1
0
Fork 0
dotfiles/system/nixos/forgejo.nix

86 lines
1.6 KiB
Nix

{ pkgs, config, ... }:
let
fqdn = "git.kempkens.io";
in
{
services = {
gitea = {
enable = true;
package = pkgs.forgejo;
stateDir = "/var/lib/forgejo";
database = {
type = "postgres";
};
lfs.enable = true;
appName = "kempkens.io Forge";
settings = {
server = {
PROTOCOL = "http+unix";
DOMAIN = fqdn;
ROOT_URL = "https://${fqdn}/";
};
service = {
DISABLE_REGISTRATION = true;
};
mailer = {
ENABLED = true;
PROTOCOL = "sendmail";
FROM = "forgejo@mg.kempkens.io";
SENDMAIL_PATH = "${pkgs.system-sendmail}/bin/sendmail";
};
session = {
COOKIE_SECURE = true;
SAME_SITE = "strict";
};
actions = {
ENABLED = true;
};
other = {
SHOW_FOOTER_VERSION = false;
};
};
};
gitea-actions-runner = {
package = pkgs.forgejo-actions-runner;
instances = {
tanker = {
enable = true;
url = "https://${fqdn}";
name = "tanker";
tokenFile = config.age.secrets.forgejo-actions-token.path;
labels = [
"ubuntu-latest-amd64:docker://ghcr.io/catthehacker/ubuntu:act-latest"
];
};
};
};
nginx.virtualHosts."${fqdn}" = {
quic = true;
http3 = true;
onlySSL = true;
useACMEHost = "kempkens.io";
locations."/" = {
recommendedProxySettings = true;
proxyPass = "http://unix:/run/gitea/gitea.sock";
};
};
};
}