66 lines
1.4 KiB
Nix
66 lines
1.4 KiB
Nix
{ config, ... }:
|
|
{
|
|
services.forgejo = {
|
|
enable = true;
|
|
lfs.enable = true;
|
|
user = "git";
|
|
group = "git";
|
|
database = {
|
|
type = "postgres";
|
|
user = "git";
|
|
name = "git";
|
|
};
|
|
dump.enable = false;
|
|
settings = {
|
|
DEFAULT = {
|
|
APP_NAME = "rebmit's forge";
|
|
};
|
|
server = {
|
|
DOMAIN = "git.rebmit.moe";
|
|
HTTP_ADDR = "127.0.0.1";
|
|
HTTP_PORT = config.networking.ports.forgejo;
|
|
ROOT_URL = "https://git.rebmit.moe";
|
|
SSH_PORT = config.networking.ports.ssh;
|
|
};
|
|
service = {
|
|
DISABLE_REGISTRATION = true;
|
|
};
|
|
session = {
|
|
COOKIE_SECURE = true;
|
|
};
|
|
oauth2_client = {
|
|
ENABLE_AUTO_REGISTRATION = true;
|
|
USERNAME = "userid";
|
|
};
|
|
};
|
|
};
|
|
|
|
users.users.git = {
|
|
home = config.services.forgejo.stateDir;
|
|
useDefaultShell = true;
|
|
group = "git";
|
|
isSystemUser = true;
|
|
};
|
|
|
|
users.groups.git = { };
|
|
|
|
services.caddy.virtualHosts."git.rebmit.moe" = {
|
|
extraConfig = with config.services.forgejo.settings.server; ''
|
|
reverse_proxy ${HTTP_ADDR}:${toString HTTP_PORT}
|
|
'';
|
|
};
|
|
|
|
preservation.preserveAt."/persist".directories = [
|
|
{
|
|
directory = config.services.forgejo.stateDir;
|
|
mode = "-";
|
|
user = "-";
|
|
group = "-";
|
|
}
|
|
];
|
|
|
|
services.restic.backups.b2.paths = [
|
|
"/persist${config.services.forgejo.stateDir}"
|
|
];
|
|
}
|