emenel/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

forgejo

Browse source
This commit is contained in:
Matt Nish-Lapidus 2025-04-16 16:23:11 -04:00
parent c0c95ea8a7
commit 72ef09d952
4 changed files with 33 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

22
flake.lock generated
View file

@ -103,21 +103,6 @@
"type": "github" "type": "github"
} }
}, },
"emenel-templates": {
"locked": {
"lastModified": 1741380318,
"narHash": "sha256-C0HpGd73NBqMUjOTLJWmSBBpTiFPwetmgV182WBNrFQ=",
"ref": "refs/heads/main",
"rev": "de41a02caa5d87aabaaf56600dc3fe71b995821d",
"revCount": 1,
"type": "git",
"url": "ssh://git@gt.emenel.ca/emenel/nix-flake-templates"
},
"original": {
"type": "git",
"url": "ssh://git@gt.emenel.ca/emenel/nix-flake-templates"
}
},
"flake-compat": { "flake-compat": {
"locked": { "locked": {
"lastModified": 1733328505, "lastModified": 1733328505,
@ -377,11 +362,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1744812667, "lastModified": 1744828883,
"narHash": "sha256-2AJZwXMO82YGw6B/RRCPz8Wz2zSRCZIdjhdFuiw7Ymg=", "narHash": "sha256-0+s2fi6nETl3hK+vREzyElipVH2ZorBmU07SBvyNsLw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "5d48f3ded3b55ef32d5853c9022fb4df29b3fc45", "rev": "b35bccc32d3fc49f6fcc4e08ccfd6025c9eefa20",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1153,7 +1138,6 @@
"disko": "disko", "disko": "disko",
"emacs-lsp-booster": "emacs-lsp-booster", "emacs-lsp-booster": "emacs-lsp-booster",
"emacs-overlay": "emacs-overlay", "emacs-overlay": "emacs-overlay",
"emenel-templates": "emenel-templates",
"home-manager": "home-manager", "home-manager": "home-manager",
"hypridle": "hypridle", "hypridle": "hypridle",
"hyprlock": "hyprlock", "hyprlock": "hyprlock",

2
flake.nix
View file

@ -96,7 +96,7 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
emenel-templates.url = "git+ssh://git@gt.emenel.ca/emenel/nix-flake-templates"; # emenel-templates.url = "git+ssh://git@gt.emenel.ca/emenel/nix-flake-templates";
# nix-way-templates.url = "github:the-nix-way/dev-templates"; # nix-way-templates.url = "github:the-nix-way/dev-templates";
}; };

4
hosts/emenel-services/configuration.nix
View file

@ -64,7 +64,7 @@
networking.domain = ""; networking.domain = "";
networking.useDHCP = true; networking.useDHCP = true;
networking.firewall.enable = false; networking.firewall.enable = false;
networking.firewall.allowedTCPPorts = [ 22 80 12345 ]; # networking.firewall.allowedTCPPorts = [ 22 80 ];
services.openssh.enable = true; services.openssh.enable = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -105,7 +105,7 @@
clean = { clean = {
enable = true; enable = true;
dates = "daily"; dates = "daily";
extraArgs = "--keep 4"; extraArgs = "--keep 3";
}; };
flake = "/home/emenel/source/nixos-config"; flake = "/home/emenel/source/nixos-config";
package = pkgs.nh; package = pkgs.nh;

47
modules/system/forgejo.nix
View file

@ -12,9 +12,17 @@ in
}; };
stateDir = "/mnt/git-storage"; stateDir = "/mnt/git-storage";
settings = { settings = {
default = {
APP_NAME = "safe harbour";
};
server = { server = {
DOMAIN = "gt.emenel.ca";
ROOT_URL = "https://gt.emenel.ca/";
HTTP_PORT = port; HTTP_PORT = port;
}; };
repository = {
DEFAULT_BRANCH = "main";
};
service.DISABLE_REGISTRATION = true; service.DISABLE_REGISTRATION = true;
actions = { actions = {
ENABLED = true; ENABLED = true;
@ -30,16 +38,15 @@ in
# mailerPasswordFile = config.age.secrets.forgejo-mailer-password.path; # mailerPasswordFile = config.age.secrets.forgejo-mailer-password.path;
}; };
# caddy.virtualHosts."gt.emenel.ca" = { caddy.virtualHosts."gt.emenel.ca" = {
# serverAliases = [ "www.gt.emenel.ca" ]; extraConfig = ''
# extraConfig = '' tls internal
# reverse_proxy http://localhost:${port} { reverse_proxy http://localhost:12345 {
# header_down X-Real-IP {http.request.remote} header_down X-Real-IP {http.request.remote}
# header_down X-Forwarded-For {http.request.remote} header_down X-Forwarded-For {http.request.remote}
# } }
# ''; '';
# }; };
# };
# gitea-actions-runner = { # gitea-actions-runner = {
# package = pkgs.forgejo-actions-runner; # package = pkgs.forgejo-actions-runner;
@ -82,15 +89,15 @@ in
pkgs.forgejo-runner pkgs.forgejo-runner
]; ];
# sops.secrets.forgejo-emenel.owner = "forgejo"; # sops.secrets.forgejo-emenel.owner = "forgejo";
# systemd.services.forgejo.preStart = let # systemd.services.forgejo.preStart = let
# adminCmd = "${lib.getExe pkgs.forgejo} admin user"; # adminCmd = "${lib.getExe pkgs.forgejo} admin user";
# pwd = config.sops.secrets.forgejo-emenel; # pwd = config.sops.secrets.forgejo-emenel;
# user = "emenel"; # Note, Forgejo doesn't allow creation of an account named "admin" # user = "emenel"; # Note, Forgejo doesn't allow creation of an account named "admin"
# in '' # in ''
# ${adminCmd} create --admin --email "matt@emenel.ca" --username ${user} --password "$(tr -d '\n' < ${pwd.path})" || true # ${adminCmd} create --admin --email "matt@emenel.ca" --username ${user} --password "$(tr -d '\n' < ${pwd.path})" || true
# ## uncomment this line to change an admin user which was already created # ## uncomment this line to change an admin user which was already created
# # ${adminCmd} change-password --username ${user} --password "$(tr -d '\n' < ${pwd.path})" || true # # ${adminCmd} change-password --username ${user} --password "$(tr -d '\n' < ${pwd.path})" || true
# ''; # '';
} }