65 lines
1.6 KiB
Nix
65 lines
1.6 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
let
|
|
cfg = config.services.gitea;
|
|
domain = "git.feal.no";
|
|
httpPort = 3004;
|
|
sshPort = 2222;
|
|
in {
|
|
services.gitea = {
|
|
enable = true;
|
|
appName = "felixalbs Gitea";
|
|
database.type = "postgres";
|
|
stateDir = "/tank/services/gitea";
|
|
|
|
settings = {
|
|
server = {
|
|
# Serve on local unix socket, exposed in hosts/defiant/services/nginx.nix
|
|
PROTOCOL = "http+unix";
|
|
DOMAIN = domain;
|
|
ROOT_URL = "https://${domain}";
|
|
LANDING_PAGE=''"/felixalb"'';
|
|
|
|
SSH_PORT = sshPort;
|
|
SSH_LISTEN_PORT = sshPort;
|
|
START_SSH_SERVER = true;
|
|
BUILTIN_SSH_SERVER_USER = "git";
|
|
};
|
|
|
|
service.DISABLE_REGISTRATION = true;
|
|
session.COOKIE_SECURE = true;
|
|
|
|
packages.ENABLED = false;
|
|
packages.CHUNKED_UPLOAD_PATH = "${cfg.stateDir}/tmp/package-upload";
|
|
|
|
oauth2_client = {
|
|
ENABLE_AUTO_REGISTRATION = true;
|
|
OPENID_CONNECT_SCOPES = "email profile openid";
|
|
UPDATE_AVATAR = true;
|
|
ACCOUNT_LINKING = "auto";
|
|
USERNAME = "email";
|
|
};
|
|
|
|
log.LEVEL = "Info";
|
|
|
|
database.LOG_SQL = false;
|
|
|
|
ui = {
|
|
THEMES="gitea,arc-green,nord";
|
|
DEFAULT_THEME="nord";
|
|
};
|
|
};
|
|
|
|
# TODO:
|
|
# - Backup
|
|
# - services.gitea.dump?
|
|
# - ZFS snapshots?
|
|
# - configure mailer
|
|
};
|
|
|
|
systemd.services.gitea.serviceConfig.WorkingDirectory = lib.mkForce "${cfg.stateDir}/work";
|
|
|
|
services.postgresqlBackup.databases = [ "gitea" ];
|
|
|
|
networking.firewall.allowedTCPPorts = [ sshPort ];
|
|
}
|