# Configuration for Gitea instance { config, pkgs, ... }: { # Gitea configuration services.gitea = { enable = true; #useWizard = true; # Needed for first-time building # Settings appName = "Horse Codes"; lfs.enable = true; # Disabled until I figure out how to make this not take up multiple gigabytes dump = { enable = false; interval = "weekly"; }; settings = { "server" = { # Configuration for reverse proxy ROOT_URL = "https://git.alogoulogoi.com/"; HTTP_ADDR = "127.0.0.1"; HTTP_PORT = 3300; DOMAIN = "git.alogoulogoi.com"; }; "repository" = { DEFAULT_PRIVATE = true; }; "ui" = { DEFAULT_THEME = "gitea-dark"; SHOW_USER_EMAIL = false; }; "ui.meta" = { AUTHOR = "Horse Codes"; DESCRIPTION = "Alogoulogoi Gitea instance"; KEYWORDS = ""; }; "security" = { INSTALL_LOCK = true; }; "session" = { SESSION_LIFE_TIME = 86400 * 7; # 1 week }; "picture" = { DISABLE_GRAVATAR = true; }; #"cron.archive_cleanup".ENABLED = false; # TODO: figure out why this was enabled "cron.sync_external_users".ENABLED = false; log.LEVEL = "Info"; # Private server service.DISABLE_REGISTRATION = true; # Disable package manager functionality packages.ENABLED = false; }; }; users.users.gitea.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCYr3Y4waQA4Qb9Vv29APxqkAE6E8KSoTcK1L+NSKOEAb3IxlqitMMnDFfWENXuQlEkkxkqszGA3oe2uchN89UckBFIkm8oEBNE2ZQ0SnuVv+ETHRYMmGvhfOnsnEzpD/j6qSk/0/ea2eJpzfUazMVNTDP7aX6pI0F0n6lXFty0vVan/gN6lM41aNatlQPGxY2XDJQ/e2IJJeOubb2YwH/Vj7/t25yuKiQ5AmaX9fVheM4xA1xfNTs42UfoHzU7Pk3gT6D6L1DGHjsbO0FD4lKPe030XYcPVvpqSiEKGTAYvcWnPH/RDXuz6cEQpN3kMajEtvKUcu0FM/3NPJhvUuxEX0wJnvPPRuY30tcD2WuYemQjm5OCGewdIr1a7mMJ/5zEAzRq4AttEdw7PtTjoj8O+0S6pFrFnv6Dp5TOrg9jyRLICEv7SPb76OhPWWr2uf3TllfXJcQMdsEd3gnTxaUUgJRmD3hfAQO5fOR0MFuVw+bVgleeYctBCW5UjbWZqE1lzEU8xwVYKB05HnWI5tgeh/pkdjg9AfdWnuVU7EljJ8nFEevNTJEe3kjZ67l+wL/dLiyyQuMIq1oBpcOCq+ew0jWZMfPq3o5r13qsdPkUuqdwWOXhCQtqOHHYXVgFEvEGLWacdgHSIFlP7IdfW1M4k1yFPBUlJUU9Bo+VGSZxSw== tvb@catacomb" ]; # Configure nginx to forward to the server at the git subdomain services.nginx.virtualHosts."git.alogoulogoi.com" = { enableACME = true; forceSSL = true; extraConfig = '' access_log /var/log/nginx/access.git.log; ''; locations."/".extraConfig = '' proxy_buffering off; proxy_pass http://localhost:3300/; ''; }; # Give tvb group access to gitea config users.users.tvb.extraGroups = [ "gitea" ]; }