70 lines
1.7 KiB
Nix
Executable file
70 lines
1.7 KiB
Nix
Executable file
{ config, lib, pkgs, options, ... }:
|
|
|
|
with lib;
|
|
let
|
|
cfg = config.modules.services.forgejo;
|
|
in {
|
|
options.modules.services.forgejo = {
|
|
enable = mkEnableOption "enable forgejo, a lightweight git server";
|
|
domain = mkOption {
|
|
type = types.str;
|
|
default = "git.reidlab.pink";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
services.forgejo = {
|
|
enable = true;
|
|
|
|
stateDir = "/var/lib/${cfg.domain}";
|
|
database.type = "postgres";
|
|
settings = {
|
|
"DEFAULT" = {
|
|
APP_NAME = "reidlab's git instance";
|
|
};
|
|
"security" = {
|
|
INSTALL_LOCK = true;
|
|
PASSWORD_HASH_ALGO = "argon2";
|
|
PASSWORD_CHECK_PWN = true;
|
|
};
|
|
"ui.meta" = {
|
|
AUTHOR = "reidlab";
|
|
DESCRIPTION = "reidlab's git instance";
|
|
};
|
|
"server" = {
|
|
DOMAIN = cfg.domain;
|
|
PROTOCOL = "http+unix";
|
|
ROOT_URL = "https://${cfg.domain}/";
|
|
};
|
|
"repository" = {
|
|
DEFAULT_BRANCH = "main";
|
|
};
|
|
"picture" = {
|
|
DISABLE_GRAVATAR = false;
|
|
ENABLE_FEDERATED_AVATAR = true;
|
|
};
|
|
"service" = {
|
|
ENABLE_CAPTCHA = false;
|
|
REGISTER_EMAIL_CONFIRM = false;
|
|
DEFAULT_KEEP_EMAIL_PRIVATE = true;
|
|
DEFAULT_ENABLE_TIMETRACING = true;
|
|
DISABLE_REGISTRATION = true;
|
|
};
|
|
"federation" = {
|
|
ENABLED = true;
|
|
};
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts."${cfg.domain}" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://unix:${config.services.forgejo.settings.server.HTTP_ADDR}";
|
|
extraConfig = ''
|
|
client_max_body_size 512M;
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
}
|