reidlab/nix-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

forgejo -> gitea, general documentation changes, build hack

Browse source
This commit is contained in:
Reid 2024-03-03 22:20:06 -08:00
parent 106c5c3ad7
commit c9be231c9f
5 changed files with 27 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

6
flake.lock generated
View file

@ -7,11 +7,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1709445365, "lastModified": 1709485962,
"narHash": "sha256-DVv6nd9FQBbMWbOmhq0KVqmlc3y3FMSYl49UXmMcO+0=", "narHash": "sha256-rmFB4uE10+LJbcVE4ePgiuHOBlUIjQOeZt4VQVJTU8M=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "4de84265d7ec7634a69ba75028696d74de9a44a7", "rev": "d579633ff9915a8f4058d5c439281097e92380a8",
"type": "github" "type": "github"
}, },
"original": { "original": {

6
hosts/server/default.nix
View file

@ -10,6 +10,10 @@ in {
users.groups.dotfiles = {}; users.groups.dotfiles = {};
# HACK HACK HACK
services.logrotate.checkConfig = false;
# HACK HACK HACK
normalUsers = { normalUsers = {
reidlab = { reidlab = {
conf = { conf = {
@ -48,7 +52,7 @@ in {
mosh.enable = true; mosh.enable = true;
}; };
security.useDoas = true; security.useDoas = false;
}; };
networking = { networking = {

5
hosts/server/hardware-configuration.nix
View file

@ -9,12 +9,11 @@
boot = { boot = {
initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" ]; initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" ];
initrd.kernelModules = [ ]; initrd.kernelModules = [ ];
kernelPackages = pkgs.linuxPackages_hardened; kernelPackages = pkgs.linuxPackages_latest;
kernelModules = [ ]; kernelModules = [ ];
loader = { loader = {
# zigglebop 👽 # use u-boot over grub
grub.enable = lib.mkForce false; grub.enable = lib.mkForce false;
generic-extlinux-compatible.enable = true; generic-extlinux-compatible.enable = true;
}; };
}; };

24
modules/services/forgejo.nix
View file

@ -20,24 +20,18 @@ in {
type = types.int; type = types.int;
default = 3000; default = 3000;
}; };
package = mkOption {
type = types.package;
default = pkgs.forgejo;
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services = { services = {
gitea = { forgejo = {
enable = true; enable = true;
package = cfg.package;
stateDir = "/var/lib/${cfg.domain}"; stateDir = "/var/lib/${cfg.domain}";
appName = "reidlab's git instance"; database.type = "postgres";
database = {
type = "postgres";
name = "gitea";
};
settings = { settings = {
"DEFAULT" = {
APP_NAME = "reidlab's git instance";
};
"security" = { "security" = {
INSTALL_LOCK = true; INSTALL_LOCK = true;
PASSWORD_HASH_ALGO = "argon2"; PASSWORD_HASH_ALGO = "argon2";
@ -90,11 +84,11 @@ in {
}; };
}; };
systemd.services.gitea = { systemd.services.forgejo = {
preStart = mkAfter '' preStart = mkAfter ''
rm -rf ${config.services.gitea.customDir}/public/assets rm -rf ${config.services.forgejo.customDir}/public/assets
mkdir -p ${config.services.gitea.customDir}/public/assets mkdir -p ${config.services.forgejo.customDir}/public/assets
ln -sf ${theme} ${config.services.gitea.customDir}/public/assets/css ln -sf ${theme} ${config.services.forgejo.customDir}/public/assets/css
''; '';
}; };
}; };

14
readme.md
View file

@ -1,16 +1,18 @@
# flake-o-rama # flake-o-rama
nix flake dotfilez!! this is used on personal server nix flake config! this is just used on my personal server at the moment
please do not use this as a learning resource for nix as i have essentially zero clue what i'm doing
## users ## users
this flake is built for a multi-user experience per host, enforced my `modules/user.nix`, and found in the `default.nix` file for each host. this flake is built for a multi-user experience per host, enforced by `modules/user.nix`, and found in the `default.nix` file for each host.
as this is a multi-user setup, the `dotfiles` group will be used for read and write access to the flake as this is a multi-user setup, the `dotfiles` group will be used for read and write access to the flake
## development ## development
to build the system, run `sudo nixos-rebuild switch --flake ".#server"` to build the system, run `sudo nixos-rebuild switch --flake .#server`
please periodically run `nix flake update` to make sure we arent slacking on package versions please periodically run `nix flake update` to make sure we arent slacking on package versions
@ -18,8 +20,8 @@ before committing, please run `nix flake check` and make sure everything is ok
## todo ## todo
- remove the lua static stuff from nginx + the cf ip - remove the lua static stuff from nginx + maybe cloudflare ips too
- per-host architecture selection, atm it is hardcoded to `aarch64` - per-host architecture selection, atm it is hardcoded to `aarch64`
- some weird perl error abt locales when building - `keepEnv` in `doas` might fix this - some weird perl error abt locales when building using doas - `keepEnv` might fix this
- leverage nixos-hardware - leverage nixos-hardware
- even tho no one else uses these systems, i still want to keep this mutli user layout we have, this is gonna be pretty hard once we start bringing in desktop environments. we should find a compromise sometime. this could be another flake entirely now that i think about it. - somehow add desktop evironments and per-user dotfiles while keeping a multi-user setup