move server module loading to modules folder

fake_flake.nix

@@ -23,19 +23,7 @@ let
 
     grimmauld-nixos-server = [
       ./specific/grimmauld-nixos-server/configuration.nix
-      ./modules/letsencrypt.nix
+      ./modules
-
-      ./modules/matrix.nix
-      ./modules/puffer.nix
-      ./modules/gitea.nix
-      ./modules/grafana.nix
-      ./modules/nextcloud.nix
-      ./modules/prometheus.nix
-      # ./modules/mjolnir.nix
-      ./modules/fail2ban.nix
-      ./modules/email.nix
-      ./modules/discord-matrix-bridge.nix
-      ./modules/mastodon.nix
     ];
   };
 

modules/default.nix

@@ -0,0 +1,59 @@
+{
+  lib,
+  config,
+  inputs,
+  pkgs,
+  ...
+}:
+let
+  inherit (config.networking) domain;
+  root_email = "contact@${domain}";
+in
+{
+  imports = [
+      ./matrix.nix
+      ./puffer.nix
+      ./gitea.nix
+      ./grafana.nix
+      ./nextcloud.nix
+      ./prometheus.nix
+      # ./mjolnir.nix
+      ./fail2ban.nix
+      ./email.nix
+      ./discord-matrix-bridge.nix
+      ./mastodon.nix
+  ];
+
+  security.acme = {
+    acceptTerms = true;
+    defaults.email = root_email;
+    certs."${domain}" = {
+      webroot = "/var/lib/acme/acme-challenge/";
+    };
+  };
+
+  networking.firewall.allowedTCPPorts = [
+    80
+    443
+  ];
+  services.nginx = {
+    # package = pkgs.nginxStable.override { openssl = pkgs.libressl; };
+    enable = true;
+    recommendedGzipSettings = true;
+    recommendedOptimisation = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+    sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
+
+    virtualHosts."${domain}" = {
+      forceSSL = true;
+      enableACME = lib.mkForce false; # use the correct cert, not some weird one that matrix-synapse module supplies
+      useACMEHost = domain;
+      locations."/" = {
+        root = "/var/www/${domain}";
+      };
+    };
+  };
+
+  users.users.nginx.extraGroups = [ "acme" ];
+}

modules/letsencrypt.nix

@@ -1,22 +0,0 @@
-{
-  lib,
-  config,
-  inputs,
-  pkgs,
-  ...
-}:
-let
-  inherit (config.networking) domain;
-  root_email = "contact@${domain}";
-in
-{
-  security.acme = {
-    acceptTerms = true;
-    defaults.email = root_email;
-    certs."${domain}" = {
-      webroot = "/var/lib/acme/acme-challenge/";
-    };
-  };
-
-  users.users.nginx.extraGroups = [ "acme" ];
-}

specific/grimmauld-nixos-server/configuration.nix

@@ -11,38 +11,15 @@ in
 {
   imports = [ ./hardware-configuration.nix ];
 
-  boot = {
+#  boot = {
-    kernelPackages = pkgs.linuxPackages_latest;
+#    kernelPackages = pkgs.linuxPackages_latest;
-  };
+#  };
-
+  
-  networking.firewall.allowedTCPPorts = [
-    80
-    443
-  ];
   networking.hostName = "grimmauld-nixos-server";
   networking.domain = "grimmauld.de";
   services.openssh.enable = true;
   system.stateVersion = "23.11";
-  # networking.networkmanager.enable = lib.mkForce false;
+  networking.networkmanager.enable = lib.mkForce false;
-
-  services.nginx = {
-    # package = pkgs.nginxStable.override { openssl = pkgs.libressl; };
-    enable = true;
-    recommendedGzipSettings = true;
-    recommendedOptimisation = true;
-    recommendedProxySettings = true;
-    recommendedTlsSettings = true;
-    sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
-
-    virtualHosts."${domain}" = {
-      forceSSL = true;
-      enableACME = lib.mkForce false; # use the correct cert, not some weird one that matrix-synapse module supplies
-      useACMEHost = domain;
-      locations."/" = {
-        root = "/var/www/${domain}";
-      };
-    };
-  };
 
   #  users.users.root.openssh.authorizedKeys.keys = (import ./authorizedKeys.nix);
 }