From 08c96066791a31a4849b73a33640d74df5063e13 Mon Sep 17 00:00:00 2001
From: derped <derped@ophanim.de>
Date: Sun, 10 Sep 2023 15:28:26 +0200
Subject: [PATCH] Update gitea service config + configure for sops.

---
 services/gitea.nix              | 23 +++++++----------------
 services/nginx_vHosts/gitea.nix |  2 +-
 2 files changed, 8 insertions(+), 17 deletions(-)

diff --git a/services/gitea.nix b/services/gitea.nix
index 5991117..d19e041 100644
--- a/services/gitea.nix
+++ b/services/gitea.nix
@@ -10,13 +10,11 @@ mkIf (elem "gitea" config.machine.services) {
     in {
       enable = true;
       user = "git";
-      domain = domain;
-      rootUrl = "http://${domain}/";
       database = {
         type = "mysql";
         user = "git";
         name = "gitea";
-        passwordFile = "${cfg.secretPath}/gitea_db";
+        passwordFile = config.sops.secrets."services/gitea/dbPass".path;
       };
       settings = {
         repository = {
@@ -30,6 +28,11 @@ mkIf (elem "gitea" config.machine.services) {
           COOKIE_REMEMBER_NAME = "gitea_userauth";
         };
 
+        server = {
+          DOMAIN = domain;
+          ROOT_URL = "https://${domain}/";
+        };
+
         service = {
           DISABLE_REGISTRATION = (lib.mkForce true);
         };
@@ -39,20 +42,8 @@ mkIf (elem "gitea" config.machine.services) {
         };
       };
     };
-
-#    mysql = let
-#      cfg = config.services.gitea.database;
-#    in {
-#      ensureDatabases = [ cfg.name ];
-#      ensureUsers = [{
-#        name = cfg.user;
-#        ensurePermissions = {
-#          "${cfg.name}.*" = "ALL PRIVILEGES";
-#        };
-#      }];
-#    };
   };
-
+  sops.secrets."services/gitea/dbPass" = {};
   users.users.git = {
     description = "Gitea Service";
     isNormalUser = true;
diff --git a/services/nginx_vHosts/gitea.nix b/services/nginx_vHosts/gitea.nix
index 84de3e7..78961da 100644
--- a/services/nginx_vHosts/gitea.nix
+++ b/services/nginx_vHosts/gitea.nix
@@ -12,7 +12,7 @@ with lib;
 
       location @node {
         client_max_body_size 0;
-        proxy_pass http://${config.services.gitea.httpAddress}:${toString config.services.gitea.httpPort};
+        proxy_pass http://${config.services.gitea.settings.server.HTTP_ADDR}:${toString config.services.gitea.settings.server.HTTP_PORT};
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header Host $host;