mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-11-29 19:46:17 +01:00
80 lines
1.7 KiB
Nix
80 lines
1.7 KiB
Nix
{
|
|
inputs,
|
|
lib,
|
|
...
|
|
}: let
|
|
inherit
|
|
(lib)
|
|
singleton
|
|
;
|
|
in {
|
|
flake.nixngConfigurations.gitea = inputs.nixng.nglib.makeSystem {
|
|
system = "x86_64-linux";
|
|
name = "nixng-gitea";
|
|
inherit
|
|
(inputs)
|
|
nixpkgs
|
|
;
|
|
config = {
|
|
pkgs,
|
|
config,
|
|
options,
|
|
...
|
|
}: {
|
|
dumb-init = {
|
|
enable = true;
|
|
type.services = {};
|
|
};
|
|
|
|
services.postgresql = {
|
|
enable = true;
|
|
package = pkgs.postgresql_16;
|
|
|
|
ensureDatabases = singleton "gitea";
|
|
ensureUsers = singleton {
|
|
name = "gitea";
|
|
ensureDBOwnership = true;
|
|
ensurePermissions = {
|
|
"DATABASE \"gitea\"" = "ALL PRIVILEGES";
|
|
};
|
|
};
|
|
};
|
|
|
|
imports = [
|
|
(import "${inputs.nixng}/modules/services/gitea/sane.nix" {
|
|
rootConfig = config;
|
|
rootOptions = options;
|
|
inherit pkgs lib;
|
|
} {
|
|
user = "gitea";
|
|
database = {
|
|
type = "postgres";
|
|
# host = "127.0.0.1";
|
|
# port = 5432;
|
|
socket = "/run/postgresql";
|
|
name = "gitea";
|
|
user = "gitea";
|
|
};
|
|
})
|
|
];
|
|
|
|
init.services.gitea.shutdownOnExit = false;
|
|
services.gitea = {
|
|
enable = true;
|
|
package = pkgs.forgejo;
|
|
|
|
secrets = {
|
|
secretKeyFile = "/secrets/secret_key";
|
|
internalTokenFile = "/secrets/internal_token";
|
|
jwtSecretFile = "/secrets/jwt_secret";
|
|
lfsJwtSecretFile = "/secrets/lfs_jwt_secret";
|
|
};
|
|
|
|
settings = {
|
|
DEFAULT.APP_NAME = "RedAlder Forgejo";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|