fix openid config for gitea
This commit is contained in:
parent
251e32c76e
commit
d336ea124e
15
pp-gitea.nix
15
pp-gitea.nix
|
@ -44,9 +44,12 @@ in
|
|||
services.gitea.enable = true;
|
||||
services.gitea.rootUrl = "https://${cfg.domain}/";
|
||||
services.gitea.settings.session.COOKIE_SECURE = lib.mkForce true; # Why do I need to override this???
|
||||
|
||||
# If true, openid users cannot create new account
|
||||
#services.gitea.settings.service.DISABLE_REGISTRATION = lib.mkForce (!cfg.openIdEnable);
|
||||
#services.gitea.settings.service.ALLOW_ONLY_EXTERNAL_REGISTRATION = cfg.openIdEnable;
|
||||
#services.gitea.settings."openid".ENABLE_OPENID_SIGNUP = cfg.openIdEnable;
|
||||
services.gitea.settings.service.DISABLE_REGISTRATION = lib.mkForce false;
|
||||
services.gitea.settings.service.ALLOW_ONLY_EXTERNAL_REGISTRATION = cfg.openIdEnable;
|
||||
|
||||
services.gitea.lfs.enable = true;
|
||||
services.gitea.domain = cfg.domain;
|
||||
# services.gitea.database.type = "postgres"; # Default is sqlite3, probably better for a small instance
|
||||
|
@ -83,7 +86,7 @@ in
|
|||
security.acme.defaults.email = cfgBase.adminEmail;
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts = lib.mkMerge {
|
||||
virtualHosts = {
|
||||
"${cfg.domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
|
@ -99,9 +102,9 @@ in
|
|||
proxy_pass_request_headers on;
|
||||
'';
|
||||
};
|
||||
# locations."/user/login" = lib.mkIf (cfg.openIdEnable) {
|
||||
# globalRedirect = "$host/${cfg.openIdClientName}";
|
||||
# };
|
||||
locations."/user/login" = lib.mkIf (cfg.openIdEnable) {
|
||||
return = "301 https://$host/user/oauth2/${cfg.openIdClientName}";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue