magic_rb/dotfiles
1
0
Fork 0
mirror of https://git.sr.ht/~magic_rb/dotfiles synced 2024-11-22 08:04:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Re-enable Gitea/Forgejo

Browse source 
Signed-off-by: magic_rb <magic_rb@redalder.org>
This commit is contained in:
magic_rb 2024-01-18 21:10:13 +01:00
parent d2aa9c45a5
commit 683b6bc332
No known key found for this signature in database
GPG key ID: 08D5287CC5DDCA0E
4 changed files with 40 additions and 114 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

134
nixng/containers/gitea/default.nix
View file

@ -15,30 +15,53 @@ in {
(inputs) (inputs)
nixpkgs nixpkgs
; ;
config = {pkgs, ...}: { config = {
pkgs,
config,
options,
...
}: {
dumb-init = { dumb-init = {
enable = true; enable = true;
type.services = {}; type.services = {};
}; };
services.mysql = { services.postgresql = {
enable = true; enable = true;
package = pkgs.postgresql_16;
package = pkgs.mariadb_105;
ensureDatabases = singleton "gitea"; ensureDatabases = singleton "gitea";
ensureUsers = singleton { ensureUsers = singleton {
name = "gitea"; name = "gitea";
ensureDBOwnership = true;
ensurePermissions = { ensurePermissions = {
"gitea.*" = "ALL PRIVILEGES"; "DATABASE \"gitea\"" = "ALL PRIVILEGES";
}; };
}; };
}; };
imports = [
(import "${inputs.nixng}/modules/services/gitea/sane.nix" {
rootConfig = config;
rootOptions = options;
inherit pkgs lib;
} {
user = "gitea";
database = {
type = "postgres";
# host = "127.0.0.1";
# port = 5432;
socket = "/run/postgresql";
name = "gitea";
user = "gitea";
};
})
];
init.services.gitea.shutdownOnExit = false; init.services.gitea.shutdownOnExit = false;
services.gitea = { services.gitea = {
enable = true; enable = true;
package = pkgs.gitea; package = pkgs.forgejo;
secrets = { secrets = {
secretKeyFile = "/secrets/secret_key"; secretKeyFile = "/secrets/secret_key";
@ -48,104 +71,7 @@ in {
}; };
settings = { settings = {
appName = "Red Alder Gitea"; DEFAULT.APP_NAME = "RedAlder Forgejo";
runMode = "prod";
runUser = "gitea";
DEFAULT = {
WORK_PATH = "/data/gitea";
};
repository = {
ROOT = "/data/gitea/git/repositories";
};
"repository.local" = {
LOCAL_COPY_PATH = "/data/gitea/tmp/local-repo";
};
"repository.upload" = {
TEMP_PATH = "/data/gitea/gitea/uploads";
};
server = {
APP_DATA_PATH = "/data/gitea";
SSH_DOMAIN = "localhost";
HTTP_PORT = 3000;
ROOT_URL = "https://gitea.redalder.org/";
STATIC_ROOT_PATH = "${pkgs.gitea.data}";
DISABLE_SSH = false;
SSH_PORT = 22;
SSH_LISTEN_PORT = 22;
LFS_START_SERVER = true;
LFS_CONTENT_PATH = "/data/gitea/git/lfs";
DOMAIN = "localhost";
LFS_JWT_SECRET = "#lfsJwtSecret#";
OFFLINE_MODE = false;
};
database = {
DB_TYPE = "mysql";
HOST = "/run/mysqld/mysqld.sock";
NAME = "gitea";
USER = "gitea";
SCHEMA = "";
SSL_MODE = "disable";
CHARSET = "utf8";
};
indexer = {
ISSUE_INDEXER_PATH = "/data/gitea/gitea/indexers/issues.bleve";
REPO_INDEXER_PATH = "/data/gitea/gitea/indexers/repos.bleve";
};
session = {
PROVIDER_CONFIG = "/data/gitea/gitea/sessions";
PROVIDER = "file";
};
picture = {
AVATAR_UPLOAD_PATH = "/data/gitea/gitea/avatars";
REPOSITORY_AVATAR_UPLOAD_PATH = "/data/gitea/gitea/repo-avatars";
DISABLE_GRAVATAR = false;
ENABLE_FEDERATED_AVATAR = true;
};
attachment = {
PATH = "/data/gitea/gitea/attachments";
};
security = {
INSTALL_LOCK = true;
SECRET_KEY = "#secretKey";
INTERNAL_TOKEN = "#internalToken#";
};
service = {
DISABLE_REGISTRATION = false;
REQUIRE_SIGNIN_VIEW = false;
REGISTER_EMAIL_CONFIRM = false;
ENABLE_NOTIFY_MAIL = false;
ALLOW_ONLY_EXTERNAL_REGISTRATION = false;
ENABLE_CAPTCHA = false;
DEFAULT_KEEP_EMAIL_PRIVATE = false;
DEFAULT_ALLOW_CREATE_ORGANIZATION = true;
DEFAULT_ENABLE_TIMETRACKING = true;
NO_REPLY_ADDRESS = "noreply.localhost";
};
oauth2.JWT_SECRET = "#jwtSecret#";
mailer.ENABLED = false;
openid = {
ENABLE_OPENID_SIGNIN = true;
ENABLE_OPENID_SIGNUP = true;
};
log = {
MODE = "console";
LEVEL = "Debug";
};
}; };
}; };
}; };

