Undisable beefcake stuff

nixos/beefcake.nix

@@ -8,9 +8,9 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x01 0x00
 sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
 */
 {
-  # inputs,
+  inputs,
   # outputs,
-  # config,
+  config,
   pkgs,
   ...
 }: let
@@ -22,7 +22,7 @@ in {
       ../modules/nixos/fonts.nix
     ]
     ++ [
-      # inputs.api-lyte-dev.nixosModules.${system}.api-lyte-dev
+      inputs.api-lyte-dev.nixosModules.${system}.api-lyte-dev
       # inputs.nix-minecraft.nixosModules.minecraft-servers
     ];
 
@@ -60,16 +60,16 @@ in {
     secretKeyFile = "/var/cache-priv-key.pem";
   };
 
-  # services.api-lyte-dev = rec {
-  #   enable = true;
-  #   port = 5757;
-  #   stateDir = "/var/lib/api-lyte-dev";
-  #   # configFile = config.sops.secrets."api.lyte.dev".path;
-  #   user = "api-lyte-dev";
-  #   group = user;
-  # };
+  services.api-lyte-dev = rec {
+    enable = true;
+    port = 5757;
+    stateDir = "/var/lib/api-lyte-dev";
+    configFile = config.sops.secrets."api.lyte.dev".path;
+    user = "api-lyte-dev";
+    group = user;
+  };
 
-  # systemd.services.api-lyte-dev.environment.LOG_LEVEL = "debug";
+  systemd.services.api-lyte-dev.environment.LOG_LEVEL = "debug";
 
   sops = {
     defaultSopsFile = ../secrets/beefcake/secrets.yml;
@@ -105,36 +105,36 @@ in {
         # path = "${config.services.api-lyte-dev.stateDir}/secrets.json";
         # TODO: would be cool to assert that it's correctly-formatted JSON? probably should be done in a pre-commit hook?
         mode = "0440";
-        # owner = config.services.api-lyte-dev.user;
-        # group = config.services.api-lyte-dev.group;
+        owner = config.services.api-lyte-dev.user;
+        group = config.services.api-lyte-dev.group;
       };
 
       "jland.env" = {
         path = "/var/lib/jland/jland.env";
         # TODO: would be cool to assert that it's correctly-formatted JSON? probably should be done in a pre-commit hook?
         mode = "0440";
-        # owner = config.users.users.jland.name;
-        # group = config.users.groups.jland.name;
+        owner = config.users.users.jland.name;
+        group = config.users.groups.jland.name;
       };
 
       plausible-admin-password = {
         # TODO: path = "${config.systemd.services.plausible.serviceConfig.WorkingDirectory}/plausible-admin-password.txt";
         path = "/var/lib/plausible/plausible-admin-password";
         mode = "0440";
-        # owner = config.systemd.services.plausible.serviceConfig.User;
-        # group = config.systemd.services.plausible.serviceConfig.Group;
+        owner = config.systemd.services.plausible.serviceConfig.User;
+        group = config.systemd.services.plausible.serviceConfig.Group;
       };
       plausible-secret-key-base = {
         path = "/var/lib/plausible/plausible-secret-key-base";
         mode = "0440";
-        # owner = config.systemd.services.plausible.serviceConfig.User;
-        # group = config.systemd.services.plausible.serviceConfig.Group;
+        owner = config.systemd.services.plausible.serviceConfig.User;
+        group = config.systemd.services.plausible.serviceConfig.Group;
       };
       nextcloud-admin-password = {
         path = "/var/lib/nextcloud/admin-password";
         mode = "0440";
-        # owner = config.services.nextcloud.serviceConfig.User;
-        # group = config.services.nextcloud.serviceConfig.Group;
+        owner = config.services.nextcloud.serviceConfig.User;
+        group = config.services.nextcloud.serviceConfig.Group;
       };
     };
   };
@@ -190,7 +190,7 @@ in {
   users.users.lytedev = {
     # for running my services and applications and stuff
     isNormalUser = true;
-    # openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys;
+    openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys;
     group = "lytedev";
   };
 
