{ lib, config, ... }: let enableContainers = lib.any (opt: opt) [ config.my.servers.collabora.enable config.my.servers.ryot.enable config.my.servers.lidarr.enable config.my.servers.prowlarr.enable config.my.servers.maloja.enable config.my.servers.multi-scrobbler.enable config.my.servers.flame.enable config.my.servers.flameSecret.enable config.my.servers.metube.enable config.my.servers.go-vod.enable config.my.servers.tranga.enable ]; in { imports = let serverFiles = builtins.filter ( file: builtins.match ".*\\.nix" file != null && file != "setup.nix" ) (builtins.attrNames (builtins.readDir ./servers)); in map (file: ./servers/${file}) serverFiles; options.my = { localhost = lib.mkOption { type = lib.types.str; default = "127.0.0.1"; description = "The localhost address."; }; domain = lib.mkOption { type = lib.types.str; default = "servidos.lat"; description = "The domain name."; }; ips = lib.mkOption { type = lib.types.attrsOf lib.types.str; default = { server = "192.168.1.69"; miniserver = "192.168.1.100"; workstation = "192.168.1.64"; }; description = "Set of IP's for all my computers."; }; mainServer = lib.mkOption { type = lib.types.str; default = "miniserver"; description = "The hostname of the main server."; }; postgresSocket = lib.mkOption { type = lib.types.str; default = "/run/postgresql"; description = "The PostgreSQL socket path."; }; containerSocket = lib.mkOption { type = lib.types.str; default = "/var/run/docker.sock"; description = "The docker/podman socket path."; }; containerData = lib.mkOption { type = lib.types.str; default = "/var/lib/docker-configs"; description = "The docker/podman socket path."; }; smtpemail = lib.mkOption { type = lib.types.str; default = "stunner6399@gmail.com"; description = "localhost smtp email"; }; email = lib.mkOption { type = lib.types.str; default = "CaptainJawZ@protonmail.com"; description = "localhost smtp email"; }; timeZone = lib.mkOption { type = lib.types.str; default = "America/Mexico_City"; description = "Timezone"; }; enableContainers = lib.mkEnableOption "enable"; enableProxy = lib.mkEnableOption "enable"; }; config = { my = { enableContainers = lib.mkDefault false; enableProxy = lib.mkDefault false; servers = { jellyfin = { enable = lib.mkDefault false; enableCron = lib.mkDefault false; }; nextcloud = { enable = lib.mkDefault false; enableCron = lib.mkDefault false; }; adguardhome.enable = lib.mkDefault false; audiobookshelf = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; bazarr = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; collabora = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; flame = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; flameSecret = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; go-vod.enable = lib.mkDefault false; homepage = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; kavita = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; lidarr = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; maloja = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; mealie = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; metube = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; microbin = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; multi-scrobbler = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; paperless.enable = lib.mkDefault false; postgres.enable = lib.mkDefault false; prowlarr = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; sabnzbd.enable = lib.mkDefault false; qbittorrent.enable = lib.mkDefault false; unpackerr.enable = lib.mkDefault false; radarr = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; ryot = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; shiori = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; sonarr = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; vaultwarden = { enable = lib.mkDefault false; enableProxy = lib.mkDefault false; }; firefly-iii.enable = lib.mkDefault false; tranga.enable = lib.mkDefault false; }; }; virtualisation = { containers.enable = true; oci-containers.backend = "podman"; podman = lib.mkIf (enableContainers || config.my.enableContainers) { enable = true; dockerCompat = true; dockerSocket.enable = true; defaultNetwork.settings.dns_enabled = true; autoPrune = { enable = true; flags = [ "--all" ]; dates = "weekly"; }; }; }; security.acme = lib.mkIf config.services.nginx.enable { acceptTerms = true; defaults.email = config.my.email; }; services.nginx = { enable = config.my.enableProxy; clientMaxBodySize = "4096m"; sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; }; networking.firewall = let ports = [ 80 443 ]; in { allowedTCPPorts = ports; allowedUDPPorts = ports; }; }; }