From eec985f739ab98f1d49dbcc8d99ad1c5bb9d93ca Mon Sep 17 00:00:00 2001
From: ErrorNoInternet <errornointernet@envs.net>
Date: Sun, 3 May 2026 18:08:13 -0400
Subject: [PATCH] treewide: refactor code

---
 nixos/hosts/tuxcord-ca/default.nix   |  1 +
 nixos/hosts/tuxcord-test/default.nix |  1 +
 nixos/modules/dns.nix                | 50 +++++++++++++---------------
 nixos/modules/gitea.nix              | 34 +++++++++++--------
 4 files changed, 46 insertions(+), 40 deletions(-)

diff --git a/nixos/hosts/tuxcord-ca/default.nix b/nixos/hosts/tuxcord-ca/default.nix
index a25a2db..6d117da 100644
--- a/nixos/hosts/tuxcord-ca/default.nix
+++ b/nixos/hosts/tuxcord-ca/default.nix
@@ -11,5 +11,6 @@
 
   dns.enable = true;
   networking.fqdn = "tuxcord.net";
+
   time.timeZone = "Canada/Eastern";
 }
diff --git a/nixos/hosts/tuxcord-test/default.nix b/nixos/hosts/tuxcord-test/default.nix
index 41b1be4..7b261cc 100644
--- a/nixos/hosts/tuxcord-test/default.nix
+++ b/nixos/hosts/tuxcord-test/default.nix
@@ -1,5 +1,6 @@
 {
   acme.enable = false;
   dns.enable = true;
+
   networking.fqdn = "tuxcord.test";
 }
diff --git a/nixos/modules/dns.nix b/nixos/modules/dns.nix
index 43c775b..47871d5 100644
--- a/nixos/modules/dns.nix
+++ b/nixos/modules/dns.nix
@@ -1,4 +1,9 @@
-{ config, lib, ... }:
+{
+  config,
+  lib,
+  self,
+  ...
+}:
 let
   cfg = config.dns;
 
@@ -20,24 +25,17 @@ let
       subdomain = name: "subdomain ${name}";
 
       zoneDomain =
-        if lib.strings.hasSuffix ".key.age" filename then
-          lib.strings.removeSuffix ".key.age" filename
+        if strings.hasSuffix ".key.age" filename then
+          strings.removeSuffix ".key.age" filename
         else
           throw "${filename} is not a `.key.age` file";
     in
     {
+      inherit (config.age.secrets."dns/${filename}") path;
       name = zoneDomain;
-      path = config.age.secrets."dns/${filename}".path;
       type = if zoneDomain == fqdn then zonesub else subdomain;
     }
   ) agenixKeys;
-
-  cfg = config.dns;
-  inherit (lib)
-    mkEnableOption
-    mkOption
-    mkIf
-    ;
 in
 {
   options.dns = {
@@ -70,25 +68,20 @@ in
 
       extraConfig = builtins.concatStringsSep "\n" (map (key: "include \"${key.path}\";") keys);
 
-      zones = {
-        "${fqdn}" = {
-          # grant "tuxcord.net" zonesub ANY;
-          extraConfig = ''
-            update-policy {
-              ${builtins.concatStringsSep "\n" (
-                map (key: "grant \"${key.name}\" ${key.type key.name} ANY;") keys
-              )}
-            };
-          '';
-          file = "/var/dns/${fqdn}.zone"; # need to put default stuff
-          master = true;
-        };
+      zones."${fqdn}" = {
+        # grant "tuxcord.net" zonesub ANY;
+        extraConfig = ''
+          update-policy {
+            ${builtins.concatStringsSep "\n" (
+              map (key: "grant \"${key.name}\" ${key.type key.name} ANY;") keys
+            )}
+          };
+        '';
+        file = "/var/dns/${fqdn}.zone"; # need to put default stuff
+        master = true;
       };
     };
 
-    networking.firewall.allowedTCPPorts = [ config.services.bind.listenOnPort ];
-    networking.firewall.allowedUDPPorts = [ config.services.bind.listenOnPort ];
-
     environment.persistence."/persist" = {
       directories = [
         {
@@ -98,5 +91,8 @@ in
         }
       ];
     };
+
+    networking.firewall.allowedTCPPorts = [ config.services.bind.listenOnPort ];
+    networking.firewall.allowedUDPPorts = [ config.services.bind.listenOnPort ];
   };
 }
diff --git a/nixos/modules/gitea.nix b/nixos/modules/gitea.nix
index e1b0452..92e1ef3 100644
--- a/nixos/modules/gitea.nix
+++ b/nixos/modules/gitea.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, ... }:
 let
   inherit (config.networking) fqdn;
 
@@ -8,25 +8,33 @@ in
   services.gitea = {
     enable = true;
 
-    appName = "Tuxcord's Gitea";
+    appName = "TuxCord Gitea";
     database.type = "mysql";
 
     lfs.enable = true;
 
-    settings.server.DOMAIN = fqdn;
-    settings.server.ROOT_URL = "${if isHTTPS then "https" else "http"}://${fqdn}/";
-    settings.server.HTTP_PORT = 3000;
+    settings = {
+      server = {
+        DOMAIN = fqdn;
+        ROOT_URL = "${if acmeEnabled then "https" else "http"}://${fqdn}/";
+        HTTP_PORT = 3000;
+      };
 
-    settings.service.DISABLE_REGISTRATION = true;
-    settings.service.REQUIRE_SIGNIN_VIEW = false;
+      service = {
+        DISABLE_REGISTRATION = true;
+        REQUIRE_SIGNIN_VIEW = false;
+      };
 
-    settings.repository.ENABLE_PUSH_CREATE_USER = true;
-    settings.repository.ENABLE_PUSH_CREATE_ORG = true;
-    settings.repository.DEFAULT_BRANCH = "main";
+      repository = {
+        ENABLE_PUSH_CREATE_USER = true;
+        ENABLE_PUSH_CREATE_ORG = true;
+        DEFAULT_BRANCH = "main";
+      };
 
-    # settings.ui.DEFAULT_THEME = "...";
+      # ui.DEFAULT_THEME = "...";
 
-    # TODO: once we have email setup this would be nice
-    settings.mailer.ENABLED = true;
+      # TODO: once we have email setup this would be nice
+      mailer.ENABLED = true;
+    };
   };
 }