Merge pull request #335 from NuschtOS/fix-conditions

Fix conditions, better readme, cleanup Synapse Admin

Author: SuperSandro2000

README.md

@@ -3,25 +3,40 @@
 Collection of opinionated, integrated and shared NixOS modules.
 
 This includes features like:
-- Backend independent LDAP/OAuth2 abstraction with service integration
-- Easy Postgres upgrades between major versions and installation of `pg_stat_statements` extension in all databases
-- Easy integration of Matrix Synapse, Element Web and extra Oembed providers
-- Configure extra dependencies in Nextcloud for the Recognize and Memories Apps and properly setup preview generation
-- Restricted nix remote builders which can only execute remote builds
+- Backend independent LDAP/OAuth2 abstraction with service integration (see table below)
 - More opinionated integrations on top of Portunus (Simple LDAP frontend), dex and oauth2-proxy
+- Easy Postgres upgrades between major versions, easy installation of extensions including `pg_stat_statements` and timer for pg_repack
+- Higher level configuration of Blackbox exporter's dnsProbes and httpProbes for Prometheus
+- Easy integration of Matrix Synapse, Element Web, Synapse Admin by etkecc and extra Oembed providers
+- Check if network kernel modules could be missing in initrd and deterministic luks unlock order
+- Extra options for Nginx like a common server/locations block, quic, default 404 server, aws-lc tls library, tcp fast open and more
+- Configure Nextcloud Apps Memories Apps and properly setup efficient preview generation
+- Predone Nginx config for Minio console and object storage (S3)
+- Restricted nix remote builders which can only execute remote builds
 
 and many smaller integrations like:
 
 - git-delta
 - Harmonia Nginx
-- Intel hardware acceleration
 - Mailman PostgreSQL
 - Nginx TCP fast open
+- Mastodon Bird UI patch
+- Hostname check (borrowed from srvos as module)
 - Nix diff system on activation and dry-activation
-- easy configuration of HTTP/HTTPS targets in Prometheus blackbox exporter
 - Vaultwarden Nginx and Postgres
+- Strace color patch
 - ... and much more!
 
+## LDPA & OAuth service support
+
+| Name  | LDAP | OAuth |
+|-------|------|-------|
+| Gitea |  ✅  |  ✅   |
+| Grafana | ❌ |  ✅   |
+| Hedgedoc | ✅ | ❌ |
+| Home-Assistant | ✅ | ❌ |
+| Mastodon | ✅ | ✅ |
+
 ## Usage
 
 Add or merge the following settings to your `flake.nix`:

modules/matrix.nix

@@ -54,14 +54,9 @@ in
       };
 
       synapse-admin = {
-        enable = lib.mkEnableOption "" // { description = "Whether to configure synapse-admin to be served at the matrix servers domain under the /admin path."; };
+        enable = lib.mkEnableOption "" // { description = "Whether to configure Synapse Admin by etkecc to be served at the matrix servers domain under the /admin path."; };
 
-        package = lib.mkPackageOption pkgs "synapse-admin" { } // {
-          # TODO: remove after 25.05
-          default = pkgs.synapse-admin-etkecc or pkgs.synapse-admin;
-          example = "pkgs.synapse-admin-etkecc";
-          extraDescription = "If synapse-admin-etkecc exists, that is the default, otherwise synapse-admin.";
-        };
+        package = lib.mkPackageOption pkgs "synapse-admin-etkecc" { };
       };
 
       recommendedDefaults = libS.mkOpinionatedOption "set recommended and secure default settings";

modules/renovate.nix

@@ -11,7 +11,7 @@ in
   };
 
   config = lib.mkIf cfg.enable {
-    services.renovate.settings = {
+    services.renovate.settings = lib.mkIf cfg.recommendedDefaults {
       cachePrivatePackages = true;
       configMigration = true;
       optimizeForDisabled = true;