nixos/services/gitea.nix

{ config, lib, ... }:

with lib;

mkIf (elem "gitea" config.machine.services) {
  services = {
    gitea = let
      cfg = config.machine;
      domain = (findFirst (s: s.service == "gitea") cfg cfg.vHosts).domain;
    in {
      enable = true;
      user = "git";
      database = {
        type = "mysql";
        user = "git";
        name = "gitea";
        passwordFile = config.sops.secrets."services/gitea/dbPass".path;
      };
      settings = {
        repository = {
          DISABLE_HTTP_GIT = false;
          USE_COMPAT_SSH_URI = true;
        };

        security = {
          INSTALL_LOCK = true;
          COOKIE_USERNAME = "gitea_username";
          COOKIE_REMEMBER_NAME = "gitea_userauth";
        };

        server = {
          DOMAIN = domain;
          ROOT_URL = "https://${domain}/";
        };

        service = {
          DISABLE_REGISTRATION = (lib.mkForce true);
        };

        session = {
          cookieSecure = true;
        };
      };
    };
  };
  sops.secrets."services/gitea/dbPass" = {};
  users.users.git = {
    description = "Gitea Service";
    isNormalUser = true;
    home = config.services.gitea.stateDir;
    createHome = true;
    useDefaultShell = true;
  };
}
Clean up in accordance with unofficial nix-linter. 2019-05-09 18:28:40 +02:00			`{ config, lib, ... }:`
Fresh repo without sensitive data. 2019-02-26 13:44:40 +01:00
Modularized configuration now kind of works. (still need to do some refactoring) 2019-03-20 02:57:59 +01:00			`with lib;`

			`mkIf (elem "gitea" config.machine.services) {`
mysql: Use ensure* options, split definition up into service files. note/reason for split: nixos submodule option names aren't standardized... 2019-12-19 09:36:54 +01:00			`services = {`
			`gitea = let`
			`cfg = config.machine;`
			`domain = (findFirst (s: s.service == "gitea") cfg cfg.vHosts).domain;`
			`in {`
			`enable = true;`
Fresh repo without sensitive data. 2019-02-26 13:44:40 +01:00			`user = "git";`
mysql: Use ensure* options, split definition up into service files. note/reason for split: nixos submodule option names aren't standardized... 2019-12-19 09:36:54 +01:00			`database = {`
			`type = "mysql";`
			`user = "git";`
			`name = "gitea";`
Update gitea service config + configure for sops. 2023-09-10 15:28:26 +02:00			`passwordFile = config.sops.secrets."services/gitea/dbPass".path;`
mysql: Use ensure* options, split definition up into service files. note/reason for split: nixos submodule option names aren't standardized... 2019-12-19 09:36:54 +01:00			`};`
NixOS 20.09 Changes. 2020-11-23 23:07:42 +01:00			`settings = {`
			`repository = {`
			`DISABLE_HTTP_GIT = false;`
			`USE_COMPAT_SSH_URI = true;`
			`};`
mysql: Use ensure* options, split definition up into service files. note/reason for split: nixos submodule option names aren't standardized... 2019-12-19 09:36:54 +01:00
NixOS 20.09 Changes. 2020-11-23 23:07:42 +01:00			`security = {`
			`INSTALL_LOCK = true;`
			`COOKIE_USERNAME = "gitea_username";`
			`COOKIE_REMEMBER_NAME = "gitea_userauth";`
			`};`
Fresh repo without sensitive data. 2019-02-26 13:44:40 +01:00
Update gitea service config + configure for sops. 2023-09-10 15:28:26 +02:00			`server = {`
			`DOMAIN = domain;`
			`ROOT_URL = "https://${domain}/";`
			`};`

NixOS 20.09 Changes. 2020-11-23 23:07:42 +01:00			`service = {`
			`DISABLE_REGISTRATION = (lib.mkForce true);`
Update gitea service confit to match new names. 2023-01-29 16:23:53 +01:00			`};`

			`session = {`
			`cookieSecure = true;`
			`};`
NixOS 20.09 Changes. 2020-11-23 23:07:42 +01:00			`};`
mysql: Use ensure* options, split definition up into service files. note/reason for split: nixos submodule option names aren't standardized... 2019-12-19 09:36:54 +01:00			`};`
Fresh repo without sensitive data. 2019-02-26 13:44:40 +01:00			`};`
Update gitea service config + configure for sops. 2023-09-10 15:28:26 +02:00			`sops.secrets."services/gitea/dbPass" = {};`
Fresh repo without sensitive data. 2019-02-26 13:44:40 +01:00			`users.users.git = {`
Integrate mailman3 service into my existing configuration. 2019-07-03 08:38:11 +02:00			`description = "Gitea Service";`
Fresh repo without sensitive data. 2019-02-26 13:44:40 +01:00			`isNormalUser = true;`
Integrate mailman3 service into my existing configuration. 2019-07-03 08:38:11 +02:00			`home = config.services.gitea.stateDir;`
Fresh repo without sensitive data. 2019-02-26 13:44:40 +01:00			`createHome = true;`
Integrate mailman3 service into my existing configuration. 2019-07-03 08:38:11 +02:00			`useDefaultShell = true;`
Fresh repo without sensitive data. 2019-02-26 13:44:40 +01:00			`};`
			`}`