forked from Drift/pvv-nixos-config
58 lines
1.2 KiB
Nix
58 lines
1.2 KiB
Nix
|
{ config, values, pkgs, ... }:
|
||
|
|
let
|
||
|
|
cfg = config.services.gitea;
|
||
|
|
in {
|
||
|
|
sops.secrets."gitea/dbpassword" = { };
|
||
|
|
|
||
|
|
services.gitea = {
|
||
|
|
enable = true;
|
||
|
|
user = "git";
|
||
|
|
rootUrl = "https://gitea.pvv.ntnu.no/";
|
||
|
|
stateDir = "/data/gitea";
|
||
|
|
appName = "PVV Git";
|
||
|
|
|
||
|
|
enableUnixSocket = true;
|
||
|
|
|
||
|
|
database = {
|
||
|
|
type = "postgres";
|
||
|
|
host = values.hosts.bicep.ipv4;
|
||
|
|
port = 5432;
|
||
|
|
passwordFile = config.sops.secrets."gitea/dbpassword".path;
|
||
|
|
createDatabase = false;
|
||
|
|
};
|
||
|
|
|
||
|
|
settings = {
|
||
|
|
service.DISABLE_REGISTRATION = true;
|
||
|
|
session.COOKIE_SECURE = true;
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
services.nginx.virtualHosts = {
|
||
|
|
"gitea.pvv.ntnu.no" = {
|
||
|
|
forceSSL = true;
|
||
|
|
enableACME = true;
|
||
|
|
locations."/" = {
|
||
|
|
proxyPass = "http://unix:/run/gitea/gitea.sock";
|
||
|
|
proxyWebsockets = true;
|
||
|
|
recommendedProxySettings = true;
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
"git2.pvv.ntnu.no" = {
|
||
|
|
globalRedirect = "gitea.pvv.ntnu.no";
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
users.users.git = {
|
||
|
|
description = "Gitea service";
|
||
|
|
home = cfg.stateDir;
|
||
|
|
#useDefaultShell = true;
|
||
|
|
|
||
|
|
group = "gitea";
|
||
|
|
isSystemUser = true;
|
||
|
|
#uid = config.ids.uids.git;
|
||
|
|
packages = [ pkgs.gitea ];
|
||
|
|
};
|
||
|
|
|
||
|
|
}
|