "192.168.100.18";
+        vps = "51.222.141.104";
+        wg-vps = "10.77.0.1";
+        wg-server = "10.77.0.2";
       };
       description = "Set of IP's for all my computers.";
     };

modules/servers/homepage/service-widgets.nix

@@ -196,7 +196,7 @@
       icon = "${cfg.name}.png";
       href = cfg.url;
       widget = {
-        url = "http://${config.my.wgServerIp}:8081";
+        url = "http://${config.my.ips.wg-server}:8081";
         type = cfg.name;
         username = "{{HOMEPAGE_VAR_NEXTCLOUD_USERNAME}}";
         password = "{{HOMEPAGE_VAR_NEXTCLOUD_PASSWORD}}";

modules/servers/nextcloud.nix

@@ -111,8 +111,8 @@ in
           trusted_proxies = [
             config.my.localhost
             config.my.localhost6
-            config.my.routerIp
-            config.my.wgVpsIp
+            config.my.ips.router
+            config.my.ips.wg-vps
           ];
           trusted_domains = [
             cfg.host
@@ -165,7 +165,7 @@ in
           #vps
           listen = [
             {
-              addr = config.my.wgServerIp;
+              addr = config.my.ips.wg-server;
               port = 8081;
             }
             {

modules/servers/synapse.nix

@@ -59,7 +59,7 @@ in
               bind_addresses = [
                 config.my.localhost
                 config.my.localhost6
-                config.my.wgServerIp
+                config.my.ips.wg-server
               ];
               type = "http";
               tls = false;