Remove unused code

2025-04-09 22:44:36 +02:00 · 2025-04-09 22:44:36 +02:00 · 48e71f75f8
commit 48e71f75f8
parent af5a07ca19
104 changed files with 151 additions and 229 deletions
--- a/hosts/aluminium/configuration.nix
+++ b/hosts/aluminium/configuration.nix
@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, ... }:

 {
  imports = [
--- a/hosts/aluminium/hardware-configuration.nix
+++ b/hosts/aluminium/hardware-configuration.nix
@ -1,7 +1,7 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{ config, lib, modulesPath, ... }:

 {
  imports =
--- a/hosts/aluminium/ports.nix
+++ b/hosts/aluminium/ports.nix
@ -1,4 +1,4 @@
-{ lib, custom-utils, ... }:
+{ custom-utils, ... }:

 custom-utils.validatePortAttrset {
  asterisk-rtp = { udp.range = [ 10000 10200 ]; };
--- a/hosts/aluminium/services/asterisk/default.nix
+++ b/hosts/aluminium/services/asterisk/default.nix
@ -1,4 +1,4 @@
-args@{ config, lib, pkgs, custom-utils, ... }:
+args@{ config, lib, pkgs, ... }:

 let
  ports = import ../../ports.nix args;
--- a/hosts/aluminium/services/asterisk/voicemail-sounds/default.nix
+++ b/hosts/aluminium/services/asterisk/voicemail-sounds/default.nix
@ -1,4 +1,4 @@
-{ lib, stdenvNoCC }:
+{ stdenvNoCC }:

 stdenvNoCC.mkDerivation {
  name = "voicemail-sounds";
--- a/hosts/aluminium/services/dnsmasq.nix
+++ b/hosts/aluminium/services/dnsmasq.nix
@ -1,8 +1,5 @@
 { lib, pkgs, ... }:

-let
-  stateDir = "/var/lib/dnsmasq";
-in
 {
  services.dnsmasq = {
    enable = true;
@ -54,7 +51,7 @@ in
    "voice"
  ]
    (
-      interface: {
+      _: {
        allowedUDPPorts = [ 53 67 ];
        allowedTCPPorts = [ 53 ];
      }
--- a/hosts/aluminium/services/doorbell.nix
+++ b/hosts/aluminium/services/doorbell.nix
@ -1,4 +1,4 @@
-args@{ config, lib, pkgs, custom-utils, ... }:
+args@{ config, ... }:

 let
  ports = import ../ports.nix args;
--- a/hosts/aluminium/services/esphome/default.nix
+++ b/hosts/aluminium/services/esphome/default.nix
@ -1,7 +1,6 @@
-args@{ lib, pkgs, config, custom-utils, ... }:
+args@{ lib, pkgs, config, ... }:
 let
  ports = import ../../ports.nix args;
-  cfg = config.services.esphome;
  cfgdir = pkgs.stdenvNoCC.mkDerivation {
    name = "esphome-config";
    src = ./devices;
@ -11,10 +10,6 @@ let
      cp -r * $out
    '';
  };
-  esphomeParams =
-    if cfg.enableUnixSocket
-    then "--socket /run/esphome/esphome.sock"
-    else "--address ${cfg.address} --port ${toString cfg.port}";
 in
 {
  sops.secrets.esphome = {
--- a/hosts/aluminium/services/home-assistant.nix
+++ b/hosts/aluminium/services/home-assistant.nix
@ -1,4 +1,4 @@
-args@{ lib, pkgs, config, custom-utils, ... }:
+args@{ pkgs, config, ... }:
 let
  ports = import ../ports.nix args;
 in
--- a/hosts/aluminium/services/nginx.nix
+++ b/hosts/aluminium/services/nginx.nix
@ -1,4 +1,4 @@
-args@{ pkgs, custom-utils, ... }:
+args:

 let
  ports = import ../ports.nix args;
--- a/hosts/aluminium/services/ntp.nix
+++ b/hosts/aluminium/services/ntp.nix
@ -1,4 +1,3 @@
-{ lib, pkgs, ... }:
 {
  services.chrony = {
    enable = true;
--- a/hosts/aluminium/services/unifi-controller.nix
+++ b/hosts/aluminium/services/unifi-controller.nix
@ -1,4 +1,4 @@
-args@{ pkgs, custom-utils, ... }:
+args@{ pkgs, ... }:

 let
  ports = import ../ports.nix args;
--- a/hosts/cadmium/configuration.nix
+++ b/hosts/cadmium/configuration.nix
@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ pkgs, ... }:

 {
  imports = [
--- a/hosts/copper/services/ntfy.nix
+++ b/hosts/copper/services/ntfy.nix
@ -1,4 +1,3 @@
-{ pkgs, lib, ... }:
 {
  sops.secrets.ntfy_shiftphone = {
    sopsFile = ../secrets.yaml;
--- a/hosts/iron/configuration.nix
+++ b/hosts/iron/configuration.nix
@ -1,4 +1,4 @@
-{ inputs, config, pkgs, lib, ... }:
+{ config, pkgs, lib, ... }:
 let
  interfaces = import ./interfaces.nix;
  disks = {
@ -119,13 +119,11 @@ with lib; {
    jalr.luksUsbUnlock = {
      enable = true;
      devices = builtins.mapAttrs
-        (name: dev:
-          {
-            keyPath = "iron.key";
-            usbDevice = "by-label/RAM_USB";
-            waitForDevice = 10;
-          }
-        )
+        (_: _: {
+          keyPath = "iron.key";
+          usbDevice = "by-label/RAM_USB";
+          waitForDevice = 10;
+        })
        disks;
    };

@ -144,12 +142,10 @@ with lib; {
        ];
        systemd.enable = true;
        luks.devices = builtins.mapAttrs
-          (name: dev:
-            {
-              device = "${devNodes}${dev}${partitionScheme.luksDev}";
-              allowDiscards = true;
-            }
-          )
+          (_: dev: {
+            device = "${devNodes}${dev}${partitionScheme.luksDev}";
+            allowDiscards = true;
+          })
          disks;
      };
      supportedFilesystems = [ "zfs" ];
--- a/hosts/iron/ports.nix
+++ b/hosts/iron/ports.nix
@ -1,4 +1,4 @@
-{ lib, custom-utils, ... }:
+{ custom-utils, ... }:

 custom-utils.validatePortAttrset {
  calibre-server.tcp = 8081;
--- a/hosts/iron/services/avahi.nix
+++ b/hosts/iron/services/avahi.nix
@ -1,4 +1,3 @@
-args@{ lib, pkgs, config, custom-utils, ... }:
 let
  interfaces = import ../interfaces.nix;
 in
--- a/hosts/iron/services/calibre.nix
+++ b/hosts/iron/services/calibre.nix
@ -1,4 +1,4 @@
-args@{ lib, config, pkgs, custom-utils, ... }:
+args@{ lib, config, ... }:
 let
  ports = import ../ports.nix args;
 in
--- a/hosts/iron/services/dnsmasq.nix
+++ b/hosts/iron/services/dnsmasq.nix
@ -2,7 +2,6 @@

 let
  interfaces = import ../interfaces.nix;
-  stateDir = "/var/lib/dnsmasq";
 in
 {
  services.dnsmasq = {
@ -47,7 +46,7 @@ in
    "iot"
  ]
    (
-      interface: {
+      _: {
        allowedUDPPorts = [ 53 67 ];
        allowedTCPPorts = [ 53 ];
      }
--- a/hosts/iron/services/esphome/default.nix
+++ b/hosts/iron/services/esphome/default.nix
@ -1,7 +1,6 @@
-args@{ lib, pkgs, config, custom-utils, ... }:
+args@{ lib, pkgs, config, ... }:
 let
  ports = import ../../ports.nix args;
-  cfg = config.services.esphome;
  cfgdir = pkgs.stdenvNoCC.mkDerivation {
    name = "esphome-config";
    src = ./devices;
@ -11,10 +10,6 @@ let
      cp -r * $out
    '';
  };
-  esphomeParams =
-    if cfg.enableUnixSocket
-    then "--socket /run/esphome/esphome.sock"
-    else "--address ${cfg.address} --port ${toString cfg.port}";
 in
 {
  sops.secrets.esphome = {
--- a/hosts/iron/services/home-assistant.nix
+++ b/hosts/iron/services/home-assistant.nix
@ -1,4 +1,4 @@
-args@{ lib, pkgs, config, custom-utils, ... }:
+args@{ lib, pkgs, config, ... }:
 let
  ports = import ../ports.nix args;
  interfaces = import ../interfaces.nix;
--- a/hosts/iron/services/jellyfin.nix
+++ b/hosts/iron/services/jellyfin.nix
@ -1,4 +1,4 @@
-args@{ lib, pkgs, custom-utils, ... }:
+args@{ lib, ... }:
 let
  ports = import ../ports.nix args;
 in
--- a/hosts/iron/services/mail.nix
+++ b/hosts/iron/services/mail.nix
@ -1,4 +1,4 @@
-args@{ config, pkgs, custom-utils, ... }:
+args:

