From 509cba0c51a1bb34b8a356bd9349c8bbc7981e85 Mon Sep 17 00:00:00 2001 From: Jan Kremer Date: Fri, 20 Feb 2026 11:55:07 +0100 Subject: [PATCH] Add Forgejo git hosting --- modules/nixos/default.nix | 2 +- modules/nixos/forgejo.nix | 68 ++++++----------------- modules/secrets/forgejo-runner-token.age | Bin 363 -> 0 bytes modules/secrets/secrets.nix | 1 - 4 files changed, 17 insertions(+), 54 deletions(-) delete mode 100644 modules/secrets/forgejo-runner-token.age diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index a30a033..6814808 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -1,7 +1,7 @@ { imports = [ ./copyparty.nix - # ./forgejo.nix + ./forgejo.nix ./immich.nix ./jellyfin.nix # ./minecraft.nix diff --git a/modules/nixos/forgejo.nix b/modules/nixos/forgejo.nix index c808cad..1d37d58 100644 --- a/modules/nixos/forgejo.nix +++ b/modules/nixos/forgejo.nix @@ -1,58 +1,22 @@ -{ inputs, ... }: +{ config, ... }: { - containers.git = { - autoStart = true; - bindMounts."/etc/ssh/ssh_host_ed25519_key".hostPath = "/etc/ssh/ssh_host_ed25519_key"; - - config = { - imports = [ inputs.agenix.nixosModules.default ]; - - age = { - identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - secrets."forgejo-runner-token" = { - file = ../secrets/forgejo-runner-token.age; - mode = "400"; - owner = "forgejo"; + services = { + forgejo = { + enable = true; + database.type = "postgres"; + lfs.enable = true; + settings = { + service.DISABLE_REGISTRATION = true; + server = { + DOMAIN = "git.alpine-centauri.ts.net"; + ROOT_URL = "https://${config.services.forgejo.settings.server.DOMAIN}"; + # HTTP_PORT = 3000; + }; + actions = { + ENABLED = true; + DEFAULT_ACTIONS_URL = "github"; }; }; - - services = { - forgejo = { - enable = true; - database.type = "postgres"; - lfs.enable = true; - settings = { - server = { - DOMAIN = "git.alpine-centauri.ts.net"; - ROOT_URL = "https://git.alpine-centauri.ts.net/"; - HTTP_PORT = 3000; - }; - actions = { - ENABLED = true; - DEFAULT_ACTIONS_URL = "https://code.forgejo.org"; - }; - }; - }; - - # gitea-actions-runner = { - # package = pkgs.forgejo-runner; - # instances.native = { - # enable = true; - # name = "native"; - # url = "https://git.alpine-centauri.ts.net"; - # tokenFile = config.age.secrets.forgejo-runner-token.path; - # labels = [ "native:host" ]; - # }; - # }; - - tailscale = { - enable = true; - useRoutingFeatures = "server"; - interfaceName = "userspace-networking"; - }; - }; - - system.stateVersion = "24.05"; }; }; } diff --git a/modules/secrets/forgejo-runner-token.age b/modules/secrets/forgejo-runner-token.age deleted file mode 100644 index 3562c66c2ef73fd61456203f0100b2b4d825af58..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 363 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSP$}cHMPFHZ$_A~R$ ztn$dtb@K{w_jPqK3pRHSH_0t5G7R^%NGta>OUVi_NOgC0v*1ec%X2pMa11Okb}i3{ zOmhq~FwZNA3P}kn_bBnJa0>GEC<`kuim1x82t~Ke#2_*&B2XbEJUFScEFd@B&?_T6 zJI%zvKfpD>)ll0q$28qN*uTug*}cNkB-}mUIGfAAv?#?n)z!eiywW5zJHpS?*VrT9 zKPA{P!^ttgSvw>tBDA2aINQh7IhjjWS69Kfz$CxQ(a$x=*fX@qtSm66v?|fnxzyC$ zJ3HUh$j~h%%`wCxE4`pB&w$HmNx_ry<+26!O>cjn3LJu>g{p7edEI5u5k*tYkb w@5%=}$+yJQD-^a!{1)21CA@9d=OxqDM1QmpXv%DJxh#M4&;rS7qu{N%01!`sg8%>k diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index a00b39a..eb3f3ca 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -8,7 +8,6 @@ let in { "copyparty-jan.age".publicKeys = all; - "forgejo-runner-token.age".publicKeys = all; "paperless-admin.age".publicKeys = all; "tailscale.age".publicKeys = all; }