8
terranix/containers/gitea/default.nix
View file

@ -9,16 +9,16 @@ in
volume_name = "gitea-db"; volume_name = "gitea-db";
access_mode = "single-node-writer"; access_mode = "single-node-writer";
server = "blowhole.hosts.in.redalder.org"; server = "blowhole.hosts.in.redalder.org";
share = "/var/nfs/gitea-db"; share = "/mnt/kyle/infrastructure/gitea/database";
mount_flags = [ "nfsvers=3" "nolock" "async" ]; mount_flags = [ "hard" "vers=4.2" "rsize=16384" "wsize=16384" "async" ];
}; };
resource."nomad_volume"."gitea-data" = nfsVolume { resource."nomad_volume"."gitea-data" = nfsVolume {
volume_name = "gitea-data"; volume_name = "gitea-data";
access_mode = "single-node-writer"; access_mode = "single-node-writer";
server = "blowhole.hosts.in.redalder.org"; server = "blowhole.hosts.in.redalder.org";
share = "/var/nfs/gitea-data"; share = "/mnt/kyle/infrastructure/gitea/data";
mount_flags = [ "nfsvers=3" "nolock" "async" ]; mount_flags = [ "hard" "vers=4.2" "rsize=16384" "wsize=16384" "async" ];
}; };
resource."vault_policy"."gitea-policy" = { resource."vault_policy"."gitea-policy" = {

4
terranix/containers/gitea/job.hcl
View file

@ -68,13 +68,13 @@ job "gitea" {
volume_mount { volume_mount {
volume = "gitea-data" volume = "gitea-data"
destination = "/data/gitea" destination = "/var/lib/gitea"
read_only = false read_only = false
} }
volume_mount { volume_mount {
volume = "gitea-db" volume = "gitea-db"
destination = "/var/lib/mysql" destination = "/var/lib/postgresql"
read_only = false read_only = false
} }

8
terranix/default.nix
View file

@ -71,10 +71,10 @@ in
source = ./containers/jellyfin; source = ./containers/jellyfin;
}; };
# module."gitea" = elib.terraformModule { module."gitea" = elib.terraformModule {
# name = "gitea"; name = "gitea";
# source = ./containers/gitea; source = ./containers/gitea;
# }; };
module."home-assistant" = elib.terraformModule { module."home-assistant" = elib.terraformModule {
name = "home-assistant"; name = "home-assistant";