beginning of lighthouse

modules/users/lighthouse/default.nix

@@ -0,0 +1,10 @@
+{
+  lib,
+  config,
+  ...
+}: {
+  imports = [
+    ./user.nix
+    ./setup.nix
+  ];
+}

modules/users/lighthouse/setup.nix

@@ -0,0 +1,16 @@
+{
+  lib,
+  inputs,
+  config,
+  pkgs,
+  ...
+}:
+lib.mkIf config.user.lighthouse.enable {
+
+
+    services.nebula.networks.test = {
+        enable = true;
+        isLighthouse = true;
+    };
+        
+}

modules/users/lighthouse/user.nix

@@ -0,0 +1,15 @@
+{
+  inputs,
+  lib,
+  config,
+  ...
+}: {
+  config.users.users.lighthouse = lib.mkIf config.user.lighthouse.enable {
+    isNormalUser = true;
+    initialPassword = "changeme";
+    extraGroups = ["wheel"];
+    openssh.authorizedKeys.keyFiles = [
+      inputs.nix-secrets.keys.default
+    ];
+  };
+}

modules/users/overseer/services/bookstack.nix

@@ -1,37 +1,37 @@
 let
   volumePath = "/overseer/services";
 in
-{
-  lib,
-  pkgs,
-  config,
-  ...
-}:
-lib.mkIf config.user.overseer.enable {
-    sops.secrets."bookstack/key" = {
+  {
+    lib,
+    pkgs,
+    config,
+    ...
+  }:
+    lib.mkIf config.user.overseer.enable {
+      sops.secrets."bookstack/key" = {
         owner = "bookstack";
-    };
-      
-  services.restic.backups.bookstack = {
-    user = "root";
-    timerConfig = {
-      OnCalendar = "daily";
-      Persistent = true;
-    };
-    backupPrepareCommand = "${pkgs.mariadb}/bin/mysqldump -u root bookstack > ${volumePath}/tmp/bookstack.sql";
-    backupCleanupCommand = "rm ${volumePath}/tmp/bookstack.sql";
-    paths = [
-        "/var/lib/bookstack"
-        "${volumePath}/tmp/bookstack.sql"
-    ];
-    repositoryFile = config.sops.secrets."restic/url".path;
-    passwordFile = config.sops.secrets."restic/key".path;
-  };
-        
-    services.bookstack = {
+      };
+
+      services.restic.backups.bookstack = {
+        user = "root";
+        timerConfig = {
+          OnCalendar = "daily";
+          Persistent = true;
+        };
+        backupPrepareCommand = "${pkgs.mariadb}/bin/mysqldump -u root bookstack > ${volumePath}/tmp/bookstack.sql";
+        backupCleanupCommand = "rm ${volumePath}/tmp/bookstack.sql";
+        paths = [
+          "/var/lib/bookstack"
+          "${volumePath}/tmp/bookstack.sql"
+        ];
+        repositoryFile = config.sops.secrets."restic/url".path;
+        passwordFile = config.sops.secrets."restic/key".path;
+      };
+
+      services.bookstack = {
         enable = true;
         hostname = "bookstack.wanderingcrow.net";
         database.createLocally = true;
         appKeyFile = config.sops.secrets."bookstack/key".path;
-    };
-}
+      };
+    }

modules/users/overseer/services/grocy.nix

@@ -1,19 +1,16 @@
 let
   volumePath = "/overseer/services";
 in
-{
-  lib,
-  pkgs,
-  config,
-  ...
-}:
-lib.mkIf config.user.overseer.enable {
-    
-    services.grocy = {
+  {
+    lib,
+    pkgs,
+    config,
+    ...
+  }:
+    lib.mkIf config.user.overseer.enable {
+      services.grocy = {
         enable = true;
         hostName = "grocy.wanderingcrow.net";
         nginx.enableSSL = false;
-    };
-
-
-}
+      };
+    }

modules/users/overseer/services/invidious.nix

@@ -6,7 +6,6 @@
   ...
 }:
 lib.mkIf config.user.overseer.enable {
-    
   services.nginx = {
     enable = true;
     recommendedProxySettings = true;
@@ -17,12 +16,12 @@ lib.mkIf config.user.overseer.enable {
       };
     };
   };
-  
-    services.invidious = {
-        enable = true;
-        port = 3000;
-        nginx.enable = true;
-        domain = "vid.wanderingcrow.net";
-        database.createLocally = true;
-    };
+
+  services.invidious = {
+    enable = true;
+    port = 3000;
+    nginx.enable = true;
+    domain = "vid.wanderingcrow.net";
+    database.createLocally = true;
+  };
 }