re-arranged files

.gitignore

@@ -3,7 +3,6 @@ result
 *.qcow2
 homefree-image
 lan-client-image
-site/default-landing-page/node_modules
+services/landing-page/site/node_modules
-site/default-landing-page/public
+services/landing-page/site/public
-site/admin/node_modules
+services/admin/site/node_modules
-site/admin/public

configuration.nix

@@ -1,42 +1,42 @@
 { config, lib, ... }:
 {
   imports = [
-    ../../profiles/acme.nix
+    ./profiles/acme.nix
-    ../../profiles/common.nix
+    ./profiles/common.nix
-    ../../profiles/config-editor.nix
+    ./profiles/config-editor.nix
-    ../../profiles/git.nix
+    ./profiles/git.nix
-    ../../profiles/hardware-configuration.nix
+    ./profiles/hardware-configuration.nix
-    ../../profiles/nixvim.nix
+    ./profiles/nixvim.nix
-    ../../profiles/podman.nix
+    ./profiles/podman.nix
-    ../../profiles/router.nix
+    ./profiles/router.nix
-    ../../profiles/traffic-control.nix
+    ./profiles/traffic-control.nix
 
-    ../../services/adguardhome.nix
+    ./services/adguardhome.nix
-    ../../services/admin.nix
+    ./services/admin
-    ../../services/authentik.nix
+    ./services/authentik.nix
-    ../../services/backup.nix
+    ./services/backup.nix
-    ../../services/baikal.nix
+    ./services/baikal.nix
-    ../../services/caddy.nix
+    ./services/caddy.nix
-    ../../services/cryptpad.nix
+    ./services/cryptpad.nix
-    ../../services/ddclient.nix
+    ./services/ddclient.nix
-    ../../services/dnsmasq.nix
+    ./services/dnsmasq.nix
-    ../../services/frigate-podman.nix
+    ./services/frigate-podman.nix
-    ../../services/gitea.nix
+    ./services/gitea.nix
-    ../../services/home-assistant
+    ./services/home-assistant
-    ../../services/headscale.nix
+    ./services/headscale.nix
-    ../../services/headscale-ui.nix
+    ./services/headscale-ui.nix
-    ../../services/immich.nix
+    ./services/immich.nix
-    ../../services/jellyfin.nix
+    ./services/jellyfin.nix
-    ../../services/landing-page.nix
+    ./services/landing-page
-    ../../services/linkwarden.nix
+    ./services/linkwarden.nix
-    ../../services/matrix.nix
+    ./services/matrix.nix
-    ../../services/mqtt.nix
+    ./services/mqtt.nix
-    ../../services/nextcloud.nix
+    ./services/nextcloud.nix
-    ../../services/postgres.nix
+    ./services/postgres.nix
-    ../../services/radicale.nix
+    ./services/radicale.nix
-    ../../services/unbound.nix
+    ./services/unbound.nix
-    ../../services/unifi.nix
+    ./services/unifi.nix
-    ../../services/vaultwarden.nix
+    ./services/vaultwarden.nix
   ];
 
   # --------------------------------------------------------------------------------------
@@ -55,12 +55,6 @@
     };
   };
 
-  # --------------------------------------------------------------------------------------
-  # File system
-  # --------------------------------------------------------------------------------------
-
-  # @TODO: Setup luks or some disk encryption (ZFS?)
-
   # --------------------------------------------------------------------------------------
   # Network
   # --------------------------------------------------------------------------------------

default.nix

@@ -12,6 +12,6 @@
     homefree-inputs.sops-nix.nixosModules.sops
     ./modules/ddclient-multi.nix
     ./module.nix
-    ./hosts/homefree/configuration.nix
+    ./configuration.nix
   ];
 }

scripts/generate-server-pgp-key.sh

@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-
-ssh-keygen -R "[localhost]:2223"
-ssh -o StrictHostKeychecking=no -p 2223 homefree@localhost "sudo cat /etc/ssh/ssh_host_rsa_key" | nix-shell -p ssh-to-pgp --run "ssh-to-pgp -o homefree-server.asc"

scripts/generate-user-pgp-key.sh

@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-
-# Adds to ~/.gnupg/pubring.kbx
-# List with: gpg -k
-nix-shell -p gnupg -p ssh-to-pgp --run "ssh-to-pgp -private-key -i $HOME/.ssh/id_rsa | gpg --import --quiet"
-# Exports public key from private key
-# nix-shell -p ssh-to-pgp --run "ssh-to-pgp -i $HOME/.ssh/id_rsa -o $USER.asc"

