feat: Disabled website and enabled cgitHEADmaster

5 files changed, 248 insertions, 36 deletions

diff --git a/modules/cgit.nix b/modules/cgit.nix
new file mode 100644
index 0000000..1e62631
--- /dev/null
+++ b/modules/cgit.nix
@@ -0,0 +1,137 @@
+{ pkgs, lib, config, ... }:
+let
+    cfg = config.teh-nix.services.cgit;
+    cgitrc = pkgs.writeText "cgitrc" ''
+css=/static/cgit.css
+logo=/static/cgit.png
+favicon=/static/favicon.ico
+repository-sort=age
+
+root-title=${cfg.title}
+root-desc=${cfg.description}
+
+enable-blame=1
+enable-commit-graph=1
+enable-log-filecount=1
+enable-log-linecount=1
+enable-index-links=1
+
+snapshots=tar.gz zip
+enable-http-clone=1
+clone-prefix=https://${cfg.domain}
+
+readme=:README
+readme=:readme
+readme=:readme.txt
+readme=:README.txt
+readme=:readme.md
+readme=:README.md
+
+${cfg.extraConfig}
+
+about-filter=${cfg.package}/lib/cgit/filters/about-formatting.sh
+source-filter=${cfg.package}/lib/cgit/filters/syntax-highlighting.py
+
+enable-git-config=1
+scan-path=${cfg.directory}
+'';
+in
+{
+    options.teh-nix.services.cgit = with lib;{
+        enable = mkEnableOption "Enable cgit";
+        user = mkOption {
+            type = types.str;
+            default = "cgit";
+            description = "Username for the user that will run cgit";
+        };
+        authorizedKeys = lib.mkOption {
+            type = types.listOf types.str;
+            default = [ ];
+            description = "List of ssh keys for the cgit user (cgit user should own all repos)";
+        };
+        authorizedUsers = lib.mkOption {
+            type = types.listOf types.str;
+            default = [ ];
+            description = "List of users that should have access to the cgit directory";
+        };
+        directory = mkOption {
+            type = types.str;
+            default = "/srv/cgit/repos";
+            description = "Directory for cgit (cgit user's home directory";
+        };
+        description = mkOption {
+            type = types.str;
+            default = "Cgit instance hosted with nixos";
+            description = "Description of the cgit website";
+        };
+        title = mkOption {
+            type = types.str;
+            default = "Cgit + Nix";
+            description = "Title of the cgit website";
+        };
+        domain = mkOption {
+            type = types.str;
+            default = "git.example.com";
+            description = "Domain to host it on";
+        };
+        package = mkPackageOption pkgs "cgit" { };
+        extraConfig = mkOption {
+            type = types.str;
+            default = "";
+            description = "Extra config to be appended to cgitrc";
+        };
+    };
+
+    config = lib.mkIf cfg.enable {
+        environment.systemPackages = [ pkgs.git cfg.package ];
+        users = {
+            groups.${cfg.user} = {
+                members = cfg.authorizedUsers;
+            };
+            users.${cfg.user} = {
+                createHome = true;
+                homeMode = "770";
+                home = cfg.directory;
+                isSystemUser = true;
+                shell = "${pkgs.git}/bin/git-shell";
+                openssh.authorizedKeys.keys = cfg.authorizedKeys;
+                group = cfg.user;
+            };
+        };
+
+
+        services.fcgiwrap.instances.cgit = {
+            socket = {
+                user = cfg.user;
+                group = "nginx";
+                type = "unix";
+                mode = "0660";
+            };
+            process = {
+                user = cfg.user;
+                group = cfg.user;
+            };
+        };
+        
+        services.nginx.enable = true;
+        services.nginx.virtualHosts.${cfg.domain} = {
+            locations."~* ^/static/(.+.(ico|css|png))$" = {
+                extraConfig = ''
+alias ${cfg.package}/cgit/$1;
+'';
+            };
+            locations."/" = {
+                extraConfig = ''
+include ${pkgs.nginx}/conf/fastcgi_params;
+fastcgi_param CGIT_CONFIG ${cgitrc};
+fastcgi_param SCRIPT_FILENAME ${cfg.package}/cgit/cgit.cgi;
+fastcgi_split_path_info ^(/?)(.+)$;
+fastcgi_param PATH_INFO $fastcgi_path_info;
+fastcgi_param QUERY_STRING $args;
+fastcgi_param HTTP_HOST $server_name;
+fastcgi_pass unix:${config.services.fcgiwrap.instances.cgit.socket.address};
+        '';
+            };
+        };
+    };
+}
diff --git a/modules/default.nix b/modules/default.nix
new file mode 100644
index 0000000..c523ae9
--- /dev/null
+++ b/modules/default.nix
@@ -0,0 +1,6 @@
+{ lib, ... }:
+{
+    imports = lib.filter 
+        (n: (lib.strings.hasSuffix ".nix" n) && !(lib.strings.hasSuffix "default.nix" n))
+        (lib.filesystem.listFilesRecursive ./.);
+}
diff --git a/modules/nix.nix b/modules/nix.nix
index 2c4ef83..de1281a 100644
--- a/modules/nix.nix
+++ b/modules/nix.nix
@@ -1,29 +1,35 @@
-{ inputs, ... }:
+{ inputs, config, lib, ... }:
 {
-    nix.nixPath = [ "/etc/nix/path" ];
-    nix.registry.nixpkgs.flake = inputs.nixpkgs;
-    environment.etc."nix/path/nixpkgs".source = inputs.nixpkgs;
-    
-    nix = {
-        settings = {
-            experimental-features = [ "nix-command" "flakes" ];
-            auto-optimise-store = true;
-            
-            trusted-users = [ "boss" ];
+    options.teh-nix.nix = with lib; {
+        enable = mkEnableOption "Use the TehNix nix settings";
+    };
 
-            substituters = [
-                "https://cache.nixos.org"
-            ];
+    config = lib.mkIf config.teh-nix.nix.enable {
+        nix.nixPath = [ "/etc/nix/path" ];
+        nix.registry.nixpkgs.flake = inputs.nixpkgs;
+        environment.etc."nix/path/nixpkgs".source = inputs.nixpkgs;
+        
+        nix = {
+            settings = {
+                experimental-features = [ "nix-command" "flakes" ];
+                auto-optimise-store = true;
+                
+                trusted-users = [ "boss" ];
 
-            # trusted-public-keys = [
-            #     "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
-            # ];
-        };
-        gc = {
-            automatic = true;
-            dates = "weekly";
-            options = "--delete-older-than +7";
+                substituters = [
+                    "https://cache.nixos.org"
+                ];
+
+                # trusted-public-keys = [
+                #     "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+                # ];
+            };
+            gc = {
+                automatic = true;
+                dates = "weekly";
+                options = "--delete-older-than +7";
+            };
+            optimise.automatic = true;
         };
-        optimise.automatic = true;
     };
 }
diff --git a/modules/nvidia.nix b/modules/nvidia.nix
index ba71df9..e8db8b7 100644
--- a/modules/nvidia.nix
+++ b/modules/nvidia.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, inputs, ... }:
+{ config, pkgs, lib, inputs, ... }:
 let
     nvidia-offload = pkgs.writeShellScriptBin "prime-run" ''
 export __NV_PRIME_RENDER_OFFLOAD=1
@@ -9,19 +9,25 @@ exec "$@"
 '';
 in
 {
-    nixpkgs.config.allowUnfree = true;
-    hardware.graphics.enable = true;
-    hardware.nvidia.modesetting.enable = true;
-    hardware.nvidia.open = true;
-    hardware.nvidia.prime = {
-	    offload.enable = true;
-
-	    nvidiaBusId = "PCI:1:0:0";
-	    intelBusId = "PCI:5:0:0";
+    options.teh-nix.nvidia = with lib; {
+        enable = mkEnableOption "Enable nvidia";
     };
-    hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable;
 
-    services.xserver.videoDrivers = [ "nvidia" ];
+    config = lib.mkIf config.teh-nix.nvidia.enable {
+        nixpkgs.config.allowUnfree = true;
+        hardware.graphics.enable = true;
+        hardware.nvidia.modesetting.enable = true;
+        hardware.nvidia.open = true;
+        hardware.nvidia.prime = {
+	        offload.enable = true;
+
+	        nvidiaBusId = "PCI:1:0:0";
+	        intelBusId = "PCI:5:0:0";
+        };
+        hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable;
 
-    environment.systemPackages = [ nvidia-offload ];
+        services.xserver.videoDrivers = [ "nvidia" ];
+
+        environment.systemPackages = [ nvidia-offload ];
+    };
 }
diff --git a/modules/xorg.nix b/modules/xorg.nix
new file mode 100644
index 0000000..dbf2a77
--- /dev/null
+++ b/modules/xorg.nix
@@ -0,0 +1,57 @@
+{ config, lib, pkgs, inputs, ... }:
+{
+    imports = [
+        ./nvidia.nix
+        inputs.YATwm.nixosModules.YATwm
+    ];
+    
+    options.teh-nix.xorg = with lib; {
+        enable = mkEnableOption "Enable xorg";
+        nvidia = mkOption {
+            type = types.bool;
+            default = true;
+            description = "Enable nvidia with xorg";
+        };
+    };
+    
+    config = lib.mkIf config.teh-nix.xorg.enable {
+
+        teh-nix.nvidia.enable = lib.mkIf config.teh-nix.xorg.nvidia (lib.mkDefault true);
+        
+        services.xserver = {
+	        enable = true;
+
+	        desktopManager = {
+		        xterm.enable = false;
+                #default = "none";
+	        };
+            
+            deviceSection = ''
+                      Option "DRI" "2"
+                      Option "TearFree" "true"
+                      '';
+
+	        windowManager.i3 = {
+		        enable = true;
+		        package = pkgs.i3-gaps;
+	        };
+
+            windowManager.YATwm = {
+                enable = true;
+                package = inputs.YATwm.packages.x86_64-linux.YATwm;
+            };
+	    };
+        programs.i3lock.enable = true;
+
+        services.displayManager = {
+		    #defaultSession = "none+i3";
+		    sddm.enable = true;
+            #sddm.theme = "catppuccin-macchiato";
+            # ly.enable = true;
+	    };
+
+        
+	    services.xserver.xkb.layout = "us";
+	    services.xserver.xkb.options = "caps:super";
+    };
+}