update gitea config
This commit is contained in:
parent
bdca8e626c
commit
a36838a657
5
base.nix
5
base.nix
|
|
@ -18,7 +18,7 @@ in {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
example = "example@example.com";
|
example = "example@example.com";
|
||||||
description = "Email of the admin, use for ACME and stuff";
|
description = "Email of the admin, use for ACME and stuff";
|
||||||
}
|
};
|
||||||
};
|
};
|
||||||
config = {
|
config = {
|
||||||
swapDevices = [
|
swapDevices = [
|
||||||
|
|
@ -32,6 +32,9 @@ in {
|
||||||
boot.kernelParams = [ "console=tty0" "console=ttyS0,115200"];
|
boot.kernelParams = [ "console=tty0" "console=ttyS0,115200"];
|
||||||
services.qemuGuest.enable = true;
|
services.qemuGuest.enable = true;
|
||||||
|
|
||||||
|
system.autoUpgrade.enable = true;
|
||||||
|
system.autoUpgrade.allowReboot = true;
|
||||||
|
|
||||||
networking.hostName = "${cfg.name}";
|
networking.hostName = "${cfg.name}";
|
||||||
|
|
||||||
time.timeZone = "Europe/Paris";
|
time.timeZone = "Europe/Paris";
|
||||||
|
|
|
||||||
43
pp-gitea.nix
43
pp-gitea.nix
|
|
@ -25,6 +25,11 @@ in
|
||||||
};
|
};
|
||||||
description= "The package for custom configs like theme.";
|
description= "The package for custom configs like theme.";
|
||||||
};
|
};
|
||||||
|
dbPasswordFile = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "/etc/gitea_db_pwd";
|
||||||
|
description = "The file containing the database password. Be sure to secure it.";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
|
|
@ -38,8 +43,15 @@ in
|
||||||
services.gitea.lfs.enable = true;
|
services.gitea.lfs.enable = true;
|
||||||
services.gitea.domain = cfg.domain;
|
services.gitea.domain = cfg.domain;
|
||||||
# services.gitea.database.type = "postgres"; # Default is sqlite3, probably better for a small instance
|
# services.gitea.database.type = "postgres"; # Default is sqlite3, probably better for a small instance
|
||||||
services.gitea.database.passwordFile = "/var/lib/gitea/gitea-dbpassword";
|
services.gitea.database.passwordFile = cfg.dbPasswordFile;
|
||||||
networking.firewall.allowedTCPPorts = [ 3000 ];
|
# Set the permittions for the db file
|
||||||
|
system.activationScripts = {
|
||||||
|
giteaDbFilePermission.text =
|
||||||
|
''
|
||||||
|
chmod 400 ${cfg.dbPasswordFile}
|
||||||
|
chown ${config.services.gitea.user} ${cfg.dbPasswordFile}
|
||||||
|
'';
|
||||||
|
};
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
gitea
|
gitea
|
||||||
];
|
];
|
||||||
|
|
@ -57,5 +69,32 @@ in
|
||||||
DESCRIPTION = "Code everywhere";
|
DESCRIPTION = "Code everywhere";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
# NGINX
|
||||||
|
security.acme.acceptTerms = true;
|
||||||
|
security.acme.defaults.email = cfgBase.admin_email;
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts = {
|
||||||
|
"${cfg.domain}" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:3000";
|
||||||
|
extraConfig = ''
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header X-Forwarded-Server $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_pass_request_headers on;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue