From 9a254038ba7fb25065cc92cfa67be9e0766e5aeb Mon Sep 17 00:00:00 2001
From: uku <hi@uku.moe>
Date: Sun, 19 May 2024 10:34:48 +0200
Subject: [PATCH] chore(etna): move some stuff in default.nix

---
 systems/etna/default.nix   | 11 +++++++
 systems/etna/dendrite.nix  | 42 ++++++++++++--------------
 systems/etna/forgejo.nix   | 60 +++++++++++++++++++-------------------
 systems/etna/minecraft.nix |  9 ------
 4 files changed, 60 insertions(+), 62 deletions(-)

diff --git a/systems/etna/default.nix b/systems/etna/default.nix
index 122be49..6247d37 100644
--- a/systems/etna/default.nix
+++ b/systems/etna/default.nix
@@ -38,6 +38,17 @@ in {
   services = {
     openssh.openFirewall = true;
 
+    nginx.enable = true;
+
+    frp = {
+      enable = true;
+      role = "client";
+      settings = {
+        serverAddr = "49.13.148.129";
+        serverPort = 7000;
+      };
+    };
+
     cloudflared = {
       enable = true;
       tunnels.${tunnelId} = {
diff --git a/systems/etna/dendrite.nix b/systems/etna/dendrite.nix
index 6ccd915..e313812 100644
--- a/systems/etna/dendrite.nix
+++ b/systems/etna/dendrite.nix
@@ -59,31 +59,27 @@
       ];
     };
 
-    nginx = {
-      enable = true;
+    nginx.virtualHosts."m.uku.moe".locations = let
+      server = {"m.server" = "m.uku.moe:443";};
+      client = {"m.homeserver"."base_url" = "https://m.uku.moe";};
+    in {
+      "=/.well-known/matrix/server" = {
+        return = "200 '${builtins.toJSON server}'";
+      };
 
-      virtualHosts."m.uku.moe".locations = let
-        server = {"m.server" = "m.uku.moe:443";};
-        client = {"m.homeserver"."base_url" = "https://m.uku.moe";};
-      in {
-        "=/.well-known/matrix/server" = {
-          return = "200 '${builtins.toJSON server}'";
-        };
+      "=/.well-known/matrix/client" = {
+        return = "200 '${builtins.toJSON client}'";
+      };
 
-        "=/.well-known/matrix/client" = {
-          return = "200 '${builtins.toJSON client}'";
-        };
-
-        "/" = {
-          proxyPass = "http://localhost:8008";
-          proxyWebsockets = true;
-          extraConfig = ''
-            proxy_set_header Host      $host;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_read_timeout         600;
-            client_max_body_size       100M;
-          '';
-        };
+      "/" = {
+        proxyPass = "http://localhost:8008";
+        proxyWebsockets = true;
+        extraConfig = ''
+          proxy_set_header Host      $host;
+          proxy_set_header X-Real-IP $remote_addr;
+          proxy_read_timeout         600;
+          client_max_body_size       100M;
+        '';
       };
     };
   };
diff --git a/systems/etna/forgejo.nix b/systems/etna/forgejo.nix
index 118a057..58bef7f 100644
--- a/systems/etna/forgejo.nix
+++ b/systems/etna/forgejo.nix
@@ -2,43 +2,43 @@ _: {
   cfTunnels."git.uku3lig.net" = "http://localhost:3000";
 
   services.forgejo = {
-      enable = true;
+    enable = true;
 
-      database = {
-        type = "postgres";
-        createDatabase = true;
+    database = {
+      type = "postgres";
+      createDatabase = true;
+    };
+
+    settings = {
+      DEFAULT.APP_NAME = "uku's forge";
+
+      server = {
+        DISABLE_SSH = true;
+        ROOT_URL = "https://git.uku3lig.net";
       };
 
-      settings = {
-        DEFAULT.APP_NAME = "uku's forge";
+      service = {
+        ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
+        # TODO enable turnstile once it gets fixed
+        # see codeberg:forgejo/forgejo#3832
+        ENABLE_CAPTCHA = true;
+      };
 
-        server = {
-          DISABLE_SSH = true;
-          ROOT_URL = "https://git.uku3lig.net";
-        };
+      oauth2 = {
+        # providers are configured in the admin panel
+        ENABLED = true;
+      };
 
-        service = {
-          ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
-          # TODO enable turnstile once it gets fixed
-          # see codeberg:forgejo/forgejo#3832
-          ENABLE_CAPTCHA = true;
-        };
+      actions.ENABLED = false;
 
-        oauth2 = {
-          # providers are configured in the admin panel
-          ENABLED = true;
-        };
+      "ui.meta" = {
+        AUTHOR = "uku's forge";
+        DESCRIPTION = "the place where literally nothing gets done";
+      };
 
-        actions.ENABLED = false;
-
-        "ui.meta" = {
-          AUTHOR = "uku's forge";
-          DESCRIPTION = "the place where literally nothing gets done";
-        };
-
-        "repository.signing" = {
-          DEFAULT_TRUST_MODEL = "committer";
-        };
+      "repository.signing" = {
+        DEFAULT_TRUST_MODEL = "committer";
       };
     };
+  };
 }
diff --git a/systems/etna/minecraft.nix b/systems/etna/minecraft.nix
index 8336f52..72607ae 100644
--- a/systems/etna/minecraft.nix
+++ b/systems/etna/minecraft.nix
@@ -63,15 +63,6 @@ in
   lib.recursiveUpdate {
     age.secrets = mkSecret "minecraftEnv" {};
 
-    services.frp = {
-      enable = true;
-      role = "client";
-      settings = {
-        serverAddr = "49.13.148.129";
-        serverPort = 7000;
-      };
-    };
-
     virtualisation.oci-containers.backend = "docker";
 
     systemd.services.restart-minecraft-servers = {