76 lines
1.9 KiB
Nix
Executable file
76 lines
1.9 KiB
Nix
Executable file
{ config, lib, pkgs, options, ... }:
|
|
|
|
with lib;
|
|
let
|
|
cfg = config.modules.services.forgejo;
|
|
in {
|
|
options.modules.services.forgejo = {
|
|
enable = mkEnableOption "enable forgejo, a lightweight git server";
|
|
port = mkOption {
|
|
type = types.int;
|
|
default = 3000;
|
|
};
|
|
domain = mkOption {
|
|
type = types.str;
|
|
default = "git.reidlab.pink";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
services.forgejo = {
|
|
enable = true;
|
|
|
|
stateDir = "/var/lib/${cfg.domain}";
|
|
database.type = "postgres";
|
|
settings = {
|
|
"DEFAULT" = {
|
|
APP_NAME = "reidlab's git instance";
|
|
};
|
|
"security" = {
|
|
INSTALL_LOCK = true;
|
|
PASSWORD_HASH_ALGO = "argon2";
|
|
PASSWORD_CHECK_PWN = true;
|
|
REVERSE_PROXY_TRUSTED_PROXIES = "127.0.0.0/8,::1/128";
|
|
};
|
|
"ui.meta" = {
|
|
AUTHOR = "reidlab";
|
|
DESCRIPTION = "reidlab's git instance";
|
|
};
|
|
"server" = {
|
|
DOMAIN = cfg.domain;
|
|
PROTOCOL = "http";
|
|
HTTP_PORT = cfg.port;
|
|
ROOT_URL = "https://${cfg.domain}/";
|
|
};
|
|
"repository" = {
|
|
DEFAULT_BRANCH = "main";
|
|
};
|
|
"picture" = {
|
|
DISABLE_GRAVATAR = false;
|
|
ENABLE_FEDERATED_AVATAR = true;
|
|
};
|
|
"service" = {
|
|
ENABLE_CAPTCHA = false;
|
|
REGISTER_EMAIL_CONFIRM = false;
|
|
DEFAULT_KEEP_EMAIL_PRIVATE = true;
|
|
DEFAULT_ENABLE_TIMETRACING = true;
|
|
DISABLE_REGISTRATION = true;
|
|
};
|
|
"federation" = {
|
|
ENABLED = true;
|
|
};
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts."${cfg.domain}" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:${toString cfg.port}";
|
|
extraConfig = ''
|
|
client_max_body_size 512M;
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
}
|