2
2
mirror of https://git.feal.no/felixalb/nixos-config.git synced 2024-12-23 12:37:30 +01:00
nixos-config/hosts/defiant/services/gitea.nix

65 lines
1.6 KiB
Nix
Raw Normal View History

2023-08-18 19:02:07 +02:00
{ config, pkgs, lib, ... }:
2023-05-11 14:34:13 +02:00
let
cfg = config.services.gitea;
2023-06-07 21:10:31 +02:00
domain = "git.feal.no";
httpPort = 3004;
sshPort = 2222;
2023-05-11 14:34:13 +02:00
in {
services.gitea = {
enable = true;
appName = "felixalbs Gitea";
database.type = "postgres";
stateDir = "/tank/services/gitea";
2023-05-11 14:34:13 +02:00
settings = {
2023-06-07 21:10:31 +02:00
server = {
# Serve on local unix socket, exposed in hosts/defiant/services/nginx.nix
PROTOCOL = "http+unix";
2023-06-07 21:10:31 +02:00
DOMAIN = domain;
ROOT_URL = "https://${domain}";
LANDING_PAGE=''"/felixalb"'';
SSH_PORT = sshPort;
SSH_LISTEN_PORT = sshPort;
START_SSH_SERVER = true;
BUILTIN_SSH_SERVER_USER = "git";
2023-06-07 21:10:31 +02:00
};
2023-05-11 14:34:13 +02:00
service.DISABLE_REGISTRATION = true;
session.COOKIE_SECURE = true;
packages.ENABLED = false;
2023-08-18 19:02:07 +02:00
packages.CHUNKED_UPLOAD_PATH = "${cfg.stateDir}/tmp/package-upload";
2023-05-11 14:34:13 +02:00
oauth2_client = {
ENABLE_AUTO_REGISTRATION = true;
OPENID_CONNECT_SCOPES = "email profile openid";
UPDATE_AVATAR = true;
ACCOUNT_LINKING = "auto";
USERNAME = "email";
};
log.LEVEL = "Info";
database.LOG_SQL = false;
ui = {
THEMES="gitea,arc-green,nord";
DEFAULT_THEME="nord";
};
};
# TODO:
# - Backup
# - services.gitea.dump?
# - ZFS snapshots?
2023-05-11 14:34:13 +02:00
# - configure mailer
};
systemd.services.gitea.serviceConfig.WorkingDirectory = lib.mkForce "${cfg.stateDir}/work";
2023-08-18 19:02:07 +02:00
2024-03-07 23:45:25 +01:00
services.postgresqlBackup.databases = [ "gitea" ];
networking.firewall.allowedTCPPorts = [ sshPort ];
2023-05-11 14:34:13 +02:00
}