histausse/nixos-modules
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

update gitea config

Browse source
This commit is contained in:
Histausse 2023-04-19 23:24:14 +02:00
parent bdca8e626c
commit 8024b96c3c
2 changed files with 34 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
base.nix
View file

@ -18,7 +18,7 @@ in {
type = types.str;
example = "example@example.com";
description = "Email of the admin, use for ACME and stuff";
}
};
};
config = {
swapDevices = [

35
pp-gitea.nix
View file

@ -25,6 +25,11 @@ in
};
description= "The package for custom configs like theme.";
};
dbPasswordFile = mkOption {
type = types.str;
default = "/etc/gitea_db_pwd";
description = "The file containing the database password. Be sure to secure it.";
};
};
config = {
@ -38,8 +43,7 @@ in
services.gitea.lfs.enable = true;
services.gitea.domain = cfg.domain;
# services.gitea.database.type = "postgres"; # Default is sqlite3, probably better for a small instance
services.gitea.database.passwordFile = "/var/lib/gitea/gitea-dbpassword";
networking.firewall.allowedTCPPorts = [ 3000 ];
services.gitea.database.passwordFile = cfg.dbPasswordFile;
environment.systemPackages = with pkgs; [
gitea
];
@ -57,5 +61,32 @@ in
DESCRIPTION = "Code everywhere";
};
};
# NGINX
security.acme.acceptTerms = true;
security.acme.defaults.email = cfgBase.admin_email;
services.nginx = {
enable = true;
virtualHosts = {
"${cfg.domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:3000";
extraConfig = ''
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_pass_request_headers on;
'';
};
};
};
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
};
}