a lot of shit also baibai home manager, hello hjem

2025-06-10 15:33:02 -04:00 · 2025-01-26 20:11:01 +02:00 · 2025-01-26 20:11:01 +02:00 · 2c8f822b83
commit 2c8f822b83
parent bc82345beb
37 changed files with 1277 additions and 168 deletions
--- a/modules/nixos/remote-modules.nix
+++ b/modules/nixos/remote-modules.nix
@ -1,6 +1,11 @@
 {inputs, ...}: {
  imports = [
-    inputs.home-manager.nixosModules.home-manager
+    # home manager has been a pia to work with and
+    # gives really hard to debug errors so I just
+    # gave up with it so hjem it is
+    # inputs.home-manager.nixosModules.home-manager
+    inputs.hjem.nixosModules.default
+    inputs.hjem-rum.nixosModules.default
    inputs.lix-module.nixosModules.default
  ];
 }
--- a/modules/nixos/services/default.nix
+++ b/modules/nixos/services/default.nix
@ -1,6 +1,6 @@
 {
  imports = [
-    #./hosted
+    ./hosted
    ./system
  ];
 }
--- a/modules/nixos/services/hosted/caddy.nix
+++ b/modules/nixos/services/hosted/caddy.nix
@ -1,6 +1,5 @@
 {
  lib,
-  pkgs,
  config,
  ...
 }: let
--- a/modules/nixos/services/hosted/forgejo.nix
+++ b/modules/nixos/services/hosted/forgejo.nix
@ -1 +1,137 @@
-{}
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}: let
+  inherit (lib.modules) mkIf mkAfter;
+  inherit (lib.services) mkServiceOption;
+  inherit (lib.strings) removePrefix removeSuffix;
+  inherit (lib.secrets) mkSecret;
+
+  rdomain = config.networking.domain;
+  cfg = config.olympus.services.forgejo;
+
+  # stole this from https://github.com/isabelroses/dotfiles/blob/main/modules/nixos/services/selfhosted/forgejo.nix who
+  # stole this from https://git.winston.sh/winston/deployment-flake/src/branch/main/config/services/gitea.nix who
+  # stole it from https://github.com/getchoo
+  theme = pkgs.fetchzip {
+    url = "https://github.com/catppuccin/gitea/releases/download/v1.0.0/catppuccin-gitea.tar.gz";
+    hash = "sha256-UsYJJ1j9erMih4OlFon604g1LvkZI/UiLgMgdvnyvyA=";
+    stripRoot = false;
+  };
+in {
+  options.olympus.services.forgejo = mkServiceOption "forgejo" {
+    port = 3000;
+    domain = "git.${rdomain}";
+  };
+
+  config = mkIf cfg.enable {
+    age.secrets.forgejo-runner-token = mkSecret {
+      file = "forgejo-runner-token";
+      owner = "forgejo";
+      group = "forgejo";
+    };
+
+    olympus.services = {
+      caddy.enable = true;
+    };
+
+    systemd.services = {
+      forgejo = {
+        preStart = let
+          inherit (config.services.forgejo) stateDir;
+        in
+          mkAfter ''
+            rm -rf ${stateDir}/custom/public/assets
+            mkdir -p ${stateDir}/custom/public/assets
+            ln -sf ${theme} ${stateDir}/custom/public/assets/css
+          '';
+      };
+    };
+
+    users = {
+      groups.git = {};
+
+      users.git = {
+        isSystemUser = true;
+        createHome = false;
+        group = "git";
+      };
+    };
+
+    services = {
+      forgejo = {
+        package = pkgs.forgejo;
+        enable = true;
+        lfs.enable = true;
+        settings = {
+          DEFAULT.APP_NAME = "haigit";
+          federation.ENABLED = true;
+          service.DISABLE_REGISTRATION = true;
+          actions = {
+            ENABLED = true;
+          };
+          server = {
+            ROOT_URL = "https://${cfg.domain}";
+            DOMAIN = "${cfg.domain}";
+
+            SSH_PORT = 22;
+            SSH_LISTEN_PORT = 22;
+            BUILTIN_SSH_SERVER_USER = "git";
+          };
+
+          ui = {
+            DEFAULT_THEME = "catppuccin-mocha-pink";
+            THEMES = builtins.concatStringsSep "," (
+              ["auto,forgejo-auto,forgejo-dark,forgejo-light,arc-gree,gitea"]
+              ++ (map (name: removePrefix "theme-" (removeSuffix ".css" name)) (
+                # IFD, https://github.com/catppuccin/nix/pull/179
+                builtins.attrNames (builtins.readDir theme)
+              ))
+            );
+          };
+
+          "ui.meta" = {
+            AUTHOR = "Elissa";
+            DESCRIPTION = "My own selfhosted git place for random stuff :3";
+          };
+
+          session = {
+            COOKIE_SECURE = true;
+            # Sessions last for a month
+            SESSION_LIFE_TIME = 86400 * 30;
+          };
+        };
+      };
+
+      gitea-actions-runner = {
+        package = pkgs.forgejo-actions-runner;
+        instances.default = {
+          enable = true;
+          name = "Theia";
+          url = cfg.domain;
+          # token = "KQA3LtLj5s5PGUfVAxVJ2OCcnySDWdgjlsSaGbOJ";
+          tokenFile = config.age.secrets.forgejo-runner-token.path;
+          labels = [
+            "ubuntu-latest:docker://node:22-bookworm"
+          ];
+        };
+      };
+
+      caddy.virtualHosts.${cfg.domain} = {
+        extraConfig = ''
+          reverse_proxy localhost:3000
+        '';
+      };
+    };
+    # for forgejo runner
+    virtualisation.docker = {
+      enable = true;
+      rootless = {
+        enable = true;
+        setSocketVariable = true;
+      };
+    };
+  };
+}