2023-09-12 22:00:21 +00:00
|
|
|
{ pkgs, config, ... }:
|
2023-09-11 22:05:25 +00:00
|
|
|
|
|
|
|
let
|
|
|
|
fqdn = "git.kempkens.io";
|
|
|
|
in
|
|
|
|
{
|
2023-09-12 22:00:21 +00:00
|
|
|
services = {
|
|
|
|
gitea = {
|
|
|
|
enable = true;
|
|
|
|
package = pkgs.forgejo;
|
2023-09-11 22:05:25 +00:00
|
|
|
|
2023-09-12 22:00:21 +00:00
|
|
|
stateDir = "/var/lib/forgejo";
|
2023-09-11 22:05:25 +00:00
|
|
|
|
2023-09-12 22:00:21 +00:00
|
|
|
database = {
|
|
|
|
type = "postgres";
|
|
|
|
};
|
2023-09-11 22:05:25 +00:00
|
|
|
|
2023-09-12 22:00:21 +00:00
|
|
|
lfs.enable = true;
|
2023-09-11 22:05:25 +00:00
|
|
|
|
2023-09-12 22:00:21 +00:00
|
|
|
appName = "kempkens.io Forge";
|
2023-09-11 22:05:25 +00:00
|
|
|
|
2023-09-12 22:00:21 +00:00
|
|
|
settings = {
|
|
|
|
server = {
|
|
|
|
PROTOCOL = "http+unix";
|
|
|
|
DOMAIN = fqdn;
|
|
|
|
ROOT_URL = "https://${fqdn}/";
|
|
|
|
};
|
2023-09-11 22:05:25 +00:00
|
|
|
|
2023-09-12 22:00:21 +00:00
|
|
|
service = {
|
|
|
|
DISABLE_REGISTRATION = true;
|
|
|
|
};
|
2023-09-11 22:05:25 +00:00
|
|
|
|
2023-09-12 22:00:21 +00:00
|
|
|
mailer = {
|
|
|
|
ENABLED = true;
|
|
|
|
PROTOCOL = "sendmail";
|
|
|
|
FROM = "forgejo@mg.kempkens.io";
|
|
|
|
SENDMAIL_PATH = "${pkgs.system-sendmail}/bin/sendmail";
|
|
|
|
};
|
2023-09-11 22:05:25 +00:00
|
|
|
|
2023-09-12 22:00:21 +00:00
|
|
|
session = {
|
|
|
|
COOKIE_SECURE = true;
|
|
|
|
SAME_SITE = "strict";
|
|
|
|
};
|
|
|
|
|
|
|
|
actions = {
|
|
|
|
ENABLED = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
other = {
|
|
|
|
SHOW_FOOTER_VERSION = false;
|
|
|
|
};
|
2023-09-11 22:05:25 +00:00
|
|
|
};
|
2023-09-12 22:00:21 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
gitea-actions-runner = {
|
|
|
|
package = pkgs.forgejo-actions-runner;
|
|
|
|
|
|
|
|
instances = {
|
|
|
|
tanker = {
|
|
|
|
enable = true;
|
|
|
|
url = "https://${fqdn}";
|
2023-09-11 22:05:25 +00:00
|
|
|
|
2023-09-12 22:00:21 +00:00
|
|
|
name = "tanker";
|
|
|
|
tokenFile = config.age.secrets.forgejo-actions-token.path;
|
|
|
|
|
|
|
|
labels = [
|
2023-09-13 22:30:04 +00:00
|
|
|
"ubuntu-latest-amd64:docker://ghcr.io/catthehacker/ubuntu:act-latest"
|
2023-09-12 22:00:21 +00:00
|
|
|
];
|
|
|
|
};
|
2023-09-11 22:05:25 +00:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2023-09-12 22:00:21 +00:00
|
|
|
nginx.virtualHosts."${fqdn}" = {
|
|
|
|
quic = true;
|
|
|
|
http3 = true;
|
2023-09-11 22:05:25 +00:00
|
|
|
|
2023-09-12 22:00:21 +00:00
|
|
|
onlySSL = true;
|
|
|
|
useACMEHost = "kempkens.io";
|
2023-09-11 22:05:25 +00:00
|
|
|
|
2023-09-12 22:00:21 +00:00
|
|
|
locations."/" = {
|
|
|
|
recommendedProxySettings = true;
|
|
|
|
proxyPass = "http://unix:/run/gitea/gitea.sock";
|
|
|
|
};
|
2023-09-11 22:05:25 +00:00
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|