magic_rb/dotfiles
1
0
Fork 0
mirror of https://git.sr.ht/~magic_rb/dotfiles synced 2024-11-21 15:54:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Re-enable Gitea/Forgejo

Browse source 
Signed-off-by: magic_rb <magic_rb@redalder.org>
This commit is contained in:
magic_rb 2024-01-18 21:10:13 +01:00
parent d2aa9c45a5
commit 683b6bc332
No known key found for this signature in database
GPG key ID: 08D5287CC5DDCA0E
4 changed files with 40 additions and 114 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

134
nixng/containers/gitea/default.nix
View file

@ -15,30 +15,53 @@ in {
(inputs)
nixpkgs
;
config = {pkgs, ...}: {
config = {
pkgs,
config,
options,
...
}: {
dumb-init = {
enable = true;
type.services = {};
};
services.mysql = {
services.postgresql = {
enable = true;
package = pkgs.mariadb_105;
package = pkgs.postgresql_16;
ensureDatabases = singleton "gitea";
ensureUsers = singleton {
name = "gitea";
ensureDBOwnership = true;
ensurePermissions = {
"gitea.*" = "ALL PRIVILEGES";
"DATABASE \"gitea\"" = "ALL PRIVILEGES";
};
};
};
imports = [
(import "${inputs.nixng}/modules/services/gitea/sane.nix" {
rootConfig = config;
rootOptions = options;
inherit pkgs lib;
} {
user = "gitea";
database = {
type = "postgres";
# host = "127.0.0.1";
# port = 5432;
socket = "/run/postgresql";
name = "gitea";
user = "gitea";
};
})
];
init.services.gitea.shutdownOnExit = false;
services.gitea = {
enable = true;
package = pkgs.gitea;
package = pkgs.forgejo;
secrets = {
secretKeyFile = "/secrets/secret_key";
@ -48,104 +71,7 @@ in {
};
settings = {
appName = "Red Alder Gitea";
runMode = "prod";
runUser = "gitea";
DEFAULT = {
WORK_PATH = "/data/gitea";
};
repository = {
ROOT = "/data/gitea/git/repositories";
};
"repository.local" = {
LOCAL_COPY_PATH = "/data/gitea/tmp/local-repo";
};
"repository.upload" = {
TEMP_PATH = "/data/gitea/gitea/uploads";
};
server = {
APP_DATA_PATH = "/data/gitea";
SSH_DOMAIN = "localhost";
HTTP_PORT = 3000;
ROOT_URL = "https://gitea.redalder.org/";
STATIC_ROOT_PATH = "${pkgs.gitea.data}";
DISABLE_SSH = false;
SSH_PORT = 22;
SSH_LISTEN_PORT = 22;
LFS_START_SERVER = true;
LFS_CONTENT_PATH = "/data/gitea/git/lfs";
DOMAIN = "localhost";
LFS_JWT_SECRET = "#lfsJwtSecret#";
OFFLINE_MODE = false;
};
database = {
DB_TYPE = "mysql";
HOST = "/run/mysqld/mysqld.sock";
NAME = "gitea";
USER = "gitea";
SCHEMA = "";
SSL_MODE = "disable";
CHARSET = "utf8";
};
indexer = {
ISSUE_INDEXER_PATH = "/data/gitea/gitea/indexers/issues.bleve";
REPO_INDEXER_PATH = "/data/gitea/gitea/indexers/repos.bleve";
};
session = {
PROVIDER_CONFIG = "/data/gitea/gitea/sessions";
PROVIDER = "file";
};
picture = {
AVATAR_UPLOAD_PATH = "/data/gitea/gitea/avatars";
REPOSITORY_AVATAR_UPLOAD_PATH = "/data/gitea/gitea/repo-avatars";
DISABLE_GRAVATAR = false;
ENABLE_FEDERATED_AVATAR = true;
};
attachment = {
PATH = "/data/gitea/gitea/attachments";
};
security = {
INSTALL_LOCK = true;
SECRET_KEY = "#secretKey";
INTERNAL_TOKEN = "#internalToken#";
};
service = {
DISABLE_REGISTRATION = false;
REQUIRE_SIGNIN_VIEW = false;
REGISTER_EMAIL_CONFIRM = false;
ENABLE_NOTIFY_MAIL = false;
ALLOW_ONLY_EXTERNAL_REGISTRATION = false;
ENABLE_CAPTCHA = false;
DEFAULT_KEEP_EMAIL_PRIVATE = false;
DEFAULT_ALLOW_CREATE_ORGANIZATION = true;
DEFAULT_ENABLE_TIMETRACKING = true;
NO_REPLY_ADDRESS = "noreply.localhost";
};
oauth2.JWT_SECRET = "#jwtSecret#";
mailer.ENABLED = false;
openid = {
ENABLE_OPENID_SIGNIN = true;
ENABLE_OPENID_SIGNUP = true;
};
log = {
MODE = "console";
LEVEL = "Debug";
};
DEFAULT.APP_NAME = "RedAlder Forgejo";
};
};
};

8
terranix/containers/gitea/default.nix
View file

@ -9,16 +9,16 @@ in
volume_name = "gitea-db";
access_mode = "single-node-writer";
server = "blowhole.hosts.in.redalder.org";
share = "/var/nfs/gitea-db";
mount_flags = [ "nfsvers=3" "nolock" "async" ];
share = "/mnt/kyle/infrastructure/gitea/database";
mount_flags = [ "hard" "vers=4.2" "rsize=16384" "wsize=16384" "async" ];
};
resource."nomad_volume"."gitea-data" = nfsVolume {
volume_name = "gitea-data";
access_mode = "single-node-writer";
server = "blowhole.hosts.in.redalder.org";
share = "/var/nfs/gitea-data";
mount_flags = [ "nfsvers=3" "nolock" "async" ];
share = "/mnt/kyle/infrastructure/gitea/data";
mount_flags = [ "hard" "vers=4.2" "rsize=16384" "wsize=16384" "async" ];
};
resource."vault_policy"."gitea-policy" = {

4
terranix/containers/gitea/job.hcl
View file

@ -68,13 +68,13 @@ job "gitea" {
volume_mount {
volume = "gitea-data"
destination = "/data/gitea"
destination = "/var/lib/gitea"
read_only = false
}
volume_mount {
volume = "gitea-db"
destination = "/var/lib/mysql"
destination = "/var/lib/postgresql"
read_only = false
}

8
terranix/default.nix
View file

@ -71,10 +71,10 @@ in
source = ./containers/jellyfin;
};
# module."gitea" = elib.terraformModule {
# name = "gitea";
# source = ./containers/gitea;
# };
module."gitea" = elib.terraformModule {
name = "gitea";
source = ./containers/gitea;
};
module."home-assistant" = elib.terraformModule {
name = "home-assistant";