nix-server/modules/gitea.nix

{ config, ... }:
{
  #imports = let
  #  # replace this with an actual commit id or tag
  #  commit = "298b235f664f925b433614dc33380f0662adfc3f";
  #in [ 
  #  "${builtins.fetchTarball {
  #    url = "https://github.com/Mic92/sops-nix/archive/${commit}.tar.gz";
  #    # replace this with an actual hash
  #    sha256 = "004949033dprls9qg849yks2rbjdlf5hr2v8pk890gyxaffj2m1c";
  #  }}/modules/sops"
  #];


  #sops.age.keyFile = "/secrets/age/keys.txt";

  services.nginx.clientMaxBodySize = "512m";
  services.nginx.virtualHosts."git.vitrial.xyz" = {
    enableACME = true;
    forceSSL = true;
    locations."/" = {
      proxyPass = "http://localhost:3000/";
    };
  };

  #sops.secrets."postgres/gitea_dbpass" = {
  #  sopsFile = ../.secrets/postgres.yaml; # bring your own password file
  #  owner = config.services.gitea.user;
  #};

  #services.gitea = {
  #  enable = true;
  #  appName = "My awesome Gitea server"; # Give the site a name
  #  database = {
  #    type = "postgres";
  #    passwordFile = config.sops.secrets."postgres/gitea_dbpass".path;
  #  };
  #  domain = "gitea.vitrial.xyz";
  #  rootUrl = "http://gitea.vitrial.xyz/";
  #  httpPort = 3001;
  #};
  #services.postgresql = {
  #  ensureDatabases = [ config.services.gitea.user ];
  #  ensureUsers = [
  #    {
  #      name = config.services.gitea.database.user;
  #      ensurePermissions."DATABASE ${config.services.gitea.database.name}" = "ALL PRIVILEGES";
  #    }
  #  ];
  #};
  services.gitea = {
    enable = true;
    lfs.enable = true;
    stateDir = "/mnt/gitea";
    useWizard = false; # broken
    group = "data";
    settings = {
      server = {
        HTTP_PORT = 3000;
        ROOT_URL = "http://git.vitrial.xyz:3000/";
        DOMAIN = "git.vitrial.xyz";
        SSH_DOMAIN = "git.vitrial.xyz";
      };
      service = {
        DISABLE_REGISTRATION = true;
      };
      actions = {
        ENABLED = true;
        MAX_SIZE = 65536;
      };
    };
  };
}
initial commit 2024-10-09 19:01:34 +00:00			`{ config, ... }:`
			`{`
			`#imports = let`
			`# # replace this with an actual commit id or tag`
			`# commit = "298b235f664f925b433614dc33380f0662adfc3f";`
			`#in [`
			`# "${builtins.fetchTarball {`
			`# url = "https://github.com/Mic92/sops-nix/archive/${commit}.tar.gz";`
			`# # replace this with an actual hash`
			`# sha256 = "004949033dprls9qg849yks2rbjdlf5hr2v8pk890gyxaffj2m1c";`
			`# }}/modules/sops"`
			`#];`


			`#sops.age.keyFile = "/secrets/age/keys.txt";`

			`services.nginx.clientMaxBodySize = "512m";`
			`services.nginx.virtualHosts."git.vitrial.xyz" = {`
			`enableACME = true;`
			`forceSSL = true;`
			`locations."/" = {`
			`proxyPass = "http://localhost:3000/";`
			`};`
			`};`

			`#sops.secrets."postgres/gitea_dbpass" = {`
			`# sopsFile = ../.secrets/postgres.yaml; # bring your own password file`
			`# owner = config.services.gitea.user;`
			`#};`

			`#services.gitea = {`
			`# enable = true;`
			`# appName = "My awesome Gitea server"; # Give the site a name`
			`# database = {`
			`# type = "postgres";`
			`# passwordFile = config.sops.secrets."postgres/gitea_dbpass".path;`
			`# };`
			`# domain = "gitea.vitrial.xyz";`
			`# rootUrl = "http://gitea.vitrial.xyz/";`
			`# httpPort = 3001;`
			`#};`
			`#services.postgresql = {`
			`# ensureDatabases = [ config.services.gitea.user ];`
			`# ensureUsers = [`
			`# {`
			`# name = config.services.gitea.database.user;`
			`# ensurePermissions."DATABASE ${config.services.gitea.database.name}" = "ALL PRIVILEGES";`
			`# }`
			`# ];`
			`#};`
			`services.gitea = {`
			`enable = true;`
			`lfs.enable = true;`
			`stateDir = "/mnt/gitea";`
			`useWizard = false; # broken`
			`group = "data";`
			`settings = {`
			`server = {`
			`HTTP_PORT = 3000;`
			`ROOT_URL = "http://git.vitrial.xyz:3000/";`
			`DOMAIN = "git.vitrial.xyz";`
			`SSH_DOMAIN = "git.vitrial.xyz";`
			`};`
			`service = {`
			`DISABLE_REGISTRATION = true;`
			`};`
			`actions = {`
			`ENABLED = true;`
			`MAX_SIZE = 65536;`
			`};`
			`};`
			`};`
			`}`