mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-12-01 20:46:12 +01:00
93 lines
2.2 KiB
Nix
93 lines
2.2 KiB
Nix
{
|
|
inputs,
|
|
lib,
|
|
...
|
|
}: let
|
|
inherit
|
|
(lib)
|
|
singleton
|
|
;
|
|
in {
|
|
flake.nixngConfigurations.gitea = inputs.nixng.nglib.makeSystem {
|
|
system = "x86_64-linux";
|
|
name = "nixng-gitea";
|
|
nixpkgs = inputs.nixpkgs-stable;
|
|
|
|
config = {
|
|
pkgs,
|
|
config,
|
|
options,
|
|
...
|
|
}: {
|
|
dumb-init = {
|
|
enable = true;
|
|
type.services = {};
|
|
};
|
|
|
|
services.postgresql = {
|
|
enable = true;
|
|
package = pkgs.postgresql_16;
|
|
|
|
ensureDatabases = singleton "gitea";
|
|
ensureUsers = singleton {
|
|
name = "gitea";
|
|
ensureDBOwnership = true;
|
|
ensurePermissions = {
|
|
"DATABASE \"gitea\"" = "ALL PRIVILEGES";
|
|
};
|
|
};
|
|
};
|
|
|
|
imports = [
|
|
(import "${inputs.nixng}/modules/services/gitea/sane.nix" {
|
|
user = "gitea";
|
|
database = {
|
|
type = "postgres";
|
|
# host = "127.0.0.1";
|
|
# port = 5432;
|
|
socket = "/run/postgresql";
|
|
name = "gitea";
|
|
user = "gitea";
|
|
};
|
|
})
|
|
];
|
|
|
|
init.services.gitea.shutdownOnExit = false;
|
|
services.gitea = {
|
|
enable = true;
|
|
package = pkgs.forgejo;
|
|
|
|
secrets = {
|
|
secretKey.source.file = "/secrets/secret_key";
|
|
internalToken.source.file = "/secrets/internal_token";
|
|
jwtSecret.source.file = "/secrets/jwt_secret";
|
|
lfsJwtSecret.source.file = "/secrets/lfs_jwt_secret";
|
|
databasePassword.source.file = "/dev/null";
|
|
};
|
|
|
|
settings = {
|
|
default.APP_NAME = "RedAlder Forgejo";
|
|
default.RUN_MODE = lib.mkForce "prod";
|
|
server = {
|
|
DOMAIN = "git.redalder.org";
|
|
SSH_PORT = 19022;
|
|
START_SSH_SERVER = true;
|
|
ROOT_URL = "https://git.redalder.org/";
|
|
};
|
|
repository = {
|
|
DISABLE_HTTP_GIT = true;
|
|
};
|
|
openid = {
|
|
ENABLE_OPENID_SIGNIN = false;
|
|
ENABLE_OPENID_SIGNUP = false;
|
|
};
|
|
service = {
|
|
DISABLE_REGISTRATION = true;
|
|
REQUIRE_SIGNIN_VIEW = false;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|