feat: remove old "freeform" globals and use new structured globals

hosts/sentinel/coturn.nix

@@ -1,5 +1,6 @@
 {
   config,
+  globals,
   lib,
   pkgs,
   ...
@@ -11,7 +12,7 @@
     mkForce
     ;
 
-  hostDomain = config.repo.secrets.global.domains.me;
+  hostDomain = globals.domains.me;
   coturnDomain = "coturn.${hostDomain}";
 in {
   age.secrets.coturn-password-netbird = {

hosts/sentinel/default.nix

@@ -26,7 +26,7 @@
   services.nginx.enable = true;
   services.nginx.recommendedSetup = true;
 
-  services.nginx.virtualHosts.${config.repo.secrets.global.domains.me} = {
+  services.nginx.virtualHosts.${globals.domains.me} = {
     forceSSL = true;
     useACMEWildcardHost = true;
     locations."/".root = pkgs.runCommand "index.html" {} ''

hosts/sentinel/net.nix

@@ -1,12 +1,13 @@
 {
   config,
+  globals,
   lib,
   ...
 }: let
   icfg = config.repo.secrets.local.networking.interfaces.wan;
 in {
   networking.hostId = config.repo.secrets.local.networking.hostId;
-  networking.domain = config.repo.secrets.global.domains.me;
+  networking.domain = globals.domains.me;
 
   globals.monitoring.ping.sentinel = {
     hostv4 = lib.net.cidr.ip icfg.hostCidrv4;

hosts/sentinel/oauth2.nix

@@ -6,8 +6,8 @@
 }: {
   meta.oauth2-proxy = {
     enable = true;
-    cookieDomain = config.repo.secrets.global.domains.me;
-    portalDomain = "oauth2.${config.repo.secrets.global.domains.me}";
+    cookieDomain = globals.domains.me;
+    portalDomain = "oauth2.${globals.domains.me}";
     # TODO portal redirect to dashboard (in case someone clicks on kanidm "Web services")
   };