 let
  ports = import ../ports.nix args;
--- a/hosts/iron/services/matrix.nix
+++ b/hosts/iron/services/matrix.nix
@ -1,4 +1,4 @@
-args@{ config, pkgs, custom-utils, ... }:
+args@{ config, pkgs, ... }:

 let
  ports = import ../ports.nix args;
--- a/hosts/iron/services/navidrome.nix
+++ b/hosts/iron/services/navidrome.nix
@ -1,4 +1,4 @@
-args@{ config, lib, pkgs, utils, custom-utils, ... }:
+args@{ config, lib, pkgs, ... }:

 let
  ports = import ../ports.nix args;
--- a/hosts/iron/services/nginx.nix
+++ b/hosts/iron/services/nginx.nix
@ -1,4 +1,4 @@
-args@{ pkgs, custom-utils, ... }:
+args:

 let
  ports = import ../ports.nix args;
--- a/hosts/iron/services/ntp.nix
+++ b/hosts/iron/services/ntp.nix
@ -1,4 +1,3 @@
-{ lib, pkgs, ... }:
 {
  services.chrony = {
    enable = true;
--- a/hosts/iron/services/public-ip-tunnel.nix
+++ b/hosts/iron/services/public-ip-tunnel.nix
@ -1,4 +1,4 @@
-args@{ config, lib, pkgs, custom-utils, ... }:
+args@{ config, lib, pkgs, ... }:

 let
  ports = import ../ports.nix args;
--- a/hosts/iron/services/radicale.nix
+++ b/hosts/iron/services/radicale.nix
@ -1,4 +1,4 @@
-args@{ config, lib, pkgs, custom-utils, ... }:
+args@{ config, ... }:

 let
  ports = import ../ports.nix args;
--- a/hosts/iron/services/remarkable.nix
+++ b/hosts/iron/services/remarkable.nix
@ -1,4 +1,4 @@
-args@{ lib, config, pkgs, custom-utils, ... }:
+args@{ lib, config, pkgs, ... }:
 let
  ports = import ../ports.nix args;
  domain = "rmfakecloud.jalr.de";
--- a/hosts/iron/services/snapcast/ledfx.nix
+++ b/hosts/iron/services/snapcast/ledfx.nix
@ -1,4 +1,4 @@
-args@{ lib, pkgs, config, custom-utils, ... }:
+{ pkgs, ... }:
 let
  interfaces = import ../../interfaces.nix;
 in
--- a/hosts/iron/services/snapcast/mopidy.nix
+++ b/hosts/iron/services/snapcast/mopidy.nix
@ -1,4 +1,4 @@
-args@{ lib, pkgs, config, custom-utils, ... }:
+{ lib, pkgs, config, ... }:
 let
  interfaces = import ../../interfaces.nix;
  mopidyConfig = {
--- a/hosts/iron/services/snapcast/snapclient.nix
+++ b/hosts/iron/services/snapcast/snapclient.nix
@ -1,19 +1,6 @@
-{ lib, pkgs, ... }:
+{ pkgs, ... }:

-let hostId = "Wohnzimmer";
-in
 {
-  #services.pipewire = {
-  #  enable = true;
-  #  pulse.enable = true;
-  #  alsa.enable = true;
-  #};
-
-  #environment.systemPackages = with pkgs; [
-  #  pulseaudio # pacmd and pactl
-  #  pulsemixer
-  #];
-
  systemd.services.snapclient = {
    enable = true;
    description = "Snapcast client";
--- a/hosts/iron/services/snapcast/snapserver.nix
+++ b/hosts/iron/services/snapcast/snapserver.nix
@ -1,4 +1,4 @@
-args@{ lib, pkgs, config, custom-utils, ... }:
+args@{ lib, pkgs, config, ... }:
 let
  ports = import ../../ports.nix args;
  interfaces = import ../../interfaces.nix;
--- a/hosts/iron/services/sturzbach.nix
+++ b/hosts/iron/services/sturzbach.nix
@ -1,4 +1,4 @@
-args@{ config, lib, custom-utils, ... }:
+args:

 let
  ports = import ../ports.nix args;
--- a/hosts/iron/services/unifi-controller.nix
+++ b/hosts/iron/services/unifi-controller.nix
@ -1,4 +1,4 @@
-args@{ pkgs, custom-utils, ... }:
+args@{ pkgs, ... }:

 let
  ports = import ../ports.nix args;
--- a/hosts/iron/services/whatsapp.nix
+++ b/hosts/iron/services/whatsapp.nix
@ -1,4 +1,4 @@
-args@{ config, pkgs, custom-utils, ... }:
+args@{ pkgs, ... }:

 let
  ports = import ../ports.nix args;
--- a/hosts/magnesium/configuration.nix
+++ b/hosts/magnesium/configuration.nix
@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ lib, ... }:

 {
  imports = [
@ -6,6 +6,7 @@
    ./services
    ../../users/jalr
    ./persistence.nix
+    ./ports.nix
  ];

  networking.hostName = "magnesium";
--- a/hosts/magnesium/ports.nix
+++ b/hosts/magnesium/ports.nix
@ -1,15 +1,15 @@
-{ custom-utils, ... }:
-
-custom-utils.validatePortAttrset {
-  coturn-cli.tcp = 5766;
-  coturn-plain = { tcp = [ 3478 3479 ]; udp = [ 3478 3479 ]; };
-  coturn-relay.udp.range = [ 49160 49200 ];
-  coturn-tls = { tcp = [ 5349 5350 ]; udp = [ 5349 5350 ]; };
-  forgejo-ssh.tcp = 2022;
-  hedgedoc.tcp = 3000;
-  nginx-http.tcp = 80;
-  nginx-https.tcp = 443;
-  ntfy.tcp = 12474;
-  trilium.tcp = 12783;
-  wireguard-public-ip-tunnel.udp = 51000;
+{
+  config.networking.ports = {
+    coturn-cli.tcp = 5766;
+    coturn-plain = { tcp = [ 3478 3479 ]; udp = [ 3478 3479 ]; };
+    coturn-relay.udp = { from = 49160; to = 49200; };
+    coturn-tls = { tcp = [ 5349 5350 ]; udp = [ 5349 5350 ]; };
+    forgejo-ssh.tcp = 2022;
+    hedgedoc.tcp = 3000;
+    nginx-http.tcp = 80;
+    nginx-https.tcp = 443;
+    ntfy.tcp = 12474;
+    trilium.tcp = 12783;
+    wireguard-public-ip-tunnel.udp = 51000;
+  };
 }
--- a/hosts/magnesium/services/coturn.nix
+++ b/hosts/magnesium/services/coturn.nix
@ -1,9 +1,9 @@
-args@{ config, lib, pkgs, custom-utils, ... }:
+{ config, lib, pkgs, ... }:

 let
-  ports = import ../ports.nix args;
  cfg = config.services.coturn;
  fqdn = "turn.jalr.de";
+  ports = config.networking.ports;
 in
 {
  sops.secrets.turn-static-auth-secret = {
@ -22,8 +22,8 @@ in
      tls-listening-port = builtins.elemAt ports.coturn-tls.tcp 0;
      alt-tls-listening-port = builtins.elemAt ports.coturn-tls.tcp 1;
      cli-port = ports.coturn-cli.tcp;
-      min-port = builtins.elemAt ports.coturn-relay.udp.range 0;
-      max-port = builtins.elemAt ports.coturn-relay.udp.range 1;
+      min-port = ports.coturn-relay.udp.from;
+      max-port = ports.coturn-relay.udp.to;
    }
  ) // {
    enable = true;
@ -108,10 +108,6 @@ in
  networking.firewall = {
    allowedTCPPorts = with cfg; [ listening-port alt-listening-port tls-listening-port alt-tls-listening-port ];
    allowedUDPPorts = with cfg; [ listening-port alt-listening-port tls-listening-port alt-tls-listening-port ];
-
-    allowedUDPPortRanges = lib.singleton {
-      from = builtins.elemAt ports.coturn-relay.udp.range 0;
-      to = builtins.elemAt ports.coturn-relay.udp.range 1;
-    };
+    allowedUDPPortRanges = lib.singleton ports.coturn-relay.udp;
  };
 }
--- a/hosts/magnesium/services/forgejo.nix
+++ b/hosts/magnesium/services/forgejo.nix
@ -1,8 +1,8 @@
-args@{ config, custom-utils, ... }:
+{ config, ... }:
 let
  domain = "git.jalr.de";
  cfg = config.services.forgejo;
-  ports = import ../ports.nix args;
+  ports = config.networking.ports;
 in
 {
  sops.secrets.forgejo-mail = {
--- a/hosts/magnesium/services/gitlab-runner.nix
+++ b/hosts/magnesium/services/gitlab-runner.nix
@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, pkgs, ... }:

 {
  sops.secrets.gitlab-runner_fablab-nea-hcloud-labsync = {
--- a/hosts/magnesium/services/hedgedoc.nix
+++ b/hosts/magnesium/services/hedgedoc.nix
@ -1,9 +1,9 @@
-args@{ config, custom-utils, ... }:
+{ config, ... }:

 let
  domain = "pad.jalr.de";
-  ports = import ../ports.nix args;
  cfg = config.services.hedgedoc;
+  ports = config.networking.ports;
 in
 {
  sops.secrets.hedgedoc-session-secret = {
--- a/hosts/magnesium/services/ntfy.nix
+++ b/hosts/magnesium/services/ntfy.nix
@ -1,9 +1,9 @@
-args@{ lib, pkgs, config, custom-utils, ... }:
+{ config, ... }:
 let
  cfg = config.services.ntfy-sh;
-  ports = import ../ports.nix args;
  domain = "ntfy.jalr.de";
  datadir = "/var/lib/ntfy-sh";
+  ports = config.networking.ports;
 in
 {
  # ntfy access --auth-file /var/lib/private/ntfy-sh/user.db '*' 'up*' write-only
--- a/hosts/magnesium/services/public-ip-tunnel.nix
+++ b/hosts/magnesium/services/public-ip-tunnel.nix
@ -1,9 +1,9 @@
-args@{ config, lib, pkgs, custom-utils, ... }:
+{ config, lib, ... }:

 let
-  ports = import ../ports.nix args;
  listenPort = ports.wireguard-public-ip-tunnel.udp;
  publicKey = "GCmQs7upvDYFueEfqD2yJkkOZg3K7YaGluWWzdjsyTo=";
+  ports = config.networking.ports;
 in
 {
  sops.secrets = lib.listToAttrs (map
--- a/hosts/magnesium/services/trilium.nix
+++ b/hosts/magnesium/services/trilium.nix
@ -1,8 +1,8 @@
-args@{ config, lib, pkgs, custom-utils, ... }:
+{ config, pkgs, ... }:

 let
-  ports = import ../ports.nix args;
  domain = "notes.jalr.de";
+  ports = config.networking.ports;
 in
 {
  services.trilium-server = {
--- a/hosts/magnesium/services/webserver.nix
+++ b/hosts/magnesium/services/webserver.nix
@ -1,9 +1,9 @@
-args@{ config, lib, pkgs, custom-utils, ... }:
+{ config, lib, pkgs, ... }:

 let
-  ports = import ../ports.nix args;
  domain = "jalr.de";
  matrixDomain = "matrix.jalr.de";
+  ports = config.networking.ports;
 in
 {
  networking.firewall.allowedTCPPorts = [ ports.nginx-http.tcp ports.nginx-https.tcp ];
--- a/hosts/weinturm-pretix-prod/hardware-configuration.nix
+++ b/hosts/weinturm-pretix-prod/hardware-configuration.nix
@ -1,4 +1,4 @@
-{ config, lib, pkgs, modulesPath, ... }:
+{ lib, modulesPath, ... }:
 {
  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];

--- a/hosts/weinturm-pretix-prod/ports.nix
+++ b/hosts/weinturm-pretix-prod/ports.nix
@ -1,4 +1,4 @@
-{ lib, custom-utils, ... }:
+{ custom-utils, ... }:

 custom-utils.validatePortAttrset {
  nginx-http.tcp = 80;
--- a/hosts/weinturm-pretix-prod/services/pretix.nix
+++ b/hosts/weinturm-pretix-prod/services/pretix.nix
@ -1,4 +1,4 @@
-args@{ config, lib, pkgs, custom-utils, ... }:
+args@{ config, lib, ... }:

 let
  cfg = config.services.pretix;