diff --git a/aether/config.nix b/aether/config.nix index 95b8319..bc9b490 100644 --- a/aether/config.nix +++ b/aether/config.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, aether, ... }: +{ config, lib, pkgs, aether, forgejo-tokyo-night, ... }: { networking.hostName = "toki-aether"; time.timeZone = "America/New_York"; @@ -30,6 +30,7 @@ aether.domain = "tokinanpa.dev"; aether.acmeEmail = "kiana.a.sheibani@gmail.com"; + aether.forgejo.theme = "${forgejo-tokyo-night}/public/assets"; aether.forgejo.templates = ./forgejo-templates; services.forgejo.settings = { DEFAULT.APP_NAME = "Code by toki!"; @@ -50,7 +51,8 @@ }; ui = { - DEFAULT_THEME = "forgejo-dark"; + DEFAULT_THEME = "forgejo-tokyo-night"; + THEMES = "forgejo-tokyo-night"; GRAPH_MAX_COMMIT_NUM = 250; }; "ui.meta" = { diff --git a/deploy/rpi5/default.nix b/deploy/rpi5/default.nix index 96b78fe..8a3cfbf 100644 --- a/deploy/rpi5/default.nix +++ b/deploy/rpi5/default.nix @@ -1,9 +1,11 @@ { config, lib, ... }: { options.aether.deploy.rpi5 = { - kernelPackages = lib.mkOption { + _internal.kernelPackages = lib.mkOption { type = lib.types.raw; - description = "Kernel package to use for Raspberry Pi 5 support"; + description = '' + Kernel package to use for Raspberry Pi 5 support. + ''; }; }; @@ -11,7 +13,7 @@ let cfg = config.aether.deploy.rpi5; in { nixpkgs.system = "aarch64-linux"; - boot.kernelPackages = cfg.kernelPackages; + boot.kernelPackages = cfg._internal.kernelPackages; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = false; }; diff --git a/flake.lock b/flake.lock index e8849c6..0e34e11 100644 --- a/flake.lock +++ b/flake.lock @@ -37,6 +37,20 @@ "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" } }, + "forgejo-tokyo-night": { + "flake": false, + "locked": { + "lastModified": 1736496165, + "narHash": "sha256-WVVAK1pnyu7s7Wsh/FO7DQrU6FDbmgMfXeqAOBwGC50=", + "rev": "dcb107d2015eed36c74c9efddc97f0327b6c2bea", + "type": "tarball", + "url": "https://git.tokinanpa.dev/api/v1/repos/toki/forgejo-tokyo-night/archive/dcb107d2015eed36c74c9efddc97f0327b6c2bea.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://git.tokinanpa.dev/toki/forgejo-tokyo-night/archive/main.tar.gz" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -60,11 +74,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1729413321, - "narHash": "sha256-I4tuhRpZFa6Fu6dcH9Dlo5LlH17peT79vx1y1SpeKt0=", + "lastModified": 1736344531, + "narHash": "sha256-8YVQ9ZbSfuUk2bUf2KRj60NRraLPKPS0Q4QFTbc+c2c=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1997e4aa514312c1af7e2bda7fad1644e778ff26", + "rev": "bffc22eb12172e6db3c5dde9e3e5628f8e3e7912", "type": "github" }, "original": { @@ -77,6 +91,7 @@ "root": { "inputs": { "agenix": "agenix", + "forgejo-tokyo-night": "forgejo-tokyo-night", "nixpkgs": "nixpkgs", "rpi5-kernel": "rpi5-kernel" } diff --git a/flake.nix b/flake.nix index 7d6c4cc..bd59b40 100644 --- a/flake.nix +++ b/flake.nix @@ -10,34 +10,59 @@ inputs = { agenix.url = "github:ryantm/agenix"; agenix.inputs.nixpkgs.follows = "nixpkgs"; agenix.inputs.darwin.follows = ""; + + forgejo-tokyo-night.url = "https://git.tokinanpa.dev/toki/forgejo-tokyo-night/archive/main.tar.gz"; + forgejo-tokyo-night.flake = false; }; outputs = inputs@{ self, nixpkgs, agenix, rpi5-kernel, ... }: let inherit (nixpkgs) lib; + # Extra config applied to each module + # (Mostly used for injecting flake inputs) + extraConfig = { + deploy-rpi5 = { + aether.deploy.rpi5._internal.kernelPackages = lib.mkDefault + rpi5-kernel.legacyPackages.aarch64-linux.linuxPackages_rpi5; + }; + }; + moduleNames = let sub = builtins.readDir ./modules; in builtins.filter (d: sub.${d} == "directory") (builtins.attrNames sub); - modules = lib.genAttrs moduleNames (name: ./modules/${name}); + deployNames = + let sub = builtins.readDir ./deploy; + in builtins.map (d: "deploy-${d}") + (builtins.filter + (d: sub.