emenel/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

forgejo

Browse source
This commit is contained in:
Matt Nish-Lapidus 2025-04-16 16:42:05 -04:00
parent 72ef09d952
commit b480446505
4 changed files with 12 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

5
homes/emenel-services/default.nix
View file

@ -31,11 +31,6 @@
stateVersion = "25.05"; stateVersion = "25.05";
}; };
sops = {
age.keyFile = "/home/media/.config/sops/age/keys.txt"; # must have no password!
defaultSopsFile = ../emenel/secrets.yaml;
};
programs = { programs = {
home-manager.enable = true; home-manager.enable = true;
password-store.enable = true; password-store.enable = true;

1
hosts/emenel-services/configuration.nix
View file

@ -48,6 +48,7 @@
defaultSopsFile = ./secrets.yaml; defaultSopsFile = ./secrets.yaml;
secrets = { secrets = {
forgejo-emenel = {}; forgejo-emenel = {};
forgejo-smtp = {};
}; };
}; };

5
hosts/emenel-services/secrets.yaml
View file

@ -1,4 +1,5 @@
forgejo-emenel: ENC[AES256_GCM,data:Ngb8YCzaxVskDau76iv0XTesSA2NLXOfRr4Y+J47Z0prq5ol5Kf9H71VpWFTzR0TjSu8q8EUdq/2dqNzlzxlW+5SAXzxDWVW,iv:EOiKG4Y/yrOWUfbPoM3O4BvZiWEltTXIyYhcRNQ3Jbw=,tag:fUl2/3wtevmXCSUqsv+Hqg==,type:str] forgejo-emenel: ENC[AES256_GCM,data:Ngb8YCzaxVskDau76iv0XTesSA2NLXOfRr4Y+J47Z0prq5ol5Kf9H71VpWFTzR0TjSu8q8EUdq/2dqNzlzxlW+5SAXzxDWVW,iv:EOiKG4Y/yrOWUfbPoM3O4BvZiWEltTXIyYhcRNQ3Jbw=,tag:fUl2/3wtevmXCSUqsv+Hqg==,type:str]
forgejo-smtp: ENC[AES256_GCM,data:p2n5u13LpGjJO5HrjtmyJ2tbJU/oZQOMedQ0fL2QvioxFNVXIa33S9x0+LwEO6a+1k8=,iv:n+rOLNYnSAR98F3Hr6qSEKm10+KDGTzJ2GWdUclSTSc=,tag:jiAsgTg+bk8buRiysIYWnA==,type:str]
sops: sops:
age: age:
- recipient: age10k8v6pfm3p7cmsgn6wu5ufpcquqgpvqh76l23xf326et55dacc0qlr8fe8 - recipient: age10k8v6pfm3p7cmsgn6wu5ufpcquqgpvqh76l23xf326et55dacc0qlr8fe8
@ -19,7 +20,7 @@ sops:
cjUxSzYwSjg4c2pqRVlEeDVYc2NlN28KLyF2kPwaBTfm6ooIWkC7QuM4H4F7uvhi cjUxSzYwSjg4c2pqRVlEeDVYc2NlN28KLyF2kPwaBTfm6ooIWkC7QuM4H4F7uvhi
tsS/pHp9aE43ur6CShAJn4x7AHJGIwge+VZe3mUiMpsBfO5hROvwmA== tsS/pHp9aE43ur6CShAJn4x7AHJGIwge+VZe3mUiMpsBfO5hROvwmA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-14T12:29:05Z" lastmodified: "2025-04-16T20:39:05Z"
mac: ENC[AES256_GCM,data:lYflBymIecXWR5gAu3eKjmWqn4FPEuE2STFyxQdjPEbj7aP2CfshOUhUAwvhEy9twPvPTDkZuyiWmfSHZiHWiUYdI9cEKOB4ZiG+wlwmdOP76soXulFPyIsvFCbQMbvbUrxpA7+kUDArzuXnvffH+zI8lExgh0LHrnNR3893A10=,iv:SAECjDkkJxeNklUUaJMOJFrQjWtj/1IMZR5Tpkd1EzA=,tag:fBVnhFXRgYiDZ9gYfUUUtg==,type:str] mac: ENC[AES256_GCM,data:PaNwzi8Ico3Bq+P22p80HTTzSDIZvwJC/8bS1nSED3xqPKPDqM/fyb8gyYNo/04lCbH4D3DYhwV8Y6LvU0S9WD5nYcSBC8Qv9pomkgxOMFgE/8La+dQWLZzmwTaedZSHruX40B+QbZviiDP0PXqRynxqr+cMya2IGY8YSWWFh5Y=,iv:jdHYM8Dr4EkF7xuDCTuFuL1ENeFSBYnLPt1/J5MT69Y=,tag:LxsQVT5Fx9ut5saw0vdbwQ==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.10.1 version: 3.10.1

17
modules/system/forgejo.nix
View file

@ -28,14 +28,15 @@ in
ENABLED = true; ENABLED = true;
DEFAULT_ACTIONS_URL = "github"; DEFAULT_ACTIONS_URL = "github";
}; };
# mailer = { mailer = {
# ENABLED = true; ENABLED = true;
# SMTP_ADDR = "mail.example.com"; SMTP_ADDR = "smtp.mailgun.org";
# FROM = "noreply@${srv.DOMAIN}"; SMTP_PORT = 587;
# USER = "noreply@${srv.DOMAIN}"; FROM = "git@gt.emenel.ca";
# }; USER = "git@gt.emenel.ca";
};
}; };
# mailerPasswordFile = config.age.secrets.forgejo-mailer-password.path; mailerPasswordFile = config.sops.secrets.forgejo-smtp;
}; };
caddy.virtualHosts."gt.emenel.ca" = { caddy.virtualHosts."gt.emenel.ca" = {
@ -85,8 +86,6 @@ in
''; '';
in [ in [
forgejo-cli forgejo-cli
pkgs.forgejo
pkgs.forgejo-runner
]; ];
# sops.secrets.forgejo-emenel.owner = "forgejo"; # sops.secrets.forgejo-emenel.owner = "forgejo";