rpqt/flocon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add forgejo

Browse Source
This commit is contained in:
Romain Paquet
2026-01-27 14:36:11 +01:00
parent d0c9fdb625
commit fc81d4ffc9
4 changed files with 95 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
infra/web.nix
View File

@@ -51,6 +51,20 @@
records = [ { value = infra.machines.verbena.ipv6; } ]; records = [ { value = infra.machines.verbena.ipv6; } ];
}; };
git_rpqt_fr_a = {
zone = config.resource.hcloud_zone.rpqt_fr "name";
name = "git";
type = "A";
records = [ { value = infra.machines.verbena.ipv4; } ];
};
git_rpqt_fr_aaaa = {
zone = config.resource.hcloud_zone.rpqt_fr "name";
name = "git";
type = "AAAA";
records = [ { value = infra.machines.verbena.ipv6; } ];
};
buildbot_turifer_dev_a = { buildbot_turifer_dev_a = {
zone = config.resource.hcloud_zone.turifer_dev "name"; zone = config.resource.hcloud_zone.turifer_dev "name";
name = "buildbot"; name = "buildbot";

5
machines/genepi/glance-config.nix
View File

@@ -65,6 +65,11 @@
url = "https://git.turifer.dev"; url = "https://git.turifer.dev";
icon = "sh:gitea"; icon = "sh:gitea";
} }
{
title = "Forgejo";
url = "https://git.rpqt.fr";
icon = "sh:forgejo";
}
{ {
title = "Pinchflat"; title = "Pinchflat";
url = "https://pinchflat.${tld}"; url = "https://pinchflat.${tld}";

1
machines/verbena/configuration.nix
View File

@@ -4,6 +4,7 @@
self.nixosModules.nix-defaults self.nixosModules.nix-defaults
self.nixosModules.nextcloud self.nixosModules.nextcloud
self.nixosModules.gitea self.nixosModules.gitea
self.nixosModules.forgejo
self.nixosModules.vaultwarden self.nixosModules.vaultwarden
self.inputs.srvos.nixosModules.server self.inputs.srvos.nixosModules.server

75
modules/forgejo.nix Normal file
View File

@@ -0,0 +1,75 @@
{ config, lib, ... }:
let
cfg = config.services.forgejo;
in
{
services.forgejo = {
enable = true;
lfs.enable = true;
settings = {
# storage = {
# };
server = {
ROOT_URL = "https://${cfg.settings.server.DOMAIN}";
DOMAIN = "git.rpqt.fr";
HTTP_PORT = 3001;
};
session.PROVIDER = "db";
session.COOKIE_SECURE = true;
service.DISABLE_REGISTRATION = true;
# Create a repository by pushing to it
repository.ENABLE_PUSH_CREATE_USER = true;
};
};
systemd.services.forgejo.environment = {
FORGEJO__storage__STORAGE_TYPE = "minio";
FORGEJO__storage__MINIO_ENDPOINT = "localhost:3900";
FORGEJO__storage__MINIO_BUCKET = "forgejo";
FORGEJO__storage__MINIO_LOCATION = "garage";
FORGEJO__storage__MINIO_USE_SSL = "false";
};
systemd.services.forgejo.serviceConfig = {
LoadCredential = [
"minio_access_key_id:${config.clan.core.vars.generators.forgejo-s3-storage.files.access-key-id.path}"
"minio_secret_access_key:${config.clan.core.vars.generators.forgejo-s3-storage.files.access-key-secret.path}"
];
Environment = [
"FORGEJO__storage__MINIO_ACCESS_KEY_ID__FILE=%d/minio_access_key_id"
"FORGEJO__storage__MINIO_SECRET_ACCESS_KEY__FILE=%d/minio_secret_access_key"
];
};
clan.core.vars.generators.forgejo-s3-storage = {
prompts.access-key-id = {
description = "s3 access key id";
type = "line";
persist = true;
};
prompts.access-key-secret = {
description = "s3 access key secret";
type = "hidden";
persist = true;
};
};
clan.core.state.forgejo.folders = [ config.services.forgejo.stateDir ];
services.nginx.virtualHosts."git.rpqt.fr" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:${builtins.toString (cfg.settings.server.HTTP_PORT)}";
};
};
security.acme.certs."git.rpqt.fr" = {
email = "admin@rpqt.fr";
};
}