From 4c29603f140e0b2fe88c8184efbb5b970efa7ff4 Mon Sep 17 00:00:00 2001
From: derped <derped@ophanim.de>
Date: Thu, 9 May 2024 12:41:24 +0200
Subject: [PATCH] Migrate from gitea to forgejo.

---
 machines/Ophanim/options.nix                  |  4 ++--
 machines/Ophanim/secrets.yaml                 | 10 ++++----
 services/{gitea.nix => forgejo.nix}           | 24 +++++++++----------
 .../nginx_vHosts/{gitea.nix => forgejo.nix}   |  6 ++---
 services/openssh.nix                          |  2 +-
 5 files changed, 23 insertions(+), 23 deletions(-)
 rename services/{gitea.nix => forgejo.nix} (60%)
 rename services/nginx_vHosts/{gitea.nix => forgejo.nix} (73%)

diff --git a/machines/Ophanim/options.nix b/machines/Ophanim/options.nix
index 98e6ed6..a7d86dc 100644
--- a/machines/Ophanim/options.nix
+++ b/machines/Ophanim/options.nix
@@ -33,7 +33,7 @@ in {
     ];
     services = [
       "acme"
-      "gitea"
+      "forgejo"
       "tandoor"
       #      "hydra"
       "mailserver"
@@ -61,7 +61,7 @@ in {
       }
       {
         domain = "git.${base}";
-        service = "gitea";
+        service = "forgejo";
       }
       {
         domain = "food.${base}";
diff --git a/machines/Ophanim/secrets.yaml b/machines/Ophanim/secrets.yaml
index c903fea..0296b49 100644
--- a/machines/Ophanim/secrets.yaml
+++ b/machines/Ophanim/secrets.yaml
@@ -4,8 +4,8 @@ users:
         mail: ENC[AES256_GCM,data:b8/EiGUiUmCsxeOSFLE4lETrdi6Dn6wpWdYyNb22kHo/Ws0PXMLu4FJKeP/lZj0kKigdm4I94eEYyC8UmZKcJtilW/JtUpfmGzDkiGTxY7VxVFZYbamsQ1wq1r3BuWZorn+m,iv:+kyH2h+0++NnR/NPyUOPkEj1HSMI7+gciCXuebdlvkc=,tag:J6ltTqx34sJbkUAaiZJR6g==,type:str]
         publicKey: ENC[AES256_GCM,data:n1o+2pBdstnnC7b3Oub8Cen6JYZzR4ouaVlANsqxr2B8apPgY3ZaWoYO7b773MiKlhfPGPDpnL6H+jBGRc+adUjuaLFl2fnWwHCo8bIe/esIMf+bgyMefodg35R6j02bT0BM8dQGRyU/Qw==,iv:zCZdEvdTNvz/pAG6fAlsG5ZTCzOyfpo5OJswFa9n0ws=,tag:efQOpShXKmTJeK3odLt7cw==,type:str]
 services:
-    gitea:
-        dbPass: ENC[AES256_GCM,data:mZ159aEd0S8blrBtGL5yp9THAH96ru6wr6m5Sp0TFwgOJ4KfoU+1Zj+D2YEP3jc=,iv:JP0WhWZOOfz2ZoM387NVNpOt5mzhJLeVwUGFHJ2cE2c=,tag:cYSzUI4dfa6kql1qlm6Syg==,type:str]
+    forgejo:
+        dbPass: ENC[AES256_GCM,data:tYQUCQtPpxspfAEeaMavDqEHGqShKXSArIx9ZT70JxaTE7mmW0q+2XxvcZDq1bw=,iv:ZMlTUeyx82jQHPMXKCscShntwqyYcjh9jvLW+v6S238=,tag:ppn/mknIydiBHkAJ1UfTsg==,type:str]
     hydra:
         secretKey: ENC[AES256_GCM,data:TkAFImyj7ESA72aPjUTvUwTVzZ3KpXNdw41Bk2yGOJrNRiP3aA/+iK45BzJdeAssc5evZyvhFE+JE4ovOSuaWUz4YFH/TH41N5dkhSmPTND+hU6u24rv/gTcCH9BH/8uvFOnWCBmkKmFopE=,iv:NSCINUwyNCRMsGNjwfO/P1nMpYDQLxt448W2AfCBmLI=,tag:pfMpTExIabCmsHOiOIf6Qg==,type:str]
     nextcloud:
@@ -26,8 +26,8 @@ sops:
             Mzh6aFZKM2k3TTZveWRPc2ZkKzNvYm8KpNozbSJDJ3Yd2FsR0krsPXsn1beIyniD
             0tJNmBFphav57LDQrYz5D+J4pMKKQI1P/USCPDDu1km2dJF/RJzeJQ==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2023-09-11T20:01:29Z"
-    mac: ENC[AES256_GCM,data:3SvL0KQjxHZYxZHuqri6ghx0/v/UJa0MozNvzldvLzK4mpM5xD0zBxIyZ6LkXwQ7Fhe7BxrPJ6oDa0wiOn5JSbCihJJ7xn4vhjvNWX7HE1Hl9HviNSW6qebO+cgK/oSz+Yi1MZZ/NCqDtkOi08GDwmBoaqXyp84TPGf79fChuTo=,iv:i2vsbTFrb+daXfEgLTRZZdITdhwM/LreFYvKjtykmRU=,tag:iTSR4baH+wBayt4ik+U46A==,type:str]
+    lastmodified: "2024-05-09T10:31:53Z"
+    mac: ENC[AES256_GCM,data:wOXASNOZgff1yQ6mRWkuIkRd/351aXnlpr18jNyiBLNfgA6Z6g6LmJnT/n+C5F2+/3f/IWGC/ithyRRhPPovqg0V9UFyKn///vTc8Z87oyVqf83glPN2K+JSXXARa8wcod4F5AKP2Ul7rDCn5ygyKczMSL+oMx995daOQxIiFP8=,iv:STulK5T+ID0F5FBbO/HJI7Y6is5+onhrnjtyV1rMDeI=,tag:QcVQLHLAqcP3Bqv8S2q3Qg==,type:str]
     pgp:
         - created_at: "2023-09-10T17:32:58Z"
           enc: |
@@ -42,4 +42,4 @@ sops:
             -----END PGP MESSAGE-----
           fp: 1F2EA6D9A57A9BE5A7F3AA035BEBEE4EE57DC7E2
     unencrypted_suffix: _unencrypted
-    version: 3.7.3
+    version: 3.8.1
diff --git a/services/gitea.nix b/services/forgejo.nix
similarity index 60%
rename from services/gitea.nix
rename to services/forgejo.nix
index 3d5ec99..8135a69 100644
--- a/services/gitea.nix
+++ b/services/forgejo.nix
@@ -4,19 +4,19 @@
   ...
 }:
 with lib;
-  mkIf (elem "gitea" config.machine.services) {
+  mkIf (elem "forgejo" config.machine.services) {
     services = {
-      gitea = let
+      forgejo = let
         cfg = config.machine;
-        inherit ((findFirst (s: s.service == "gitea") cfg cfg.vHosts)) domain;
+        inherit ((findFirst (s: s.service == "forgejo") cfg cfg.vHosts)) domain;
       in {
         enable = true;
         user = "git";
         database = {
           type = "mysql";
           user = "git";
-          name = "gitea";
-          passwordFile = config.sops.secrets."services/gitea/dbPass".path;
+          name = "forgejo";
+          passwordFile = config.sops.secrets."services/forgejo/dbPass".path;
         };
         settings = {
           repository = {
@@ -26,8 +26,8 @@ with lib;
 
