Swtich to forgejo #209

Merged
DarkKirb merged 2 commits from use-forgejo into main 2023-03-25 19:57:13 +00:00
4 changed files with 8 additions and 93 deletions

View file

@ -5,9 +5,9 @@
}: {
imports = [
../../modules/gitea.nix
(import ../../modules/gateway-st.nix {name = "gitea";})
];
services.gitea = {
package = pkgs.forgejo;
enable = true;
appName = "Lotte's Git";
cookieSecure = true;
@ -25,11 +25,11 @@
settings = rec {
storage = {
STORAGE_TYPE = "minio";
MINIO_ENDPOINT = "localhost:7777";
MINIO_ACCESS_KEY_ID = "gitea";
MINIO_ENDPOINT = "s3.us-west-000.backblazeb2.com";
MINIO_ACCESS_KEY_ID = "000decd694f9e7d0000000020";
MINIO_SECRET_ACCESS_KEY = "#storageSecret#";
MINIO_BUCKET = "gitea";
MINIO_USE_SSL = "false";
MINIO_BUCKET = "git-chir-rs";
MINIO_USE_SSL = "true";
};
openid = {
ENABLE_OPENID_SIGNIN = true;

View file

@ -1,62 +0,0 @@
{
name,
port ? 7777,
}: {
config,
lib,
options,
pkgs,
...
}:
with lib; let
gateway = pkgs.callPackage ../packages/gateway-st.nix {};
in {
systemd.services."storj-gateway@${name}" = {
description = "storj gateway ${name}";
after = ["network.target"];
wantedBy = ["multi-user.target"];
preStart = ''
cd $HOME
mkdir -p ${name}
echo -n "access: " > ${name}/config.yaml
cat /run/secrets/services/storj/${name}/accessGrant >> ${name}/config.yaml
echo "" >> ${name}/config.yaml
echo -n "minio.access-key: " >> ${name}/config.yaml
cat /run/secrets/services/storj/${name}/accessKey >> ${name}/config.yaml
echo "" >> ${name}/config.yaml
echo -n "minio.secret-key: " >> ${name}/config.yaml
cat /run/secrets/services/storj/${name}/secretKey >> ${name}/config.yaml
echo "" >> ${name}/config.yaml
'';
serviceConfig = {
Type = "simple";
User = "storj";
Group = "storj";
WorkingDirectory = "/var/lib/storj";
ExecStart = "${gateway}/bin/gateway run --config-dir /var/lib/storj/${name} --server.address 127.0.0.1:${builtins.toString port}";
Restart = "always";
RuntimeDirectory = "storj";
RuntimeDirectoryMode = "0700";
Umask = "0077";
ReadWritePaths = ["/var/lib/storj"]; # Grant access to the state directory
};
environment = {
USER = "storj";
HOME = "/var/lib/storj";
};
};
users.users.storj = {
description = "storj user";
home = "/var/lib/storj";
useDefaultShell = true;
group = "storj";
isSystemUser = true;
};
users.groups.storj = {};
systemd.tmpfiles.rules = [
"d '/var/lib/storj' 0700 storj storj - -"
];
sops.secrets."services/storj/${name}/accessGrant".owner = "storj";
sops.secrets."services/storj/${name}/accessKey".owner = "storj";
sops.secrets."services/storj/${name}/secretKey".owner = "storj";
}

View file

@ -1,18 +0,0 @@
{
lib,
buildGoModule,
fetchFromGitHub,
}:
buildGoModule rec {
pname = "gateway-st";
version = "1.6.1";
src = fetchFromGitHub {
owner = "storj";
repo = pname;
rev = "v${version}";
sha256 = "0v5gh03xaqld4l017fgzp46zi0r31az6cvk7war1brl2ir33nw47";
};
subPackages = ["."];
vendorSha256 = "sha256-4cqNhQK/I3oRXYuF08bTU31SFkS8Mj6MPA7W6MIaxh8=";
doCheck = false;
}

