forgejo -> gitea, general documentation changes, build hack

default.nix

@@ -12,6 +12,12 @@ in {
     ++ (mapModulesRec' (toString ./modules) import);
 
   nix = {
+    package = pkgs.nix;
+
+    # flake registry and nix path pinning
+    nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
+    registry.nixpkgs.flake = inputs.nixpkgs;
+  
   	settings = {
       experimental-features = [ "nix-command" "flakes" ];
       auto-optimise-store = true;
@@ -26,18 +32,20 @@ in {
   	};
   };
 
+  time.timeZone = mkDefault "America/Los_Angeles";
+  
+  i18n.defaultLocale = mkDefault "en_US.UTF-8";
+
+  hardware.enableRedistributableFirmware = true;
+
   environment.systemPackages = with pkgs; [
     unrar unzip
+    micro
     curl wget
-    # nixos-rebuild w/ flakes does not work without git
+    # im pretty sure removing this breaks nixos-rebuild
-    # do not remove this
+    # have fun
-    # nix is awesome
     git
   ];
 
-  time.timeZone = mkDefault "America/Los_Angeles";
-
-  i18n.defaultLocale = mkDefault "en_US.UTF-8";
-
   system.stateVersion = mkDefault "23.11";
 }

flake.lock

@@ -7,11 +7,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1705535278,
+        "lastModified": 1709485962,
-        "narHash": "sha256-V5+XKfNbiY0bLKLQlH+AXyhHttEL7XcZBH9iSbxxexA=",
+        "narHash": "sha256-rmFB4uE10+LJbcVE4ePgiuHOBlUIjQOeZt4VQVJTU8M=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "b84191db127c16a92cbdf7f7b9969d58bb456699",
+        "rev": "d579633ff9915a8f4058d5c439281097e92380a8",
         "type": "github"
       },
       "original": {
@@ -22,11 +22,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1705496572,
+        "lastModified": 1709237383,
-        "narHash": "sha256-rPIe9G5EBLXdBdn9ilGc0nq082lzQd0xGGe092R/5QE=",
+        "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "842d9d80cfd4560648c785f8a4e6f3b096790e19",
+        "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8",
         "type": "github"
       },
       "original": {

hosts/server/default.nix

@@ -10,6 +10,10 @@ in {
 
   users.groups.dotfiles = {};
 
+  # HACK HACK HACK
+  services.logrotate.checkConfig = false;
+  # HACK HACK HACK
+
   normalUsers = {
     reidlab = {
       conf = {
@@ -48,7 +52,7 @@ in {
       mosh.enable = true;
     };
 
-    security.useDoas = true;
+    security.useDoas = false;
   };
 
   networking = {

hosts/server/hardware-configuration.nix

@@ -9,12 +9,11 @@
   boot = {
     initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" ];
 	initrd.kernelModules = [ ];
-    kernelPackages = pkgs.linuxPackages_hardened;
+    kernelPackages = pkgs.linuxPackages_latest;
 	kernelModules = [ ];
     loader = {
-      # zigglebop 👽
+      # use u-boot over grub
       grub.enable = lib.mkForce false;
-
       generic-extlinux-compatible.enable = true;
     };
   };

modules/services/forgejo.nix

@@ -20,24 +20,18 @@ in {
       type = types.int;
       default = 3000;
     };
-    package = mkOption {
-      type = types.package;
-      default = pkgs.forgejo;
-    };
   };
 
   config = mkIf cfg.enable {
     services = {
-      gitea = {
+      forgejo = {
         enable = true;
-        package = cfg.package;
         stateDir = "/var/lib/${cfg.domain}";
-        appName = "reidlab's git instance";
+        database.type = "postgres";
-        database = {
-          type = "postgres";
-          name = "gitea";
-        };
         settings = {
+          "DEFAULT" = {
+          	APP_NAME = "reidlab's git instance";
+          };
           "security" = {
             INSTALL_LOCK = true;
             PASSWORD_HASH_ALGO = "argon2";
@@ -90,11 +84,11 @@ in {
       };
     };
 
-    systemd.services.gitea = {
+    systemd.services.forgejo = {
       preStart = mkAfter ''
-        rm -rf ${config.services.gitea.customDir}/public/assets
+        rm -rf ${config.services.forgejo.customDir}/public/assets
-        mkdir -p ${config.services.gitea.customDir}/public/assets
+        mkdir -p ${config.services.forgejo.customDir}/public/assets
-        ln -sf ${theme} ${config.services.gitea.customDir}/public/assets/css
+        ln -sf ${theme} ${config.services.forgejo.customDir}/public/assets/css
       '';
     };
   };

readme.md

@@ -1,16 +1,18 @@
 # flake-o-rama
 
-nix flake dotfilez!! this is used on personal server
+nix flake config! this is just used on my personal server at the moment
+
+please do not use this as a learning resource for nix as i have essentially zero clue what i'm doing
 
 ## users
 
-this flake is built for a multi-user experience per host, enforced my `modules/user.nix`, and found in the `default.nix` file for each host.
+this flake is built for a multi-user experience per host, enforced by `modules/user.nix`, and found in the `default.nix` file for each host.
 
 as this is a multi-user setup, the `dotfiles` group will be used for read and write access to the flake
 
 ## development
 
-to build the system, run `sudo nixos-rebuild switch --flake ".#server"`
+to build the system, run `sudo nixos-rebuild switch --flake .#server`
 
 please periodically run `nix flake update` to make sure we arent slacking on package versions
 
@@ -18,7 +20,8 @@ before committing, please run `nix flake check` and make sure everything is ok
 
 ## todo
 
-- remove the lua static stuff from nginx + the cf ip
+- remove the lua static stuff from nginx + maybe cloudflare ips too
 - per-host architecture selection, atm it is hardcoded to `aarch64`
-- some weird perl error abt locales when building??? it only happened after the big lib update. help me
+- some weird perl error abt locales when building using doas - `keepEnv` might fix this
 - leverage nixos-hardware
+- somehow add desktop evironments and per-user dotfiles while keeping a multi-user setup