@@ -217,8 +217,7 @@ in {
       [
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJbPqzKB09U+i4Kqu136yOjflLZ/J7pYsNulTAd4x903 root@chromebox.h.lyte.dev"
       ]
-      # ++ config.users.users.daniel.openssh.authorizedKeys.keys;
-      ;
+      ++ config.users.users.daniel.openssh.authorizedKeys.keys;
   };
 
   users.users.guest = {
@@ -285,72 +284,72 @@ in {
     # TODO: there are some hardcoded ports here!
     # https://github.com/NixOS/nixpkgs/blob/04af42f3b31dba0ef742d254456dc4c14eedac86/nixos/modules/services/misc/lidarr.nix#L72
     # TODO: customize the files.lyte.dev template?
-    # configFile = pkgs.writeText "Caddyfile" ''
-    #   video.lyte.dev {
-    #     reverse_proxy :8096
-    #   }
+    configFile = pkgs.writeText "Caddyfile" ''
+      video.lyte.dev {
+        reverse_proxy :8096
+      }
 
-    #   dev.h.lyte.dev {
-    #     reverse_proxy :8000
-    #   }
+      dev.h.lyte.dev {
+        reverse_proxy :8000
+      }
 
-    #   # lidarr.h.lyte.dev {
-    #     # reverse_proxy :8686
-    #   # }
+      # lidarr.h.lyte.dev {
+        # reverse_proxy :8686
+      # }
 
-    #   # radarr.h.lyte.dev {
-    #     # reverse_proxy :7878
-    #   # }
+      # radarr.h.lyte.dev {
+        # reverse_proxy :7878
+      # }
 
-    #   # sonarr.h.lyte.dev {
-    #     # reverse_proxy :8989
-    #   # }
+      # sonarr.h.lyte.dev {
+        # reverse_proxy :8989
+      # }
 
-    #   # bazarr.h.lyte.dev {
-    #     # reverse_proxy :$${toString config.services.bazarr.listenPort}
-    #   # }
+      # bazarr.h.lyte.dev {
+        # reverse_proxy :$${toString config.services.bazarr.listenPort}
+      # }
 
-    #   bw.lyte.dev {
-    #     reverse_proxy :${toString config.services.vaultwarden.config.ROCKET_PORT}
-    #   }
+      bw.lyte.dev {
+        reverse_proxy :${toString config.services.vaultwarden.config.ROCKET_PORT}
+      }
 
-    #   api.lyte.dev {
-    #     reverse_proxy :${toString config.services.api-lyte-dev.port}
-    #   }
+      api.lyte.dev {
+        reverse_proxy :${toString config.services.api-lyte-dev.port}
+      }
 
-    #   a.lyte.dev {
-    #     reverse_proxy :${toString config.services.plausible.server.port}
-    #   }
+      a.lyte.dev {
+        reverse_proxy :${toString config.services.plausible.server.port}
+      }
 
-    #   nextcloud.lyte.dev {
-    #     reverse_proxy :${toString 9999}
-    #   }
+      nextcloud.lyte.dev {
+        reverse_proxy :${toString 9999}
+      }
 
-    #   git.lyte.dev {
-    #     reverse_proxy :${toString config.services.gitea.settings.server.HTTP_PORT}
-    #   }
+      git.lyte.dev {
+        reverse_proxy :${toString config.services.gitea.settings.server.HTTP_PORT}
+      }
 
-    #   files.lyte.dev {
-    #     file_server browse {
-    #       # browse template
-    #       # hide .*
-    #       root /storage/files.lyte.dev
-    #     }
-    #   }
+      files.lyte.dev {
+        file_server browse {
+          # browse template
+          # hide .*
+          root /storage/files.lyte.dev
+        }
+      }
 
-    #   nix.h.lyte.dev {
-    #     reverse_proxy :${toString config.services.nix-serve.port}
-    #   }
+      nix.h.lyte.dev {
+        reverse_proxy :${toString config.services.nix-serve.port}
+      }
 
-    #   # proxy everything else to chromebox
-    #   :80 {
-    #     reverse_proxy 10.0.0.5:80
-    #   }
+      # proxy everything else to chromebox
+      :80 {
+        reverse_proxy 10.0.0.5:80
+      }
 
-    #   :443 {
-    #     reverse_proxy 10.0.0.5:443
-    #   }
-    # '';
+      :443 {
+        reverse_proxy 10.0.0.5:443
+      }
+    '';
   };
 
   services.vaultwarden = {
@@ -581,10 +580,10 @@ in {
       hosts deny = 0.0.0.0/0
       guest account = nobody
       map to guest = bad user
+      # load printers = yes
+      # printing = cups
+      # printcap name = cups
     '';
-    # load printers = yes
-    # printing = cups
-    # printcap name = cups
     shares = {
       libre = {
         path = "/storage/libre";