View file

@ -29,12 +29,7 @@ services:
password: ENC[AES256_GCM,data:oBeyAHCCYeg/QsyxtB0tUmvzd5kfglY7wp56kdav5SYbwTxLdOCXegJouqPIR7Sm6viz2INDXsHlZW20Hkkkhw==,iv:8UmczITg+HY0inR+4FUh9RG4vJO/MspY+hBXRY3UNm8=,tag:4N7nZSKsEblVluTA/19OHA==,type:str]
hydra:
gitea_token: ENC[AES256_GCM,data:NkEXwLbofK2QnWrUuxY5QvUkYPWzY7Brsgl9FvV5Me0J5mWuHUc0Dg==,iv:UhA4JUKV/+D5lOTAx3fC+rsr61lYQJRioSyKQ3s1e0Y=,tag:E/HB2S90o7dLmeWBLsOP9w==,type:str]
gitea: ENC[AES256_GCM,data:q6VUUg/4iGXhVndIagVxROt7jA==,iv:YrkmtANgN21U/NII+oxrNtA9lr+ns5rTGRQBk3BYAbM=,tag:EzS3IHt+MB7flL+3ip2A9g==,type:str]
storj:
gitea:
accessGrant: ENC[AES256_GCM,data:iA3kg6wxgoR6Q8mtHq8Up9RH5at+Md+h0jdKvWnB+RwX9aJut+kfguQb8BFmKVN5+WL9BfCGzj+p3dgeFe9OvUcgAsVwlgEKU0nNIDOo80AIf9d6MWwt0aaLYdqX+4VB0O2XWABY24qFna1vPobfx6gWezbnnVcgoXUUaH0xNHblQn4N3RB/bzu8GtwkCJ9g6pIWkaeb3Zl0v84Kt3W3kY6A7sIsh/uIJpMKYgn1+Xz3GokQqecz5H4qFBBNwPIqLek+S6vLzjzIvLcKrylG8s1sCZ7G38XciysKt5vFi7VvDDQ612WH/Im7q1GCmyqTDjn4hND8d6/4uurtxhdlgA/pyQ3yc10murMiCnMcxCtwo2sWtsxPNOGySR2xeutqiag7lqT/K2g=,iv:eonpaegpJfgNLBh5+//fw/A7oYgIBcZHhPEtmU0w3ic=,tag:BhAQzJPAN7J9C831dBMGNw==,type:str]
accessKey: ENC[AES256_GCM,data:GqA0EaM=,iv:IgnM9QqHovjnmtpIn2Qoli8AR91K9YPRN9DlmZKZ9bU=,tag:538oAZat3xdYyYNzD40kow==,type:str]
secretKey: ENC[AES256_GCM,data:DnbbiP6AtpSBfAV8tsmAVeYEhw==,iv:mK/636oPZLEMoNZP1gWZJ/ADjkH8RLN93ear2ACLk8o=,tag:c5mSYyKb0vriTyHrEQC8ZQ==,type:str]
gitea: ENC[AES256_GCM,data:4lwnfAuAn8qa+3oNKaFkOX8rQINvYW2/p+5Cd1c3FQ==,iv:KeW/72JZ9Ar5KIzH87S5LBd6RjHGK6O3SwVibCJ1mn8=,tag:Fapbl3LmJ+H5TjZTapFIQQ==,type:str]
old-homepage: ENC[AES256_GCM,data:MYpqkUkk6y+OhaZu2VsmWocGIsTqxZN1fCk6viNYJSAdGTikK+XtBMj8KrWSwA/8wfcWth20goLvOwQuCJiSxdl86sdsUbc18/NqK52B6LS6h+Pw3GNsyAQUu+oaxfL7FtHRvViiSS8LVulKeSjL7osUPlrJVqEZfqOX4bNkPxiamOvZko1uHC+iWGY68BnAHQoEbdVNhNEUQqm2A8/vidNU4Z9VrmPXmr8nr/c+Ut+aF0iPZJGqSoxWS8+zFU6ubv/W2rA18wi8hOYPpV0=,iv:U245wbKo9e4AAGS6khhEV9lDB6y0ukAUtLMnihHC9T0=,tag:xqvUnSHuI7XeRkk4NtZZyQ==,type:str]
postfixadmin:
dbpassword: ENC[AES256_GCM,data:/gpfZxD2zcEUBr2VTgtkvSBSDw==,iv:HZ5Yra+T4Z0nviBwfCnVmjPorFcoGp2Z2SSrG6BzIvo=,tag:fbNw1AQ2zJWJocumT/Zjbg==,type:str]
@ -92,8 +87,8 @@ sops:
UDRmejBFNTVxeTF6aVFta09OS25uNXcKizOsV9EUukinCAwvpZVrk9x0aXTKQckd
gGfdCEU0HZXhZg+ikDFzy52+vPo8+gInjscXiXr/gGn6dJoctLqQXA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-02-18T08:54:32Z"
mac: ENC[AES256_GCM,data:gnKHNpR4mdkHvixhyb6djjlpapvsX0+9Lt2xn1W65kbz0UCioql0C3yqEjdzVkIFIENjmHE/Ua+jjTpCeDor5KMEF/mksBdNQDr6S6npdw6M2N5YBBLCqlqyr8fKKmNDwIyC8SrlYyMbOpHSiKXsLLI/OI27JHbm4MlbQCB5w5o=,iv:cTEFLTfJw3ugo0FWnFGLGoVnihXT4lMaFAiRXK1PdYo=,tag:ttPp62hcyAj0fq80GvN/rA==,type:str]
lastmodified: "2023-03-25T19:34:07Z"
mac: ENC[AES256_GCM,data:LygAZldFTh49Oj/uZ85cuyis/ctE4octX1dNYAdEdQjfFzRBAN9K5HdWby1NVigBaTiqkmTXNv6ohCpEhkDp6C9dAfZenqDu/s2iR6aGdwQT0uscfI9p6u19yNCVZDo6vpGRO5a7oQuyeasG30HlEHko8AEXIioqPcY3FrjV0W4=,iv:9TAIeHizW1TFGdNXbvbQ8eRJ+uHcsC8CLTsvtpyHOtk=,tag:901jQ7YEp1bLUhaA0zaO3g==,type:str]
pgp:
- created_at: "2023-02-18T08:54:32Z"
enc: |