lgmrszd/nix-cfg
1
0
Fork 0
mirror of https://git.lgmrszd.xyz/Lgmrszd/nix-cfg.git synced 2024-11-10 13:58:25 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
nix-cfg/hosts/vps1/services/git.nix

79 lines
1.9 KiB
Nix
Raw Blame History

# Big thanks to Pyrox for their config! https://git.pyrox.dev/pyrox/nix/src/branch/main/hosts/marvin/services/git.nix
{ lib, pkgs, config, ... }:
let
rootDomain = "lgmrszd.xyz";
domain = "git.${rootDomain}";
cfg = config.services.forgejo;
srv = cfg.settings.server;
stateDir = "/var/lib/forgejo";
customDir = "${stateDir}/custom";
confDir = "${customDir}/conf";
in
{
services.nginx.virtualHosts.${domain} = {
forceSSL = true;
useACMEHost = "${rootDomain}";
extraConfig = ''
client_max_body_size 512M;
'';
locations."/" = {
proxyPass = "http://127.0.0.1:${toString srv.HTTP_PORT}";
recommendedProxySettings = true;
};
};
services.forgejo = {
enable = true;
inherit stateDir;
inherit customDir;
database = {
type = "postgres";
createDatabase = true;
passwordFile = config.sops.secrets."forgejo/db_password".path;
};
settings = {
server = {
DOMAIN = domain;
ROOT_URL = "https://${srv.DOMAIN}/";
HTTP_ADDR = "127.0.0.1";
HTTP_PORT = 3001;
};
DEFAULT = {
APP_NAME = "Lgmrszd's git";
};
service = {
DISABLE_REGISTRATION = false;
ALLOW_ONLY_INTERNAL_REGISTRATION = false;
ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
SHOW_REGISTRATION_BUTTON = false;
REGISTER_EMAIL_CONFIRM = false;
DEFAULT_KEEP_EMAIL_PRIVATE = true;
DEFAULT_ALLOW_CREATE_ORGANIZATION = false;
};
repository = {
MAX_CREATION_LIMIT = 0;
ALLOW_FORK_WITHOUT_MAXIMUM_LIMIT = false;
};
"ui.meta" = {
AUTHOR = "Lgmrszd";
DESCRIPTION = "Lgmrszd's forgejo instance";
};
actions = {
ENABLED = false;
};
mailer = {
ENABLED = false;
};
};
};
sops.secrets."forgejo/db_password" = {
sopsFile = ../secrets/forgejo.yaml;
format = "yaml";
owner = "forgejo";
group = "forgejo";
};
}
Reference in a new issue View git blame Copy permalink