nixos-config/config/services/gitea.nix

91 lines
2.7 KiB
Nix
Raw Normal View History

2022-06-12 15:39:15 +00:00
{config, ...}: {
2022-02-18 13:17:35 +00:00
imports = [
../../modules/gitea.nix
2022-06-12 15:39:15 +00:00
(import ../../modules/gateway-st.nix {name = "gitea";})
2022-02-18 13:17:35 +00:00
];
2022-01-17 09:49:37 +00:00
services.gitea = {
enable = true;
appName = "Lotte's Git";
2022-01-17 09:53:15 +00:00
cookieSecure = true;
2022-01-17 09:49:37 +00:00
database = {
host = "localhost";
name = "gitea";
user = "gitea";
2022-01-17 10:36:05 +00:00
type = "postgres";
2022-01-17 09:49:37 +00:00
};
domain = "git.chir.rs";
httpAddress = "127.0.0.1";
lfs.enable = true;
rootUrl = "https://git.chir.rs/";
2022-01-30 13:09:25 +00:00
storageSecretFile = "/run/secrets/services/gitea";
2022-01-17 10:37:34 +00:00
settings = rec {
2022-01-17 09:49:37 +00:00
storage = {
STORAGE_TYPE = "minio";
2022-03-02 17:34:06 +00:00
MINIO_ENDPOINT = "localhost:7777";
2022-01-17 10:27:07 +00:00
MINIO_ACCESS_KEY_ID = "gitea";
2022-01-30 12:50:23 +00:00
MINIO_SECRET_ACCESS_KEY = "#storageSecret#";
2022-01-17 09:49:37 +00:00
MINIO_BUCKET = "gitea";
2022-03-02 17:34:06 +00:00
MINIO_USE_SSL = "false";
2022-01-17 09:49:37 +00:00
};
2022-01-17 12:48:48 +00:00
openid = {
ENABLE_OPENID_SIGNIN = true;
ENABLE_OPENID_SIGNUP = true;
};
cache = {
2022-01-17 12:50:25 +00:00
ENABLED = config.services.redis.servers.gitea.enable;
2022-01-17 12:48:48 +00:00
ADAPTER = "redis";
2022-01-17 12:51:14 +00:00
HOST = "redis://${config.services.redis.servers.gitea.bind}:${toString config.services.redis.servers.gitea.port}/0";
2022-01-17 12:48:48 +00:00
};
session = {
PROVIDER = "redis";
PROVIDER_CONFIG = "redis://${config.services.redis.servers.gitea.bind}:${toString config.services.redis.servers.gitea.port}/1";
};
metrics = {
ENABLED = true;
ENABLED_ISSUE_BY_LABEL = true;
ENABLED_ISSUE_BY_REPOSITORY = true;
};
queue = {
TYPE = "redis";
CONN_STRING = "redis://${config.services.redis.servers.gitea.bind}:${toString config.services.redis.servers.gitea.port}/2";
};
2022-06-26 06:59:19 +00:00
packages.ENABLED = true;
2022-07-02 18:34:25 +00:00
federation.ENABLED = true;
2022-07-04 09:17:48 +00:00
repository.signing = {
SIGNING_KEY = "823566455E49DDC6AE5813048CA13817A54AAB38";
SIGNING_NAME = "Gitea";
SIGNING_EMAIL = "gitea@chir.rs";
INITIAL_COMMIT = "always";
WIKI = "always";
CRUD_ACTIONS = "always";
MERGES = "always";
};
2022-01-17 09:49:37 +00:00
};
};
2022-01-17 09:53:15 +00:00
services.nginx.virtualHosts."git.chir.rs" = {
sslCertificate = "/var/lib/acme/chir.rs/cert.pem";
sslCertificateKey = "/var/lib/acme/chir.rs/key.pem";
locations."/" = {
proxyPass = "http://${config.services.gitea.httpAddress}:${toString config.services.gitea.httpPort}/";
proxyWebsockets = true;
};
};
2022-06-12 15:39:15 +00:00
services.postgresql.ensureDatabases = ["gitea"];
services.postgresql.ensureUsers = [
{
name = "gitea";
ensurePermissions = {"DATABASE gitea" = "ALL PRIVILEGES";};
}
];
2022-01-17 09:49:37 +00:00
2022-01-17 12:50:25 +00:00
services.redis.servers.gitea = {
2022-01-17 12:48:48 +00:00
enable = true;
bind = "127.0.0.1";
databases = 3;
2022-01-23 09:55:17 +00:00
port = 6379;
2022-01-17 12:48:48 +00:00
};
2022-06-12 15:39:15 +00:00
sops.secrets."services/gitea" = {owner = "gitea";};
2022-01-17 09:49:37 +00:00
}