fix: resolve conflicting module options

Apparently you aren't allowed to define the same option in multiple
modules, even if the definitions are identical.

aether/config.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, aether, ... }:
+{ config, lib, pkgs, aether, forgejo-tokyo-night, ... }:
 {
   networking.hostName = "toki-aether";
   time.timeZone = "America/New_York";
@@ -30,6 +30,7 @@
   aether.domain = "tokinanpa.dev";
   aether.acmeEmail = "kiana.a.sheibani@gmail.com";
 
+  aether.forgejo.theme = "${forgejo-tokyo-night}/public/assets";
   aether.forgejo.templates = ./forgejo-templates;
   services.forgejo.settings = {
     DEFAULT.APP_NAME = "Code by toki!";
@@ -50,7 +51,8 @@
     };
 
     ui = {
-      DEFAULT_THEME = "forgejo-dark";
+      DEFAULT_THEME = "forgejo-tokyo-night";
+      THEMES = "forgejo-tokyo-night";
       GRAPH_MAX_COMMIT_NUM = 250;
     };
     "ui.meta" = {

deploy/rpi5/default.nix

@@ -1,9 +1,11 @@
 { config, lib, ... }:
 {
   options.aether.deploy.rpi5 = {
-    kernelPackages = lib.mkOption {
+    _internal.kernelPackages = lib.mkOption {
       type = lib.types.raw;
-      description = "Kernel package to use for Raspberry Pi 5 support";
+      description = ''
+        Kernel package to use for Raspberry Pi 5 support.
+      '';
     };
   };
 
@@ -11,7 +13,7 @@
     let cfg = config.aether.deploy.rpi5;
     in {
       nixpkgs.system = "aarch64-linux";
-      boot.kernelPackages = cfg.kernelPackages;
+      boot.kernelPackages = cfg._internal.kernelPackages;
       boot.loader.systemd-boot.enable = true;
       boot.loader.efi.canTouchEfiVariables = false;
     };

flake.lock

@@ -37,6 +37,20 @@
         "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
       }
     },
+    "forgejo-tokyo-night": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1736496165,
+        "narHash": "sha256-WVVAK1pnyu7s7Wsh/FO7DQrU6FDbmgMfXeqAOBwGC50=",
+        "rev": "dcb107d2015eed36c74c9efddc97f0327b6c2bea",
+        "type": "tarball",
+        "url": "https://git.tokinanpa.dev/api/v1/repos/toki/forgejo-tokyo-night/archive/dcb107d2015eed36c74c9efddc97f0327b6c2bea.tar.gz"
+      },
+      "original": {
+        "type": "tarball",
+        "url": "https://git.tokinanpa.dev/toki/forgejo-tokyo-night/archive/main.tar.gz"
+      }
+    },
     "home-manager": {
       "inputs": {
         "nixpkgs": [
@@ -60,11 +74,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1729413321,
+        "lastModified": 1736344531,
-        "narHash": "sha256-I4tuhRpZFa6Fu6dcH9Dlo5LlH17peT79vx1y1SpeKt0=",
+        "narHash": "sha256-8YVQ9ZbSfuUk2bUf2KRj60NRraLPKPS0Q4QFTbc+c2c=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "1997e4aa514312c1af7e2bda7fad1644e778ff26",
+        "rev": "bffc22eb12172e6db3c5dde9e3e5628f8e3e7912",
         "type": "github"
       },
       "original": {
@@ -77,6 +91,7 @@
     "root": {
       "inputs": {
         "agenix": "agenix",
+        "forgejo-tokyo-night": "forgejo-tokyo-night",
         "nixpkgs": "nixpkgs",
         "rpi5-kernel": "rpi5-kernel"
       }

flake.nix

@@ -10,34 +10,59 @@ inputs = {
   agenix.url = "github:ryantm/agenix";
   agenix.inputs.nixpkgs.follows = "nixpkgs";
   agenix.inputs.darwin.follows = "";
+
+  forgejo-tokyo-night.url = "https://git.tokinanpa.dev/toki/forgejo-tokyo-night/archive/main.tar.gz";
+  forgejo-tokyo-night.flake = false;
 };
 
 outputs = inputs@{ self, nixpkgs, agenix, rpi5-kernel, ... }:
   let
     inherit (nixpkgs) lib;
 
+    # Extra config applied to each module
+    # (Mostly used for injecting flake inputs)
+    extraConfig = {
+      deploy-rpi5 = {
+        aether.deploy.rpi5._internal.kernelPackages = lib.mkDefault
+          rpi5-kernel.legacyPackages.aarch64-linux.linuxPackages_rpi5;
+      };
+    };
+
     moduleNames =
       let sub = builtins.readDir ./modules;
       in builtins.filter
         (d: sub.${d} == "directory")
         (builtins.attrNames sub);
 
-    modules = lib.genAttrs moduleNames (name: ./modules/${name});
+    deployNames =
+      let sub = builtins.readDir ./deploy;
+      in builtins.map (d: "deploy-${d}")
+        (builtins.filter
+          (d: sub.${d} == "directory")
+          (builtins.attrNames sub));
+
+    modules = lib.genAttrs moduleNames
+      (name: ./modules/${name});
+    deployments = lib.genAttrs deployNames
+      (name: ./deploy/${lib.removePrefix "deploy-" name});
+
+    modulesWithCfg = builtins.mapAttrs (k: v: {
+      imports = [ v ];
+    } // extraConfig.${k} or {}) modules;
+    deploymentsWithCfg = builtins.mapAttrs (k: v: {
+      imports = [ v ];
+    } // extraConfig.${k} or {}) deployments;
   in {
     nixosModules =
-      modules
+      modulesWithCfg // deploymentsWithCfg // {
-      // {
+        all.imports = lib.attrValues modulesWithCfg;
-        all.imports = lib.attrValues modules;
-        deploy-rpi5 = { lib, ... }: {
-          imports = [ ./deploy/rpi5 ];
-          aether.deploy.rpi5.kernelPackages = lib.mkDefault
-            rpi5-kernel.legacyPackages.aarch64-linux.linuxPackages_rpi5;
-        };
       };
 
     nixosConfigurations."toki-aether" =
       nixpkgs.lib.nixosSystem {
-        specialArgs.aether = self.nixosModules;
+        specialArgs = inputs // {
+          aether = self.nixosModules;
+        };
         modules = [
           agenix.nixosModules.default
           ./aether/hardware-configuration.nix

modules/forgejo/default.nix

@@ -21,7 +21,7 @@ in {
   };
 
   security.acme.acceptTerms = config.aether.https;
-  security.acme.defaults.email = cfg.acmeEmail;
+  security.acme.defaults.email = config.aether.acmeEmail;
 
   networking.firewall.allowedTCPPorts = [ 80 443 ];
 
@@ -31,7 +31,9 @@ in {
     enable = true;
     user = cfg.user;
     group = forgejo.user;
+    database.name = forgejo.user;
     database.user = forgejo.user;
+    database.type = "postgres";
 
     settings.server = {
       DOMAIN = lib.optionalString useSubdomain "${cfg.subdomain}."
@@ -41,17 +43,20 @@ in {
   };
 
   systemd.tmpfiles.rules =
-    lib.optional (!(builtins.isNull cfg.themes))
+    lib.optional (!(builtins.isNull cfg.theme))
       "L+ ${forgejo.stateDir}/custom/public/assets - - - - ${cfg.theme}"
     ++ lib.optional (!(builtins.isNull cfg.templates))
       "L+ ${forgejo.stateDir}/custom/templates - - - - ${cfg.templates}";
-}
+
-// lib.mkIf cfg.createUser {
+  users.users = lib.mkIf (cfg.createUser && forgejo.user != "forgejo") {
-  users.users.${forgejo.user} = {
+    ${forgejo.user} = {
-    home = forgejo.stateDir;
+      home = forgejo.stateDir;
-    useDefaultShell = true;
+      useDefaultShell = true;
-    group = forgejo.group;
+      group = forgejo.group;
-    isSystemUser = true;
+      isSystemUser = true;
+    };
+  };
+  users.groups = lib.mkIf (cfg.createUser && forgejo.group != "forgejo") {
+    ${forgejo.group} = {};
   };
-  users.groups.${forgejo.group} = {};
 }

modules/forgejo/options.nix

@@ -1,13 +1,8 @@
 args@{ config, lib, ... }:
 {
-  options.aether = {
+  imports = [ ../options.nix ];
-    # Referenced general options
-    inherit (import ../options.nix args)
-      domain
-      https
-      acmeEmail;
 
-    # Module-specific options
+  options.aether = {
     forgejo = {
       subdomain = lib.mkOption {
         type = lib.types.nullOr lib.types.str;

modules/options.nix

@@ -1,19 +1,21 @@
 { lib, ... }:
 {
-  domain = lib.mkOption {
+  options.aether = {
-    type = lib.types.str;
+    domain = lib.mkOption {
-    description = "The domain name the server is hosted on.";
+      type = lib.types.str;
-  };
+      description = "The domain name the server is hosted on.";
+    };
 
-  https = lib.mkOption {
+    https = lib.mkOption {
-    type = lib.types.boolByOr;
+      type = lib.types.boolByOr;
-    default = true;
+      default = true;
-    description = "Whether to force HTTPS connections for websites.";
+      description = "Whether to force HTTPS connections for websites.";
-  };
+    };
 
-  acmeEmail = lib.mkOption {
+    acmeEmail = lib.mkOption {
-    type = lib.types.nullOr lib.types.str;
+      type = lib.types.nullOr lib.types.str;
-    default = null;
+      default = null;
-    description = "Email address for ACME.";
+      description = "Email address for ACME.";
+    };
   };
 }