derped/nixos
1
0
Fork 0
Code Releases Activity

Update gitea service config + configure for sops.

Browse source
This commit is contained in:
Kevin Baensch 2023-09-10 15:28:26 +02:00
parent 9d78b39bd0
commit 08c9606679
Signed by: derped
GPG key ID: C0F1D326C7626543
2 changed files with 8 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
services/gitea.nix
View file

@ -10,13 +10,11 @@ mkIf (elem "gitea" config.machine.services) {
in {
enable = true;
user = "git";
domain = domain;
rootUrl = "http://${domain}/";
database = {
type = "mysql";
user = "git";
name = "gitea";
passwordFile = "${cfg.secretPath}/gitea_db";
passwordFile = config.sops.secrets."services/gitea/dbPass".path;
};
settings = {
repository = {
@ -30,6 +28,11 @@ mkIf (elem "gitea" config.machine.services) {
COOKIE_REMEMBER_NAME = "gitea_userauth";
};
server = {
DOMAIN = domain;
ROOT_URL = "https://${domain}/";
};
service = {
DISABLE_REGISTRATION = (lib.mkForce true);
};
@ -39,20 +42,8 @@ mkIf (elem "gitea" config.machine.services) {
};
};
};
# mysql = let
# cfg = config.services.gitea.database;
# in {
# ensureDatabases = [ cfg.name ];
# ensureUsers = [{
# name = cfg.user;
# ensurePermissions = {
# "${cfg.name}.*" = "ALL PRIVILEGES";
# };
# }];
# };
};
sops.secrets."services/gitea/dbPass" = {};
users.users.git = {
description = "Gitea Service";
isNormalUser = true;

2
services/nginx_vHosts/gitea.nix
View file

@ -12,7 +12,7 @@ with lib;
location @node {
client_max_body_size 0;
proxy_pass http://${config.services.gitea.httpAddress}:${toString config.services.gitea.httpPort};
proxy_pass http://${config.services.gitea.settings.server.HTTP_ADDR}:${toString config.services.gitea.settings.server.HTTP_PORT};
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;