tuxcord/tuxcord.nix
8
2
Fork 1
Code Issues 13 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

treewide: refactor code

Browse Source
This commit is contained in:
Ryan
2026-05-03 18:08:13 -04:00
parent e939c28c9c
commit 0479f0d441
4 changed files with 43 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files
nixos/hosts/tuxcord-ca/default.nix
+1
View File
@@ -11,5 +11,6 @@
dns.enable = true; dns.enable = true;
networking.fqdn = "tuxcord.net"; networking.fqdn = "tuxcord.net";
time.timeZone = "Canada/Eastern"; time.timeZone = "Canada/Eastern";
} }
nixos/hosts/tuxcord-test/default.nix
+1
View File
@@ -1,5 +1,6 @@
{ {
acme.enable = false; acme.enable = false;
dns.enable = true; dns.enable = true;
networking.fqdn = "tuxcord.test"; networking.fqdn = "tuxcord.test";
} }
nixos/modules/dns.nix
+20 -24
View File
@@ -1,4 +1,9 @@
{ config, lib, ... }: {
config,
lib,
self,
...
}:
let let
cfg = config.dns; cfg = config.dns;
@@ -20,24 +25,17 @@ let
subdomain = name: "subdomain ${name}"; subdomain = name: "subdomain ${name}";
zoneDomain = zoneDomain =
if lib.strings.hasSuffix ".key.age" filename then if strings.hasSuffix ".key.age" filename then
lib.strings.removeSuffix ".key.age" filename strings.removeSuffix ".key.age" filename
else else
throw "${filename} is not a `.key.age` file"; throw "${filename} is not a `.key.age` file";
in in
{ {
inherit (config.age.secrets."dns/${filename}") path;
name = zoneDomain; name = zoneDomain;
path = config.age.secrets."dns/${filename}".path;
type = if zoneDomain == fqdn then zonesub else subdomain; type = if zoneDomain == fqdn then zonesub else subdomain;
} }
) agenixKeys; ) agenixKeys;
cfg = config.dns;
inherit (lib)
mkEnableOption
mkOption
mkIf
;
in in
{ {
options.dns = { options.dns = {
@@ -70,19 +68,17 @@ in
extraConfig = builtins.concatStringsSep "\n" (map (key: "include \"${key.path}\";") keys); extraConfig = builtins.concatStringsSep "\n" (map (key: "include \"${key.path}\";") keys);
zones = { zones."${fqdn}" = {
"${fqdn}" = { # grant "tuxcord.net" zonesub ANY;
# grant "tuxcord.net" zonesub ANY; extraConfig = ''
extraConfig = '' update-policy {
update-policy { ${builtins.concatStringsSep "\n" (
${builtins.concatStringsSep "\n" ( map (key: "grant \"${key.name}\" ${key.type key.name} ANY;") keys
map (key: "grant \"${key.name}\" ${key.type key.name} ANY;") keys )}
)} };
}; '';
''; file = "/var/dns/${fqdn}.zone"; # need to put default stuff
file = "/var/dns/${fqdn}.zone"; # need to put default stuff master = true;
master = true;
};
}; };
}; };
nixos/modules/gitea.nix
+21 -13
View File
@@ -1,4 +1,4 @@
{ config, lib, ... }: { config, ... }:
let let
inherit (config.networking) fqdn; inherit (config.networking) fqdn;
@@ -8,25 +8,33 @@ in
services.gitea = { services.gitea = {
enable = true; enable = true;
appName = "Tuxcord's Gitea"; appName = "TuxCord Gitea";
database.type = "mysql"; database.type = "mysql";
lfs.enable = true; lfs.enable = true;
settings.server.DOMAIN = fqdn; settings = {
settings.server.ROOT_URL = "${if isHTTPS then "https" else "http"}://${fqdn}/"; server = {
settings.server.HTTP_PORT = 3000; DOMAIN = fqdn;
ROOT_URL = "${if acmeEnabled then "https" else "http"}://${fqdn}/";
HTTP_PORT = 3000;
};
settings.service.DISABLE_REGISTRATION = true; service = {
settings.service.REQUIRE_SIGNIN_VIEW = false; DISABLE_REGISTRATION = true;
REQUIRE_SIGNIN_VIEW = false;
};
settings.repository.ENABLE_PUSH_CREATE_USER = true; repository = {
settings.repository.ENABLE_PUSH_CREATE_ORG = true; ENABLE_PUSH_CREATE_USER = true;
settings.repository.DEFAULT_BRANCH = "main"; ENABLE_PUSH_CREATE_ORG = true;
DEFAULT_BRANCH = "main";
};
# settings.ui.DEFAULT_THEME = "..."; # ui.DEFAULT_THEME = "...";
# TODO: once we have email setup this would be nice # TODO: once we have email setup this would be nice
settings.mailer.ENABLED = true; mailer.ENABLED = true;
};
}; };
} }