71 lines
1.6 KiB
Nix
71 lines
1.6 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
domain = "git.jankremer.de";
|
|
in
|
|
{
|
|
age.secrets.forgejo-mailer = {
|
|
file = ../../modules/secrets/forgejo-mailer.age;
|
|
owner = "forgejo";
|
|
};
|
|
age.secrets.forgejo-runner = {
|
|
file = ../../modules/secrets/forgejo-runner.age;
|
|
owner = "gitea-runner";
|
|
};
|
|
|
|
users.users.gitea-runner = {
|
|
isSystemUser = true;
|
|
group = "gitea-runner";
|
|
};
|
|
users.groups.gitea-runner = {};
|
|
|
|
systemd.services."gitea-runner-nimbus".serviceConfig.ReadWritePaths = [ "/var/www/jankremer.de" ];
|
|
|
|
services = {
|
|
forgejo = {
|
|
enable = true;
|
|
database.type = "postgres";
|
|
lfs.enable = true;
|
|
settings = {
|
|
service.DISABLE_REGISTRATION = true;
|
|
server = {
|
|
DOMAIN = domain;
|
|
ROOT_URL = "https://${domain}";
|
|
START_SSH_SERVER = false;
|
|
SSH_PORT = lib.head config.services.openssh.ports;
|
|
};
|
|
mailer = {
|
|
ENABLED = true;
|
|
SMTP_ADDR = "smtp.mail.me.com";
|
|
SMTP_PORT = 587;
|
|
FROM = "git@jankremer.de";
|
|
USER = "janurskremer@me.com";
|
|
};
|
|
actions = {
|
|
ENABLED = true;
|
|
DEFAULT_ACTIONS_URL = "github";
|
|
};
|
|
};
|
|
secrets = {
|
|
mailer.PASSWD = config.age.secrets.forgejo-mailer.path;
|
|
};
|
|
};
|
|
|
|
gitea-actions-runner = {
|
|
package = pkgs.forgejo-runner;
|
|
instances.nimbus = {
|
|
enable = true;
|
|
name = config.networking.hostName;
|
|
url = "https://${domain}";
|
|
tokenFile = config.age.secrets.forgejo-runner.path;
|
|
labels = [
|
|
"native:host"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|