refactor: introduce Services and Monitoring sections

1 files changed, 58 insertions, 34 deletions

diff --git a/nixos/hosts/ev/default.nix b/nixos/hosts/ev/default.nix
index 0723b8d..459b48f 100644
--- a/nixos/hosts/ev/default.nix
+++ b/nixos/hosts/ev/default.nix
@@ -48,19 +48,13 @@ in
   # unsure why this is necessary
   networking.interfaces.enp3s0.useDHCP = true;
 
-  home-automation.zigbee2mqttPort = ports.zigbee2mqtt;
-  qbittorrent.webUiPort = ports.qbittorrent;
-  qbittorrent.networkNamespace = "se";
-  monitoring.alloyUiPort = ports.grafanaAlloy;
-  monitoring.lokiPort = ports.grafanaLoki;
-  monitoring.prometheusPort = ports.prometheus;
-  monitoring.prometheusNodeExporterPort = ports.prometheusNodeExporter;
-  exporters.sqlExporterPort = ports.prometheusSqlExporter;
-  hosehawk.port = ports.hosehawk;
-  miniflux.port = ports.miniflux;
-  navidrome.port = ports.navidrome;
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "ev";
+  networking.networkmanager.enable = true;
 
-  home-automation.zigbeeSerialPort = "/dev/serial/by-id/usb-ITead_Sonoff_Zigbee_3.0_USB_Dongle_Plus_e2fed465c59ded11962fd7a5a7669f5d-if00-port0";
+  time.timeZone = "Europe/Vienna";
 
   fileSystems = {
     "/mnt/personal" = {
@@ -75,6 +69,58 @@ in
     };
   };
 
+  users.users = {
+    martin = {
+      isNormalUser = true;
+      extraGroups = [
+        "networkmanager"
+        "wheel"
+      ];
+    };
+  };
+
+  # Services
+
+  services.nginx = {
+    enable = true;
+    virtualHosts."ev.tailnet" = helpers.serviceIndexHost "ev.tailnet" ports.webUis;
+  };
+
+  home-automation = {
+    zigbee2mqttPort = ports.zigbee2mqtt;
+    zigbeeSerialPort = "/dev/serial/by-id/usb-ITead_Sonoff_Zigbee_3.0_USB_Dongle_Plus_e2fed465c59ded11962fd7a5a7669f5d-if00-port0";
+  };
+
+  hosehawk = {
+    port = ports.hosehawk;
+  };
+
+  miniflux = {
+    port = ports.miniflux;
+  };
+
+  navidrome = {
+    port = ports.navidrome;
+  };
+
+  qbittorrent = {
+    webUiPort = ports.qbittorrent;
+    networkNamespace = "se";
+  };
+
+  # Monitoring
+
+  exporters = {
+    sqlExporterPort = ports.prometheusSqlExporter;
+  };
+
+  monitoring = {
+    alloyUiPort = ports.grafanaAlloy;
+    lokiPort = ports.grafanaLoki;
+    prometheusPort = ports.prometheus;
+    prometheusNodeExporterPort = ports.prometheusNodeExporter;
+  };
+
   # Backups
   age.secrets.restic-db.file = ./secrets/restic-db.age;
   age.secrets.restic-media.file = ./secrets/restic-media.age;
@@ -107,23 +153,6 @@ in
     };
   };
 
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  networking.hostName = "ev";
-
-  networking.networkmanager.enable = true;
-
-  time.timeZone = "Europe/Vienna";
-
-  users.users.martin = {
-    isNormalUser = true;
-    extraGroups = [
-      "networkmanager"
-      "wheel"
-    ];
-  };
-
   # Open ports in the firewall.
   networking.firewall.allowedTCPPorts = [
     # Enabling openssh automatically opens its port in the firewall.
@@ -131,11 +160,6 @@ in
   ];
   networking.firewall.allowedUDPPorts = [];
 
-  services.nginx = {
-    enable = true;
-    virtualHosts."ev.tailnet" = helpers.serviceIndexHost "ev.tailnet" ports.webUis;
-  };
-
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
   # on your system were taken. It‘s perfectly fine and recommended to leave