gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 20:39:18 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions
infrastructure/config/services/gitea/default.nix
kat witch 2a5ec2e0b4
Refactors for usability 
Using ./home.nix and ./nixos.nix as entrypoints for hosts.
Using hardware profiles.
Using new entrypoints (profiles/base/profiles.nix + profiles/base/home.nix).
New modules (for DNS handling, for themeing, ...).
Split up deploy-tf.nix into several modules.
Renamed common profile to base profile.
2021-08-05 03:21:21 +01:00

75 lines
1.9 KiB
Nix
Raw Blame History

{ config, pkgs, tf, ... }:
{
services.postgresql = {
enable = true;
ensureDatabases = [ "gitea" ];
ensureUsers = [{
name = "gitea";
ensurePermissions."DATABASE gitea" = "ALL PRIVILEGES";
}];
};
deploy.tf.variables.gitea_mail = {
type = "string";
value.shellCommand = "bitw get infra/gitea-mail -f password";
};
secrets.files.gitea_mail = {
text = ''
${tf.variables.gitea_mail.ref};
'';
owner = "gitea";
group = "gitea";
};
services.gitea = {
enable = true;
disableRegistration = true;
domain = "git.${config.kw.dns.domain}";
rootUrl = "https://git.${config.kw.dns.domain}";
httpAddress = "127.0.0.1";
appName = "kittywitch git";
ssh = { clonePort = 62954; };
database = {
type = "postgres";
name = "gitea";
user = "gitea";
};
settings = {
mailerPasswordFile = config.secrets.files.gitea_mail.path;
security = { DISABLE_GIT_HOOKS = false; };
api = { ENABLE_SWAGGER = true; };
mailer = {
ENABLED = true;
SUBJECT = "%(APP_NAME)s";
HOST = "kittywit.ch:465";
SEND_AS_PLAIN_TEXT = true;
USE_SENDMAIL = false;
FROM = "\"kittywitch git\" <gitea@${config.kw.dns.domain}>";
};
ui = {
THEMES = "gitea,arc-green";
DEFAULT_THEME = "gitea";
THEME_COLOR_META_TAG = "#222222";
};
};
};
systemd.services.gitea.preStart = ''
${pkgs.coreutils}/bin/ln -sfT ${./public} /var/lib/gitea/custom/public
${pkgs.coreutils}/bin/ln -sfT ${./templates} /var/lib/gitea/custom/templates
'';
services.nginx.virtualHosts."git.${config.kw.dns.domain}" = {
enableACME = true;
forceSSL = true;
locations = { "/".proxyPass = "http://127.0.0.1:3000"; };
};
deploy.tf.dns.records.kittywitch_git = {
tld = config.kw.dns.tld;
domain = "git";
cname.target = "${config.networking.hostName}.${config.kw.dns.tld}";
};
}
Reference in a new issue View git blame Copy permalink