Jaculabilis
/
nixos-configs
1
1
Fork 0
Code Releases Activity
nixos-configs/machine/empyrean/gitea.nix

80 lines
2.6 KiB
Nix
Raw Blame History

# Configuration for Gitea instance
{ config, pkgs, ... }:
{
# Gitea configuration
services.gitea = {
enable = true;
#useWizard = true; # Needed for first-time building
# Settings
appName = "Horse Codes";
lfs.enable = true;
# Disabled until I figure out how to make this not take up multiple gigabytes
dump = {
enable = false;
interval = "weekly";
};
settings = {
"server" = {
# Configuration for reverse proxy
ROOT_URL = "https://git.alogoulogoi.com/";
HTTP_ADDR = "127.0.0.1";
HTTP_PORT = 3300;
DOMAIN = "git.alogoulogoi.com";
};
"repository" = {
DEFAULT_PRIVATE = true;
};
"ui" = {
DEFAULT_THEME = "arc-green";
SHOW_USER_EMAIL = false;
};
"ui.meta" = {
AUTHOR = "Horse Codes";
DESCRIPTION = "Alogoulogoi Gitea instance";
KEYWORDS = "";
};
"security" = {
INSTALL_LOCK = true;
};
"session" = {
SESSION_LIFE_TIME = 86400 * 7; # 1 week
};
"picture" = {
DISABLE_GRAVATAR = true;
};
#"cron.archive_cleanup".ENABLED = false; # TODO: figure out why this was enabled
"cron.sync_external_users".ENABLED = false;
log.LEVEL = "Info";
# Private server
service.DISABLE_REGISTRATION = true;
# Disable package manager functionality
packages.ENABLED = false;
};
};
users.users.gitea.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCYr3Y4waQA4Qb9Vv29APxqkAE6E8KSoTcK1L+NSKOEAb3IxlqitMMnDFfWENXuQlEkkxkqszGA3oe2uchN89UckBFIkm8oEBNE2ZQ0SnuVv+ETHRYMmGvhfOnsnEzpD/j6qSk/0/ea2eJpzfUazMVNTDP7aX6pI0F0n6lXFty0vVan/gN6lM41aNatlQPGxY2XDJQ/e2IJJeOubb2YwH/Vj7/t25yuKiQ5AmaX9fVheM4xA1xfNTs42UfoHzU7Pk3gT6D6L1DGHjsbO0FD4lKPe030XYcPVvpqSiEKGTAYvcWnPH/RDXuz6cEQpN3kMajEtvKUcu0FM/3NPJhvUuxEX0wJnvPPRuY30tcD2WuYemQjm5OCGewdIr1a7mMJ/5zEAzRq4AttEdw7PtTjoj8O+0S6pFrFnv6Dp5TOrg9jyRLICEv7SPb76OhPWWr2uf3TllfXJcQMdsEd3gnTxaUUgJRmD3hfAQO5fOR0MFuVw+bVgleeYctBCW5UjbWZqE1lzEU8xwVYKB05HnWI5tgeh/pkdjg9AfdWnuVU7EljJ8nFEevNTJEe3kjZ67l+wL/dLiyyQuMIq1oBpcOCq+ew0jWZMfPq3o5r13qsdPkUuqdwWOXhCQtqOHHYXVgFEvEGLWacdgHSIFlP7IdfW1M4k1yFPBUlJUU9Bo+VGSZxSw== tvb@catacomb"
];
# Configure nginx to forward to the server at the git subdomain
services.nginx.virtualHosts."git.alogoulogoi.com" = {
enableACME = true;
forceSSL = true;
extraConfig = ''
access_log /var/log/nginx/access.git.log;
'';
locations."/".extraConfig = ''
proxy_buffering off;
proxy_pass http://localhost:3300/;
'';
};
# Give tvb group access to gitea config
users.users.tvb.extraGroups = [ "gitea" ];
}
View Git Blame Copy Permalink