${d} == "directory") + (builtins.attrNames sub)); + + modules = lib.genAttrs moduleNames + (name: ./modules/${name}); + deployments = lib.genAttrs deployNames + (name: ./deploy/${lib.removePrefix "deploy-" name}); + + modulesWithCfg = builtins.mapAttrs (k: v: { + imports = [ v ]; + } // extraConfig.${k} or {}) modules; + deploymentsWithCfg = builtins.mapAttrs (k: v: { + imports = [ v ]; + } // extraConfig.${k} or {}) deployments; in { nixosModules = - modules - // { - all.imports = lib.attrValues modules; - deploy-rpi5 = { lib, ... }: { - imports = [ ./deploy/rpi5 ]; - aether.deploy.rpi5.kernelPackages = lib.mkDefault - rpi5-kernel.legacyPackages.aarch64-linux.linuxPackages_rpi5; - }; + modulesWithCfg // deploymentsWithCfg // { + all.imports = lib.attrValues modulesWithCfg; }; nixosConfigurations."toki-aether" = nixpkgs.lib.nixosSystem { - specialArgs.aether = self.nixosModules; + specialArgs = inputs // { + aether = self.nixosModules; + }; modules = [ agenix.nixosModules.default ./aether/hardware-configuration.nix diff --git a/modules/forgejo/default.nix b/modules/forgejo/default.nix index 89e3709..6808e62 100644 --- a/modules/forgejo/default.nix +++ b/modules/forgejo/default.nix @@ -21,7 +21,7 @@ in { }; security.acme.acceptTerms = config.aether.https; - security.acme.defaults.email = cfg.acmeEmail; + security.acme.defaults.email = config.aether.acmeEmail; networking.firewall.allowedTCPPorts = [ 80 443 ]; @@ -31,7 +31,9 @@ in { enable = true; user = cfg.user; group = forgejo.user; + database.name = forgejo.user; database.user = forgejo.user; + database.type = "postgres"; settings.server = { DOMAIN = lib.optionalString useSubdomain "${cfg.subdomain}." @@ -41,17 +43,20 @@ in { }; systemd.tmpfiles.rules = - lib.optional (!(builtins.isNull cfg.themes)) + lib.optional (!(builtins.isNull cfg.theme)) "L+ ${forgejo.stateDir}/custom/public/assets - - - - ${cfg.theme}" ++ lib.optional (!(builtins.isNull cfg.templates)) "L+ ${forgejo.stateDir}/custom/templates - - - - ${cfg.templates}"; -} -// lib.mkIf cfg.createUser { - users.users.${forgejo.user} = { - home = forgejo.stateDir; - useDefaultShell = true; - group = forgejo.group; - isSystemUser = true; + + users.users = lib.mkIf (cfg.createUser && forgejo.user != "forgejo") { + ${forgejo.user} = { + home = forgejo.stateDir; + useDefaultShell = true; + group = forgejo.group; + isSystemUser = true; + }; + }; + users.groups = lib.mkIf (cfg.createUser && forgejo.group != "forgejo") { + ${forgejo.group} = {}; }; - users.groups.${forgejo.group} = {}; } diff --git a/modules/forgejo/options.nix b/modules/forgejo/options.nix index ca36137..102255d 100644 --- a/modules/forgejo/options.nix +++ b/modules/forgejo/options.nix @@ -1,13 +1,8 @@ args@{ config, lib, ... }: { - options.aether = { - # Referenced general options - inherit (import ../options.nix args) - domain - https - acmeEmail; + imports = [ ../options.nix ]; - # Module-specific options + options.aether = { forgejo = { subdomain = lib.mkOption { type = lib.types.nullOr lib.types.str; diff --git a/modules/options.nix b/modules/options.nix index 5d606d0..a482a52 100644 --- a/modules/options.nix +++ b/modules/options.nix @@ -1,19 +1,21 @@ { lib, ... }: { - domain = lib.mkOption { - type = lib.types.str; - description = "The domain name the server is hosted on."; - }; + options.aether = { + domain = lib.mkOption { + type = lib.types.str; + description = "The domain name the server is hosted on."; + }; - https = lib.mkOption { - type = lib.types.boolByOr; - default = true; - description = "Whether to force HTTPS connections for websites."; - }; + https = lib.mkOption { + type = lib.types.boolByOr; + default = true; + description = "Whether to force HTTPS connections for websites."; + }; - acmeEmail = lib.mkOption { - type = lib.types.nullOr lib.types.str; - default = null; - description = "Email address for ACME."; + acmeEmail = lib.mkOption { + type = lib.types.nullOr lib.types.str; + default = null; + description = "Email address for ACME."; + }; }; }