2022-06-12 15:39:15 +00:00
|
|
|
{config, ...}: {
|
2022-02-18 13:17:35 +00:00
|
|
|
imports = [
|
|
|
|
../../modules/gitea.nix
|
2022-06-12 15:39:15 +00:00
|
|
|
(import ../../modules/gateway-st.nix {name = "gitea";})
|
2022-02-18 13:17:35 +00:00
|
|
|
];
|
2022-01-17 09:49:37 +00:00
|
|
|
services.gitea = {
|
|
|
|
enable = true;
|
|
|
|
appName = "Lotte's Git";
|
2022-01-17 09:53:15 +00:00
|
|
|
cookieSecure = true;
|
2022-01-17 09:49:37 +00:00
|
|
|
database = {
|
|
|
|
host = "localhost";
|
|
|
|
name = "gitea";
|
|
|
|
user = "gitea";
|
2022-01-17 10:36:05 +00:00
|
|
|
type = "postgres";
|
2022-01-17 09:49:37 +00:00
|
|
|
};
|
|
|
|
domain = "git.chir.rs";
|
|
|
|
httpAddress = "127.0.0.1";
|
|
|
|
lfs.enable = true;
|
|
|
|
rootUrl = "https://git.chir.rs/";
|
2022-01-30 13:09:25 +00:00
|
|
|
storageSecretFile = "/run/secrets/services/gitea";
|
2022-01-17 10:37:34 +00:00
|
|
|
settings = rec {
|
2022-01-17 09:49:37 +00:00
|
|
|
storage = {
|
|
|
|
STORAGE_TYPE = "minio";
|
2022-03-02 17:34:06 +00:00
|
|
|
MINIO_ENDPOINT = "localhost:7777";
|
2022-01-17 10:27:07 +00:00
|
|
|
MINIO_ACCESS_KEY_ID = "gitea";
|
2022-01-30 12:50:23 +00:00
|
|
|
MINIO_SECRET_ACCESS_KEY = "#storageSecret#";
|
2022-01-17 09:49:37 +00:00
|
|
|
MINIO_BUCKET = "gitea";
|
2022-03-02 17:34:06 +00:00
|
|
|
MINIO_USE_SSL = "false";
|
2022-01-17 09:49:37 +00:00
|
|
|
};
|
2022-01-17 12:48:48 +00:00
|
|
|
openid = {
|
|
|
|
ENABLE_OPENID_SIGNIN = true;
|
|
|
|
ENABLE_OPENID_SIGNUP = true;
|
|
|
|
};
|
|
|
|
cache = {
|
2022-01-17 12:50:25 +00:00
|
|
|
ENABLED = config.services.redis.servers.gitea.enable;
|
2022-01-17 12:48:48 +00:00
|
|
|
ADAPTER = "redis";
|
2022-01-17 12:51:14 +00:00
|
|
|
HOST = "redis://${config.services.redis.servers.gitea.bind}:${toString config.services.redis.servers.gitea.port}/0";
|
2022-01-17 12:48:48 +00:00
|
|
|
};
|
2022-01-17 13:31:32 +00:00
|
|
|
session = {
|
|
|
|
PROVIDER = "redis";
|
|
|
|
PROVIDER_CONFIG = "redis://${config.services.redis.servers.gitea.bind}:${toString config.services.redis.servers.gitea.port}/1";
|
|
|
|
};
|
|
|
|
metrics = {
|
|
|
|
ENABLED = true;
|
|
|
|
ENABLED_ISSUE_BY_LABEL = true;
|
|
|
|
ENABLED_ISSUE_BY_REPOSITORY = true;
|
|
|
|
};
|
|
|
|
queue = {
|
|
|
|
TYPE = "redis";
|
|
|
|
CONN_STRING = "redis://${config.services.redis.servers.gitea.bind}:${toString config.services.redis.servers.gitea.port}/2";
|
|
|
|
};
|
2022-06-26 06:59:19 +00:00
|
|
|
packages.ENABLED = true;
|
2022-07-02 18:34:25 +00:00
|
|
|
federation.ENABLED = true;
|
2022-07-04 09:17:48 +00:00
|
|
|
repository.signing = {
|
|
|
|
SIGNING_KEY = "823566455E49DDC6AE5813048CA13817A54AAB38";
|
|
|
|
SIGNING_NAME = "Gitea";
|
|
|
|
SIGNING_EMAIL = "gitea@chir.rs";
|
|
|
|
INITIAL_COMMIT = "always";
|
|
|
|
WIKI = "always";
|
|
|
|
CRUD_ACTIONS = "always";
|
|
|
|
MERGES = "always";
|
|
|
|
};
|
2022-01-17 09:49:37 +00:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2022-01-17 09:53:15 +00:00
|
|
|
services.nginx.virtualHosts."git.chir.rs" = {
|
|
|
|
sslCertificate = "/var/lib/acme/chir.rs/cert.pem";
|
|
|
|
sslCertificateKey = "/var/lib/acme/chir.rs/key.pem";
|
|
|
|
locations."/" = {
|
|
|
|
proxyPass = "http://${config.services.gitea.httpAddress}:${toString config.services.gitea.httpPort}/";
|
|
|
|
proxyWebsockets = true;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2022-06-12 15:39:15 +00:00
|
|
|
services.postgresql.ensureDatabases = ["gitea"];
|
|
|
|
services.postgresql.ensureUsers = [
|
|
|
|
{
|
|
|
|
name = "gitea";
|
|
|
|
ensurePermissions = {"DATABASE gitea" = "ALL PRIVILEGES";};
|
|
|
|
}
|
|
|
|
];
|
2022-01-17 09:49:37 +00:00
|
|
|
|
2022-01-17 12:50:25 +00:00
|
|
|
services.redis.servers.gitea = {
|
2022-01-17 12:48:48 +00:00
|
|
|
enable = true;
|
|
|
|
bind = "127.0.0.1";
|
2022-01-17 13:31:32 +00:00
|
|
|
databases = 3;
|
2022-01-23 09:55:17 +00:00
|
|
|
port = 6379;
|
2022-01-17 12:48:48 +00:00
|
|
|
};
|
2022-06-12 15:39:15 +00:00
|
|
|
sops.secrets."services/gitea" = {owner = "gitea";};
|
2022-01-17 09:49:37 +00:00
|
|
|
}
|