geir/home-lab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix Forgejo SSH user configuration

Browse source 
- Set explicit git user for Forgejo service
- Add SSH_USER configuration for proper SSH handling
- Ensure compatibility with system SSH server
This commit is contained in:
Geir Okkenhaug Jerstad 2025-06-10 22:40:01 +02:00
parent 1fd6de2551
commit f2c9eed794
4 changed files with 64 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

6
machines/grey-area/services/forgejo.nix
View file

@ -2,7 +2,7 @@
{
services.forgejo = {
enable = true;
# Use the default 'forgejo' user, not 'git'
user = "git"; # Explicitly set to 'git' user for SSH compatibility
};
services.forgejo.settings = {
@ -16,9 +16,11 @@
ROOT_URL = "https://git.geokkjer.eu";
SSH_DOMAIN = "git.geokkjer.eu";
SSH_PORT = 1337;
# Disable built-in SSH server, use system SSH instead
# Use system SSH server instead of built-in
DISABLE_SSH = false;
START_SSH_SERVER = false;
# Configure SSH user
SSH_USER = "git";
};
repository = {
ENABLE_PUSH_CREATE_USER = true;

61
modules/common/base.nix
View file

@ -1,54 +1,59 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
# Base system packages and aliases shared across all machines
# This module consolidates common CLI tools to reduce duplication
# across user configurations and machine-specific configs
environment.systemPackages = with pkgs; [
# Modern CLI tools (rust-based replacements)
tldr # Better man pages
eza # Better ls
bat # Better cat
ripgrep # Better grep
du-dust # Better du
bottom # Better top
fd # Better find
fzf # Fuzzy finder
zoxide # Better cd
uutils-coreutils-noprefix # Modern coreutils
tldr # Better man pages
eza # Better ls
bat # Better cat
ripgrep # Better grep
du-dust # Better du
bottom # Better top
fd # Better find
fzf # Fuzzy finder
zoxide # Better cd
uutils-coreutils-noprefix # Modern coreutils
# Environment management
direnv # Directory-based environment management
nix-direnv # Nix integration for direnv
direnv # Directory-based environment management
nix-direnv # Nix integration for direnv
# Essential system tools
curl # HTTP client
wget # Download utility
git # Version control
htop # Process viewer
tree # Directory tree viewer
file # File type detection
unzip # Archive extraction
zip # Archive creation
curl # HTTP client
wget # Download utility
git # Version control
htop # Process viewer
tree # Directory tree viewer
file # File type detection
unzip # Archive extraction
zip # Archive creation
fastfetch
zellij
glances
systemctl-tui
starship # Shell prompt
btop # Resource monitor (better top)
# Text processing and utilities
jq # JSON processor
yq # YAML processor
jq # JSON processor
yq # YAML processor
# Network utilities
nmap # Network mapper
nmap # Network mapper
# System monitoring and diagnostics
lsof # List open files
strace # System call tracer
ncdu # Disk usage analyzer
lsof # List open files
strace # System call tracer
ncdu # Disk usage analyzer
# Development basics
github-cli # GitHub CLI
github-cli # GitHub CLI
];
environment.shellAliases = {
vi = "nvim";

0
modules/common/emacs.nix Normal file
View file

12
modules/users/common.nix
View file

@ -1,8 +1,10 @@
# Common User Configuration
# Shared settings for all users in the home lab
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
# Common user settings
users = {
# Use mutable users for flexibility
@ -20,6 +22,7 @@
# direnv integration
interactiveShellInit = ''
eval "$(starship init zsh)"
eval "$(direnv hook zsh)"
'';
@ -81,12 +84,11 @@
enable = true;
settings = {
PasswordAuthentication = false; # Key-based auth only
PermitRootLogin = "no"; # No root login
X11Forwarding = true; # For GUI applications over SSH
PermitRootLogin = "no"; # No root login
X11Forwarding = true; # For GUI applications over SSH
};
};
# Enable sound
pipewire = {
enable = true;