modules/server/tangled.nix at main · kitten.sh/system

kitten.sh / system
Personal Nix setup
system / modules / server / tangled.nix
at main 1.4 kB view raw
 1{ lib, config, hostname, helpers, pkgs, ... }:
 2
 3with lib;
 4let
 5  address = config.modules.router.adress;
 6  cfg = config.modules.server;
 7in helpers.linuxAttrs {
 8  options.modules.server.tangled = {
 9    enable = mkOption {
10      default = false;
11      example = true;
12      description = "Whether to enable Tangled Knot.";
13      type = types.bool;
14    };
15
16    owner = mkOption {
17      default = "did:plc:726afsuwa5x6qaytybar3bfs";
18      type = types.str;
19    };
20
21    hostname = mkOption {
22      default = "knot.kitten.sh";
23      type = types.str;
24    };
25  };
26
27  config = mkIf (cfg.enable && cfg.tangled.enable) {
28    services.tangled.knot = {
29      enable = true;
30      openFirewall = true;
31      server = {
32        hostname = cfg.tangled.hostname;
33        owner = cfg.tangled.owner;
34      };
35    };
36
37    programs.git = {
38      enable = true;
39      config = {
40        gpg.program = "${pkgs.gnupg}/bin/gpg";
41        receive = {
42          advertisePushOptions = true;
43          denyFastForwards = false;
44          fsckObjects = true;
45          autogc = true;
46        };
47        include.path = config.age.secrets."gitconfig.private".path;
48      };
49    };
50
51    age.secrets."gitconfig.private" = let
52      user = config.services.tangled.knot.gitUser;
53    in {
54      symlink = false;
55      path = "/etc/gitconfig.private";
56      file = ./encrypt/gitconfig.age;
57      owner = user;
58      group = user;
59      mode = "0444";
60    };
61  };
62}