55 lines
1.2 KiB
Nix
55 lines
1.2 KiB
Nix
{ pkgs, lib, config, ... }:
|
|
{
|
|
sops.secrets."postgres/gitea_dbpass" = {
|
|
sopsFile = ../../../.secrets/hetzner/postgres.yaml; # bring your own password file
|
|
owner = config.services.forgejo.user;
|
|
};
|
|
|
|
services.forgejo = {
|
|
enable = true;
|
|
user = "gitea";
|
|
group = "gitea";
|
|
stateDir = "/var/lib/gitea";
|
|
database = {
|
|
name = "gitea";
|
|
user = "gitea";
|
|
type = "postgres";
|
|
passwordFile = config.sops.secrets."postgres/gitea_dbpass".path;
|
|
};
|
|
settings.service.DISABLE_REGISTRATION = true;
|
|
settings.server = {
|
|
DOMAIN = "git.hoyer.xyz";
|
|
ROOT_URL = "https://git.hoyer.xyz/";
|
|
HTTP_PORT = 3001;
|
|
};
|
|
settings.log.LEVEL = "Warn";
|
|
};
|
|
|
|
users.users.gitea = {
|
|
home = "/var/lib/gitea";
|
|
useDefaultShell = true;
|
|
group = "gitea";
|
|
isSystemUser = true;
|
|
};
|
|
|
|
users.groups.gitea = { };
|
|
|
|
services.postgresql = {
|
|
package = pkgs.postgresql_14;
|
|
ensureDatabases = [
|
|
config.services.forgejo.database.name
|
|
"nextcloud"
|
|
];
|
|
ensureUsers = [
|
|
{
|
|
name = config.services.forgejo.database.user;
|
|
ensureDBOwnership = true;
|
|
}
|
|
{
|
|
name = "nextcloud";
|
|
ensureDBOwnership = true;
|
|
}
|
|
];
|
|
};
|
|
}
|