2023-05-11 05:33:08 +07:00
|
|
|
{ lib
|
|
|
|
, ... }:
|
|
|
|
{
|
|
|
|
options.server = with lib; mkOption {
|
|
|
|
type = types.submodule {
|
|
|
|
options = {
|
|
|
|
domainName = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "pavluk.org";
|
|
|
|
description = "domain name";
|
|
|
|
};
|
2023-10-18 19:34:55 +07:00
|
|
|
laptopHostname = mkOption {
|
|
|
|
type = with types; nullOr str;
|
|
|
|
default = null;
|
|
|
|
description = "laptop hostname";
|
|
|
|
};
|
2023-10-18 20:24:52 +07:00
|
|
|
laptopPublicKey = mkOption {
|
|
|
|
type = with types; nullOr str;
|
|
|
|
default = null;
|
|
|
|
description = "laptop public ssh key";
|
|
|
|
};
|
2023-08-28 00:46:51 +07:00
|
|
|
keycloakRealm = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "master";
|
|
|
|
description = "keycloak realm";
|
|
|
|
};
|
2023-05-11 05:33:08 +07:00
|
|
|
lanCidrV4 = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
description = "LAN mask (IPv4)";
|
2023-05-17 06:29:03 +07:00
|
|
|
example = "192.168.1.0/24";
|
2023-05-11 05:33:08 +07:00
|
|
|
default = "0.0.0.0/0";
|
|
|
|
};
|
|
|
|
lanCidrV6 = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
description = "LAN mask (IPv6)";
|
|
|
|
example = "fd01:abcd::/64";
|
|
|
|
default = "::/0";
|
|
|
|
};
|
|
|
|
localIpV4 = mkOption {
|
|
|
|
type = with types; nullOr str;
|
|
|
|
description = "server's local IPv4 address";
|
|
|
|
example = "192.168.1.2";
|
|
|
|
default = null;
|
|
|
|
};
|
|
|
|
localIpV6 = mkOption {
|
|
|
|
type = with types; nullOr str;
|
|
|
|
description = "server's local IPv6 address";
|
|
|
|
example = "fd01:abcd::2";
|
|
|
|
default = null;
|
|
|
|
};
|
|
|
|
hashedNoreplyPassword = mkOption {
|
|
|
|
type = types.str;
|
2023-05-17 06:29:03 +07:00
|
|
|
description = "hashed noreply password via mkpasswd -sm bcrypt for external access";
|
2023-05-11 05:33:08 +07:00
|
|
|
};
|
|
|
|
unhashedNoreplyPassword = mkOption {
|
|
|
|
type = types.str;
|
2023-05-17 06:29:03 +07:00
|
|
|
description = "unhashed noreply password for internal access only. \
|
|
|
|
This should be different from the password that is hashed for better security";
|
2023-05-11 05:33:08 +07:00
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
description = "server settings";
|
|
|
|
};
|
|
|
|
}
|