rpqt/flocon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add gitea

Browse Source
This commit is contained in:
Romain Paquet
2025-07-17 23:46:40 +02:00
parent 79304f83c6
commit 93fe2bbf5a
4 changed files with 78 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
flake.nix
View File

@@ -20,6 +20,7 @@
./devShells/flake-module.nix ./devShells/flake-module.nix
./machines/flake-module.nix ./machines/flake-module.nix
./modules/flake-module.nix
]; ];
systems = [ systems = [

1
machines/crocus/configuration.nix
View File

@@ -13,6 +13,7 @@
../../modules/remote-builder.nix ../../modules/remote-builder.nix
../../modules/borgbackup.nix ../../modules/borgbackup.nix
./topology.nix ./topology.nix
self.nixosModules.gitea
]; ];
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";

7
modules/flake-module.nix Normal file
View File

@@ -0,0 +1,7 @@
{
flake.nixosModules = {
gitea.imports = [
./gitea.nix
];
};
}

69
modules/gitea.nix Normal file
View File

@@ -0,0 +1,69 @@
{ config, ... }:
{
services.gitea = {
enable = true;
lfs.enable = true;
settings = {
# storage = {
# };
server = {
ROOT_URL = "https://git.turifer.dev";
DOMAIN = "git.turifer.dev";
};
session.PROVIDER = "db";
session.COOKIE_SECURE = true;
service.DISABLE_REGISTRATION = true;
# Create a repository by pushing to it
repository.ENABLE_PUSH_CREATE_USER = true;
};
};
systemd.services.gitea.serviceConfig = {
EnvironmentFile = config.clan.core.vars.generators.gitea-s3-storage.files.gitea-env.path;
};
systemd.services.gitea.environment = {
GITEA__storage__STORAGE_TYPE = "minio";
GITEA__storage__MINIO_ENDPOINT = "localhost:3900";
GITEA__storage__MINIO_BUCKET = "gitea";
GITEA__storage__MINIO_LOCATION = "garage";
GITEA__storage__MINIO_USE_SSL = "false";
};
clan.core.vars.generators.gitea-s3-storage = {
prompts.access-key-id = {
description = "s3 access key id";
type = "line";
};
prompts.access-key-secret = {
description = "s3 access key secret";
type = "hidden";
};
files.gitea-env = {
secret = true;
};
script = ''
printf %s "GITEA__storage__MINIO_ACCESS_KEY_ID=" >> $out/gitea-env
cat $prompts/access-key-id >> $out/gitea-env
printf "\n%s" "GITEA__storage__MINIO_SECRET_ACCESS_KEY=" >> $out/gitea-env
cat $prompts/access-key-secret >> $out/gitea-env
'';
};
services.nginx.virtualHosts."git.turifer.dev" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:${builtins.toString (config.services.gitea.settings.server.HTTP_PORT)}";
};
};
security.acme.certs."git.turifer.dev" = {
email = "admin@turifer.dev";
};
}