From f2c9eed794b4228c431ed2701f91287c4294a257 Mon Sep 17 00:00:00 2001 From: Geir Okkenhaug Jerstad Date: Tue, 10 Jun 2025 22:40:01 +0200 Subject: [PATCH] Fix Forgejo SSH user configuration - Set explicit git user for Forgejo service - Add SSH_USER configuration for proper SSH handling - Ensure compatibility with system SSH server --- machines/grey-area/services/forgejo.nix | 6 +- modules/common/base.nix | 77 +++++++++++++------------ modules/common/emacs.nix | 0 modules/users/common.nix | 36 ++++++------ 4 files changed, 64 insertions(+), 55 deletions(-) create mode 100644 modules/common/emacs.nix diff --git a/machines/grey-area/services/forgejo.nix b/machines/grey-area/services/forgejo.nix index e2758e8..5669516 100644 --- a/machines/grey-area/services/forgejo.nix +++ b/machines/grey-area/services/forgejo.nix @@ -2,7 +2,7 @@ { services.forgejo = { enable = true; - # Use the default 'forgejo' user, not 'git' + user = "git"; # Explicitly set to 'git' user for SSH compatibility }; services.forgejo.settings = { @@ -16,9 +16,11 @@ ROOT_URL = "https://git.geokkjer.eu"; SSH_DOMAIN = "git.geokkjer.eu"; SSH_PORT = 1337; - # Disable built-in SSH server, use system SSH instead + # Use system SSH server instead of built-in DISABLE_SSH = false; START_SSH_SERVER = false; + # Configure SSH user + SSH_USER = "git"; }; repository = { ENABLE_PUSH_CREATE_USER = true; diff --git a/modules/common/base.nix b/modules/common/base.nix index efab5e4..8a40fcc 100644 --- a/modules/common/base.nix +++ b/modules/common/base.nix @@ -1,54 +1,59 @@ -{ config, pkgs, ... }: { + config, + pkgs, + ... +}: { # Base system packages and aliases shared across all machines # This module consolidates common CLI tools to reduce duplication # across user configurations and machine-specific configs - + environment.systemPackages = with pkgs; [ - # Modern CLI tools (rust-based replacements) - tldr # Better man pages - eza # Better ls - bat # Better cat - ripgrep # Better grep - du-dust # Better du - bottom # Better top - fd # Better find - fzf # Fuzzy finder - zoxide # Better cd - uutils-coreutils-noprefix # Modern coreutils - + # Modern CLI tools (rust-based replacements) + tldr # Better man pages + eza # Better ls + bat # Better cat + ripgrep # Better grep + du-dust # Better du + bottom # Better top + fd # Better find + fzf # Fuzzy finder + zoxide # Better cd + uutils-coreutils-noprefix # Modern coreutils + # Environment management - direnv # Directory-based environment management - nix-direnv # Nix integration for direnv - + direnv # Directory-based environment management + nix-direnv # Nix integration for direnv + # Essential system tools - curl # HTTP client - wget # Download utility - git # Version control - htop # Process viewer - tree # Directory tree viewer - file # File type detection - unzip # Archive extraction - zip # Archive creation + curl # HTTP client + wget # Download utility + git # Version control + htop # Process viewer + tree # Directory tree viewer + file # File type detection + unzip # Archive extraction + zip # Archive creation fastfetch zellij glances systemctl-tui + starship # Shell prompt + btop # Resource monitor (better top) # Text processing and utilities - jq # JSON processor - yq # YAML processor - + jq # JSON processor + yq # YAML processor + # Network utilities - nmap # Network mapper - + nmap # Network mapper + # System monitoring and diagnostics - lsof # List open files - strace # System call tracer - ncdu # Disk usage analyzer - + lsof # List open files + strace # System call tracer + ncdu # Disk usage analyzer + # Development basics - github-cli # GitHub CLI + github-cli # GitHub CLI ]; environment.shellAliases = { vi = "nvim"; @@ -69,4 +74,4 @@ gpa = "git remote | xargs -L1 git push"; gl = "git log --oneline -10"; }; -} \ No newline at end of file +} diff --git a/modules/common/emacs.nix b/modules/common/emacs.nix new file mode 100644 index 0000000..e69de29 diff --git a/modules/users/common.nix b/modules/users/common.nix index 4043510..2c99124 100644 --- a/modules/users/common.nix +++ b/modules/users/common.nix @@ -1,13 +1,15 @@ # Common User Configuration # Shared settings for all users in the home lab -{ config, pkgs, ... }: - { + config, + pkgs, + ... +}: { # Common user settings users = { # Use mutable users for flexibility mutableUsers = true; - + # Default shell for all users defaultUserShell = pkgs.zsh; }; @@ -17,34 +19,35 @@ enable = true; autosuggestions.enable = true; syntaxHighlighting.enable = true; - + # direnv integration interactiveShellInit = '' + eval "$(starship init zsh)" eval "$(direnv hook zsh)" ''; - + # Common aliases for all users shellAliases = { # Modern CLI tool replacements (basic ones moved to base.nix) "ll" = "eza -l --color=auto --group-directories-first"; "la" = "eza -la --color=auto --group-directories-first"; "tree" = "eza --tree"; - + # Git shortcuts (basic ones moved to base.nix) - + # System shortcuts (some moved to base.nix) "top" = "btop"; - + # Network "ping" = "ping -c 5"; "myip" = "curl -s ifconfig.me"; - + # Safety "rm" = "rm -i"; "mv" = "mv -i"; "cp" = "cp -i"; }; - + # Common environment variables sessionVariables = { EDITOR = "emacs"; @@ -57,10 +60,10 @@ environment.systemPackages = with pkgs; [ # Essential CLI tools moved to base.nix # Adding user-specific tools here - + # Communication firefox - + # Development (basic tools moved to base.nix) # Additional utilities not in base.nix ]; @@ -69,7 +72,7 @@ security = { # Require password for sudo (can be overridden per user) sudo.wheelNeedsPassword = true; - + # Polkit for desktop users polkit.enable = true; }; @@ -81,12 +84,11 @@ enable = true; settings = { PasswordAuthentication = false; # Key-based auth only - PermitRootLogin = "no"; # No root login - X11Forwarding = true; # For GUI applications over SSH + PermitRootLogin = "no"; # No root login + X11Forwarding = true; # For GUI applications over SSH }; }; - - + # Enable sound pipewire = { enable = true;