1
0
Fork 0
dotfiles/system/nixos/forgejo.nix

79 lines
1.5 KiB
Nix
Raw Permalink Normal View History

{ pkgs, ... }:
2023-09-11 22:05:25 +00:00
let
fqdn = "git.kempkens.io";
in
{
2023-09-12 22:00:21 +00:00
services = {
2023-10-02 17:14:00 +00:00
forgejo = {
2023-09-12 22:00:21 +00:00
enable = true;
2024-10-09 07:38:54 +00:00
package = pkgs.forgejo;
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
stateDir = "/var/lib/forgejo";
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
database = {
type = "postgres";
};
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
lfs.enable = true;
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
settings = {
2023-10-02 17:14:00 +00:00
DEFAULT = {
APP_NAME = "kempkens.io Forge";
};
2023-09-12 22:00:21 +00:00
server = {
PROTOCOL = "http+unix";
DOMAIN = fqdn;
ROOT_URL = "https://${fqdn}/";
LANDING_PAGE = "explore";
2023-09-12 22:00:21 +00:00
};
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
service = {
DISABLE_REGISTRATION = true;
};
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
mailer = {
ENABLED = true;
PROTOCOL = "sendmail";
FROM = "forgejo@mg.kempkens.io";
SENDMAIL_PATH = "${pkgs.system-sendmail}/bin/sendmail";
};
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
session = {
COOKIE_SECURE = true;
SAME_SITE = "strict";
};
actions = {
ENABLED = true;
};
other = {
SHOW_FOOTER_VERSION = false;
SHOW_FOOTER_TEMPLATE_LOAD_TIME = false;
2023-09-12 22:00:21 +00:00
};
2023-09-11 22:05:25 +00:00
};
};
2023-09-12 22:00:21 +00:00
nginx.virtualHosts."${fqdn}" = {
quic = true;
http3 = true;
2023-09-11 22:05:25 +00:00
2023-09-16 22:42:19 +00:00
forceSSL = true;
2023-09-12 22:00:21 +00:00
useACMEHost = "kempkens.io";
2023-09-11 22:05:25 +00:00
2023-09-16 22:42:19 +00:00
extraConfig = ''
2023-10-31 20:24:26 +00:00
client_max_body_size 0;
2023-09-16 22:42:19 +00:00
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
'';
2023-09-12 22:00:21 +00:00
locations."/" = {
recommendedProxySettings = true;
2023-10-02 17:14:00 +00:00
proxyPass = "http://unix:/run/forgejo/forgejo.sock";
2023-09-12 22:00:21 +00:00
};
2023-09-11 22:05:25 +00:00
};
};
}