181 lines
4.4 KiB
Nix
181 lines
4.4 KiB
Nix
{ config, pkgs, lib, domain, ... }:
|
|
{
|
|
sops.secrets = {
|
|
"postgres-pw" = { owner = config.services.gitea.user; };
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
gitea
|
|
];
|
|
|
|
services.gitea = {
|
|
enable = true;
|
|
package = pkgs.gitea;
|
|
group = "gitea"; # default
|
|
user = "gitea"; # default
|
|
appName = "NxGit";
|
|
stateDir = "/var/lib/gitea"; # default
|
|
useWizard = false; # default
|
|
# camoHmacKeyFile = ;
|
|
customDir = "${config.services.gitea.stateDir}/custom"; # default
|
|
database = {
|
|
createDatabase = false; # default
|
|
host = "127.0.0.1"; # default
|
|
port = 5432;
|
|
passwordFile = config.sops.secrets."postgres-pw".path;
|
|
# path = "${config.services.gitea.stateDir}/data/gitea.db"; # default
|
|
# socket = "/run/postgresql";
|
|
socket = null;
|
|
type = "postgres";
|
|
name = "gitea"; # default
|
|
user = "gitea"; # default
|
|
};
|
|
# dump = {
|
|
# enable = true;
|
|
# backupDir = "${config.services.gitea.stateDir}/dump"; # default
|
|
# file = null; # default
|
|
# interval = "daily";
|
|
# type = "zip"; # default
|
|
# };
|
|
# extraConfig = null; # default
|
|
# lfs = {
|
|
# enable = false; # default
|
|
# contentDir = "${config.services.gitea.stateDir}/data/lfs"; # default
|
|
# };
|
|
# mailerPasswordFile = null; # default
|
|
# metricsTokenFile = null; # default
|
|
repositoryRoot = "${config.services.gitea.stateDir}/repositories"; # default
|
|
settings = {
|
|
log = {
|
|
LEVEL = "Info";
|
|
# LEVEL = "Error";
|
|
ROOT_PATH = "${config.services.gitea.stateDir}/log"; # default
|
|
};
|
|
# i18n = {
|
|
# LANGS = "en-US";
|
|
# };
|
|
server = {
|
|
DISABLE_SSH = false; # default
|
|
SSH_PORT = 20022;
|
|
# DOMAIN = "pw2.${domain}";
|
|
# HTTP_ADDR = "${config.services.gitea.settings.server.DOMAIN}:${toString config.services.gitea.settings.server.HTTP_PORT}/";
|
|
# HTTP_PORT = 3000; # default
|
|
# PROTOCOL = "http"; # default
|
|
# ROOT_URL = "https:pw2.${domain}/"; # default
|
|
STATIC_ROOT_PATH = "${config.services.gitea.stateDir}/static";
|
|
};
|
|
session = {
|
|
COOKIE_SECURE = true;
|
|
};
|
|
service = {
|
|
DISABLE_REGISTRATION = true;
|
|
};
|
|
};
|
|
};
|
|
}
|
|
# APP_NAME = Gitea: Git with a cup of tea
|
|
# RUN_MODE = prod
|
|
# RUN_USER = git
|
|
# WORK_PATH = /data/gitea
|
|
|
|
# [repository]
|
|
# ROOT = /data/git/repositories
|
|
# ENABLE_PUSH_CREATE_ORG = true
|
|
# ENABLE_PUSH_CREATE_USER = true
|
|
|
|
# [repository.local]
|
|
# LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
|
|
|
|
# [repository.upload]
|
|
# TEMP_PATH = /data/gitea/uploads
|
|
|
|
# [server]
|
|
# APP_DATA_PATH = /data/gitea
|
|
# DOMAIN = git.nx2.site
|
|
# SSH_DOMAIN = git.nx2.site
|
|
# HTTP_PORT = 3000
|
|
# ROOT_URL = https://git.nx2.site/
|
|
# DISABLE_SSH = false
|
|
# SSH_PORT = 22
|
|
# SSH_LISTEN_PORT = 22
|
|
# LFS_START_SERVER = true
|
|
# LFS_JWT_SECRET = aitnnoway
|
|
# OFFLINE_MODE = false
|
|
|
|
# [database]
|
|
# PATH = /data/gitea/gitea.db
|
|
# DB_TYPE = postgres
|
|
# HOST = giteadb:5432
|
|
# NAME = gitea
|
|
# USER = gitea
|
|
# PASSWD = -lkjlkj
|
|
# LOG_SQL = false
|
|
# SCHEMA =
|
|
# SSL_MODE = disable
|
|
|
|
# [indexer]
|
|
# ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
|
|
|
|
# [session]
|
|
# PROVIDER_CONFIG = /data/gitea/sessions
|
|
# PROVIDER = file
|
|
|
|
# [picture]
|
|
# AVATAR_UPLOAD_PATH = /data/gitea/avatars
|
|
# REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
|
|
|
|
# [attachment]
|
|
# PATH = /data/gitea/attachments
|
|
|
|
# [log]
|
|
# MODE = console
|
|
# LEVEL = info
|
|
# ROOT_PATH = /data/gitea/log
|
|
|
|
# [security]
|
|
# INSTALL_LOCK = true
|
|
# SECRET_KEY =
|
|
# REVERSE_PROXY_LIMIT = 1
|
|
# REVERSE_PROXY_TRUSTED_PROXIES = *
|
|
# INTERNAL_TOKEN = faaaaakeeyJuYmYiOjE3MTMxMTAzMjN9.iliwlrfZDTb8oL296gpXRYhC-6_AJdjePO7dk3NT-PE
|
|
# PASSWORD_HASH_ALGO = pbkdf2
|
|
|
|
# [service]
|
|
# DISABLE_REGISTRATION = true
|
|
# REQUIRE_SIGNIN_VIEW = false
|
|
# REGISTER_EMAIL_CONFIRM = false
|
|
# ENABLE_NOTIFY_MAIL = false
|
|
# ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
|
# ENABLE_CAPTCHA = false
|
|
# DEFAULT_KEEP_EMAIL_PRIVATE = false
|
|
# DEFAULT_ALLOW_CREATE_ORGANIZATION = true
|
|
# DEFAULT_ENABLE_TIMETRACKING = true
|
|
# NO_REPLY_ADDRESS = noreply.nx2.site
|
|
|
|
# [lfs]
|
|
# PATH = /data/git/lfs
|
|
|
|
# [mailer]
|
|
# ENABLED = true
|
|
# SMTP_ADDR = smtp.gmail.com
|
|
# SMTP_PORT = 587
|
|
# FROM = git@nx2.site
|
|
# USER = lennart.kurzweg.lk@gmail.com
|
|
# PASSWD = "ihh"
|
|
|
|
# [openid]
|
|
# ENABLE_OPENID_SIGNIN = true
|
|
# ENABLE_OPENID_SIGNUP = false
|
|
|
|
# [cron.update_checker]
|
|
# ENABLED = false
|
|
|
|
# [repository.pull-request]
|
|
# DEFAULT_MERGE_STYLE = merge
|
|
|
|
# [repository.signing]
|
|
# DEFAULT_TRUST_MODEL = committer
|
|
|
|
# [oauth2]
|
|
# JWT_SECRET = redavt
|