{ config, lib, pkgs, options, ... }: with lib; let cfg = config.modules.services.forgejo; theme = pkgs.fetchzip { url = "https://github.com/catppuccin/gitea/releases/download/v0.4.1/catppuccin-gitea.tar.gz"; sha256 = "1wi4gi431b8hpmk6cr05jygplj76p6jwwlihajxz9131aqxym1fp"; stripRoot = false; }; in { options.modules.services.forgejo = { enable = mkEnableOption "enable forgejo, a lightweight git server"; domain = mkOption { type = types.str; default = "git.reidlab.online"; }; port = mkOption { type = types.int; default = 3000; }; }; config = mkIf cfg.enable { services = { forgejo = { enable = true; stateDir = "/var/lib/${cfg.domain}"; database.type = "postgres"; settings = { "DEFAULT" = { APP_NAME = "reidlab's git instance"; }; "security" = { INSTALL_LOCK = true; PASSWORD_HASH_ALGO = "argon2"; PASSWORD_CHECK_PWN = true; }; "ui" = { THEMES = builtins.concatStringsSep "," (["auto"] ++ (map (name: removePrefix "theme-" (removeSuffix ".css" name)) (attrNames (builtins.readDir theme)))); DEFAULT_THEME = "catppuccin-mocha-red"; }; "ui.meta" = { AUTHOR = "reidlab"; DESCRIPTION = "reidlab's git instance"; }; "server" = { DOMAIN = cfg.domain; HTTP_PORT = cfg.port; ROOT_URL = "https://${cfg.domain}/"; }; "repository" = { DEFAULT_BRANCH = "main"; }; "picture" = { DISABLE_GRAVATAR = false; ENABLE_FEDERATED_AVATAR = true; }; "service" = { ENABLE_CAPTCHA = false; REGISTER_EMAIL_CONFIRM = false; DEFAULT_KEEP_EMAIL_PRIVATE = true; DEFAULT_ENABLE_TIMETRACING = true; DISABLE_REGISTRATION = true; }; "federation" = { ENABLED = true; }; }; }; nginx.virtualHosts."${cfg.domain}" = { forceSSL = true; enableACME = true; locations."/".extraConfig = '' proxy_pass http://127.0.0.1:${toString cfg.port}; ''; }; }; systemd.services.forgejo = { preStart = mkAfter '' rm -rf ${config.services.forgejo.customDir}/public/assets mkdir -p ${config.services.forgejo.customDir}/public/assets ln -sf ${theme} ${config.services.forgejo.customDir}/public/assets/css ''; }; }; }