1
0
Fork 0
dotfiles/system/nixos/forgejo.nix

92 lines
1.7 KiB
Nix
Raw Normal View History

2023-09-12 22:00:21 +00:00
{ pkgs, config, ... }:
2023-09-11 22:05:25 +00:00
let
fqdn = "git.kempkens.io";
in
{
2023-09-12 22:00:21 +00:00
services = {
gitea = {
enable = true;
package = pkgs.forgejo;
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
stateDir = "/var/lib/forgejo";
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
database = {
type = "postgres";
};
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
lfs.enable = true;
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
appName = "kempkens.io Forge";
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
settings = {
server = {
PROTOCOL = "http+unix";
DOMAIN = fqdn;
ROOT_URL = "https://${fqdn}/";
};
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
service = {
DISABLE_REGISTRATION = true;
};
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
mailer = {
ENABLED = true;
PROTOCOL = "sendmail";
FROM = "forgejo@mg.kempkens.io";
SENDMAIL_PATH = "${pkgs.system-sendmail}/bin/sendmail";
};
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
session = {
COOKIE_SECURE = true;
SAME_SITE = "strict";
};
repository = {
DISABLE_HTTP_GIT = true;
};
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
actions = {
ENABLED = true;
};
other = {
SHOW_FOOTER_VERSION = false;
};
2023-09-11 22:05:25 +00:00
};
2023-09-12 22:00:21 +00:00
};
gitea-actions-runner = {
package = pkgs.forgejo-actions-runner;
instances = {
tanker = {
enable = true;
url = "https://${fqdn}";
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
name = "tanker";
tokenFile = config.age.secrets.forgejo-actions-token.path;
labels = [
"debian-bullseye:docker://node:18-bullseye"
"debian-bookworm:docker://node:18-bookworm"
];
};
2023-09-11 22:05:25 +00:00
};
};
2023-09-12 22:00:21 +00:00
nginx.virtualHosts."${fqdn}" = {
quic = true;
http3 = true;
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
onlySSL = true;
useACMEHost = "kempkens.io";
2023-09-11 22:05:25 +00:00
2023-09-12 22:00:21 +00:00
locations."/" = {
recommendedProxySettings = true;
proxyPass = "http://unix:/run/gitea/gitea.sock";
};
2023-09-11 22:05:25 +00:00
};
};
}