cluster/containers/gitea.nix

153 lines
4.3 KiB
Nix
Raw Permalink Normal View History

/*
* NixNG
* Copyright (c) 2021 GPL Magic_RB <magic_rb@redalder.org>
*
* This file is free software: you may copy, redistribute and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This file is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
{ nglib, nixpkgs }:
nglib.makeSystem {
system = "x86_64-linux";
name = "nixng-gitea";
inherit nixpkgs;
config = ({ pkgs, ... }:
{
dumb-init = {
enable = true;
type.services = { };
};
services.mysql = {
enable = true;
ensureDatabases = [ "gitea" ];
ensureUsers =
[ { name = "gitea";
ensurePermissions = {
"database.*" = "ALL PRIVILEGES";
};
}];
};
init.services.gitea.shutdownOnExit = true;
services.gitea = {
enable = true;
appName = "Red Alder Gitea";
runMode = "prod";
user = "gitea";
secrets = {
secretKeyFile = "/secrets/secret_key";
internalTokenFile = "/secrets/internal_token";
jwtSecretFile = "/secrets/jwt_secret";
lfsJwtSecretFile = "/secrets/lfs_jwt_secret";
};
configuration = {
repository = {
ROOT = "/data/gitea/git/repositories";
};
"repository.local" = {
LOCAL_COPY_PATH = "/data/gitea/tmp/local-repo";
};
"repository.upload" = {
TEMP_PATH = "/data/gitea/gitea/uploads";
};
server = {
APP_DATA_PATH = "/data/gitea";
SSH_DOMAIN = "localhost";
HTTP_PORT = 3000;
ROOT_URL = "https://gitea.redalder.org/";
DISABLE_SSH = false;
SSH_PORT = 22;
SSH_LISTEN_PORT = 22;
LFS_START_SERVER = true;
LFS_CONTENT_PATH = "/data/gitea/git/lfs";
DOMAIN = "localhost";
LFS_JWT_SECRET = "#lfsJwtSecret#";
OFFLINE_MODE = false;
};
database = {
DB_TYPE = "mysql";
HOST = "/run/mysqld/mysqld.sock";
NAME = "gitea";
USER = "gitea";
SCHEMA = "";
SSL_MODE = "disable";
CHARSET = "utf8";
};
indexer = {
ISSUE_INDEXER_PATH = "/data/gitea/gitea/indexers/issues.bleve";
REPO_INDEXER_PATH = "/data/gitea/gitea/indexers/repos.bleve";
};
session = {
PROVIDER_CONFIG = "/data/gitea/gitea/sessions";
PROVIDER = "file";
};
picture = {
AVATAR_UPLOAD_PATH = "/data/gitea/gitea/avatars";
REPOSITORY_AVATAR_UPLOAD_PATH = "/data/gitea/gitea/repo-avatars";
DISABLE_GRAVATAR = false;
ENABLE_FEDERATED_AVATAR = true;
};
attachment = {
PATH = "/data/gitea/gitea/attachments";
};
security = {
INSTALL_LOCK = true;
SECRET_KEY = "#secretKey";
INTERNAL_TOKEN = "#internalToken#";
};
service = {
DISABLE_REGISTRATION = false;
REQUIRE_SIGNIN_VIEW = false;
REGISTER_EMAIL_CONFIRM = false;
ENABLE_NOTIFY_MAIL = false;
ALLOW_ONLY_EXTERNAL_REGISTRATION = false;
ENABLE_CAPTCHA = false;
DEFAULT_KEEP_EMAIL_PRIVATE = false;
DEFAULT_ALLOW_CREATE_ORGANIZATION = true;
DEFAULT_ENABLE_TIMETRACKING = true;
NO_REPLY_ADDRESS = "noreply.localhost";
};
oauth2.JWT_SECRET = "#jwtSecret#";
mailer.ENABLED = false;
openid = {
ENABLE_OPENID_SIGNIN = true;
ENABLE_OPENID_SIGNUP = true;
};
log = {
MODE = "console";
LEVEL = "Debug";
};
};
};
}
);
}