fix openid config for gitea

This commit is contained in:
Histausse 2023-04-26 22:08:43 +02:00
parent 251e32c76e
commit d336ea124e

View file

@ -44,9 +44,12 @@ in
services.gitea.enable = true; services.gitea.enable = true;
services.gitea.rootUrl = "https://${cfg.domain}/"; services.gitea.rootUrl = "https://${cfg.domain}/";
services.gitea.settings.session.COOKIE_SECURE = lib.mkForce true; # Why do I need to override this??? services.gitea.settings.session.COOKIE_SECURE = lib.mkForce true; # Why do I need to override this???
# If true, openid users cannot create new account
#services.gitea.settings.service.DISABLE_REGISTRATION = lib.mkForce (!cfg.openIdEnable); #services.gitea.settings.service.DISABLE_REGISTRATION = lib.mkForce (!cfg.openIdEnable);
#services.gitea.settings.service.ALLOW_ONLY_EXTERNAL_REGISTRATION = cfg.openIdEnable; services.gitea.settings.service.DISABLE_REGISTRATION = lib.mkForce false;
#services.gitea.settings."openid".ENABLE_OPENID_SIGNUP = cfg.openIdEnable; services.gitea.settings.service.ALLOW_ONLY_EXTERNAL_REGISTRATION = cfg.openIdEnable;
services.gitea.lfs.enable = true; services.gitea.lfs.enable = true;
services.gitea.domain = cfg.domain; services.gitea.domain = cfg.domain;
# services.gitea.database.type = "postgres"; # Default is sqlite3, probably better for a small instance # services.gitea.database.type = "postgres"; # Default is sqlite3, probably better for a small instance
@ -83,7 +86,7 @@ in
security.acme.defaults.email = cfgBase.adminEmail; security.acme.defaults.email = cfgBase.adminEmail;
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts = lib.mkMerge { virtualHosts = {
"${cfg.domain}" = { "${cfg.domain}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
@ -99,9 +102,9 @@ in
proxy_pass_request_headers on; proxy_pass_request_headers on;
''; '';
}; };
# locations."/user/login" = lib.mkIf (cfg.openIdEnable) { locations."/user/login" = lib.mkIf (cfg.openIdEnable) {
# globalRedirect = "$host/${cfg.openIdClientName}"; return = "301 https://$host/user/oauth2/${cfg.openIdClientName}";
# }; };
}; };
}; };
}; };