scripts/tune_router_performance.sh

@@ -1,40 +0,0 @@
-#! /usr/bin/env sh
-
-# SMP - Symmetric MultiProcessing
-# RPS - Receive Packet Steering
-
-smp1=3
-rps1=2
-smp2=3
-rps2=2
-
-ens3_irq=$(grep ens3 /proc/interrupts | awk '{ print $1+0 }')
-
-# set balancer for enp1s0
-echo ${smp1} > /proc/irq/${ens3_irq}/smp_affinity
-# echo ${smp1} > /proc/irq/37/smp_affinity
-# echo ${smp1} > /proc/irq/38/smp_affinity
-# echo ${smp1} > /proc/irq/39/smp_affinity
-# echo ${smp1} > /proc/irq/40/smp_affinity
-
-# set rps for ens3
-echo ${rps1} > /sys/class/net/ens3/queues/rx-0/rps_cpus
-# echo ${rps1} > /sys/class/net/ens3/queues/rx-1/rps_cpus
-# echo ${rps1} > /sys/class/net/ens3/queues/rx-2/rps_cpus
-# echo ${rps1} > /sys/class/net/ens3/queues/rx-3/rps_cpus
-
-ens5_irq=$(grep ens5 /proc/interrupts | awk '{ print $1+0 }')
-
-# set balancer for enp2s0
-# echo ${smp2} > /proc/irq/${ens5_irq}/smp_affinity
-
-# echo ${smp2} > /proc/irq/43/smp_affinity
-# echo ${smp2} > /proc/irq/44/smp_affinity
-# echo ${smp2} > /proc/irq/45/smp_affinity
-# echo ${smp2} > /proc/irq/46/smp_affinity
-
-# set rps for ens5
-echo ${rps2} > /sys/class/net/ens5/queues/rx-0/rps_cpus
-# echo ${rps2} > /sys/class/net/ens5/queues/rx-1/rps_cpus
-# echo ${rps2} > /sys/class/net/ens5/queues/rx-2/rps_cpus
-# echo ${rps2} > /sys/class/net/ens5/queues/rx-3/rps_cpus

services/admin/default.nix

@@ -1,6 +1,6 @@
 { config, pkgs, ... }:
 let
-  homefree-admin = pkgs.callPackage  ../site/admin { };
+  homefree-admin = pkgs.callPackage  ./site { };
 in
 {
   ## add homefree admin page as a package
@@ -23,4 +23,8 @@ in
       };
     }
   ];
+
+  environment.systemPackages = with pkgs; [
+    deno
+  ];
 }

services/admin/deno.json

@@ -0,0 +1,9 @@
+{
+  "tasks": {
+    "dev": "deno run --allow-net --allow-run --watch main.ts"
+  },
+  "imports": {
+    "hono": "npm:hono@3",
+    "graphql": "npm:graphql"
+  }
+}

services/admin/main.ts

@@ -0,0 +1,48 @@
+import { Hono } from "hono";
+import { handle } from "hono/middleware/graphql";
+import { buildSchema } from "graphql";
+
+// Define GraphQL schema
+const schema = buildSchema(`
+  type CommandResult {
+    output: String
+    error: String
+  }
+
+  type Query {
+    runCommand(command: String!): CommandResult
+  }
+`);
+
+// Create resolver using Deno.Command instead of node's exec
+const resolvers = {
+  runCommand: async ({ command }: { command: string }) => {
+    try {
+      // Split command into program and args
+      const [cmd, ...args] = command.split(" ");
+      const p = new Deno.Command(cmd, {
+        args: args
+      });
+      const { stdout, stderr } = await p.output();
+
+      return {
+        output: new TextDecoder().decode(stdout),
+        error: new TextDecoder().decode(stderr)
+      };
+    } catch (error) {
+      return {
+        output: null,
+        error: error.message
+      };
+    }
+  }
+};
+
+const app = new Hono();
+
+app.use("/graphql", handle({
+  schema,
+  rootValue: resolvers
+}));
+
+Deno.serve(app.fetch);

services/landing-page/default.nix

@@ -1,6 +1,6 @@
 { config, pkgs, ... }:
 let
-  homefree-site = pkgs.callPackage ../site/default-landing-page { };
+  homefree-site = pkgs.callPackage ./site { };
 in
 {
   ## add homefree default site as a package