           security = {
             INSTALL_LOCK = true;
-            COOKIE_USERNAME = "gitea_username";
-            COOKIE_REMEMBER_NAME = "gitea_userauth";
+            COOKIE_USERNAME = "forgejo_username";
+            COOKIE_REMEMBER_NAME = "forgejo_userauth";
           };
 
           server = {
@@ -45,15 +45,15 @@ with lib;
         };
       };
     };
-    sops.secrets."services/gitea/dbPass" = {
+    sops.secrets."services/forgejo/dbPass" = {
       owner = "git";
-      group = "gitea";
+      group = "forgejo";
     };
     users.users.git = {
-      description = "Gitea Service";
+      description = "Forgejo Service";
       isNormalUser = true;
-      home = config.services.gitea.stateDir;
-      createHome = true;
+      home = config.services.forgejo.stateDir;
+      createHome = false;
       useDefaultShell = true;
     };
   }
diff --git a/services/nginx_vHosts/gitea.nix b/services/nginx_vHosts/forgejo.nix
similarity index 73%
rename from services/nginx_vHosts/gitea.nix
rename to services/nginx_vHosts/forgejo.nix
index df67d66..bee28bc 100644
--- a/services/nginx_vHosts/gitea.nix
+++ b/services/nginx_vHosts/forgejo.nix
@@ -6,9 +6,9 @@
 with lib;
   {
     vHost =
-      if config.services.gitea.enable
+      if config.services.forgejo.enable
       then {
-        root = "${config.services.gitea.stateDir}/public";
+        root = "${config.services.forgejo.stateDir}/public";
         extraConfig = ''
           location / {
             try_files maintain.html $uri $uri/index.html @node;
@@ -16,7 +16,7 @@ with lib;
 
           location @node {
             client_max_body_size 0;
-            proxy_pass http://${config.services.gitea.settings.server.HTTP_ADDR}:${toString config.services.gitea.settings.server.HTTP_PORT};
+            proxy_pass http://${config.services.forgejo.settings.server.HTTP_ADDR}:${toString config.services.forgejo.settings.server.HTTP_PORT};
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header Host $host;
diff --git a/services/openssh.nix b/services/openssh.nix
index 4774d6c..30fc229 100644
--- a/services/openssh.nix
+++ b/services/openssh.nix
@@ -22,7 +22,7 @@ with lib;
       extraConfig = let
         users =
           concatMapStrings (user: "${user.name} ") config.machine.administrators
-          + (optionalString config.services.gitea.enable (config.services.gitea.user + " "));
+          + (optionalString config.services.forgejo.enable (config.services.forgejo.user + " "));
       in ''
         UsePAM no
         AllowUsers ${users}