blob: 32c04d4ef7b3b3499ca01a336f34dcde334532db (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
{ config, pkgs, lib, ... }:
let
cfg = config.my.services.gitea;
robots-deny = pkgs.writeText "robots.txt" ''
User-agent: *
Disallow: /
'';
in
{
options.my.services.gitea = with lib; {
enable = mkEnableOption "gitea git server";
stateDir = mkOption {
type = types.str;
example = "/var/lib/gitea";
description = "gitea base directory";
};
};
config = lib.mkIf cfg.enable {
users.users.git = {
description = "Gitea Service";
home = cfg.stateDir;
useDefaultShell = true;
group = "git";
isSystemUser = true;
};
users.groups.git = { };
services.gitea = {
enable = true;
user = "git";
domain = "git.fcuny.net";
appName = "git.fcuny.net";
rootUrl = "https://git.fcuny.net/";
httpAddress = "127.0.0.1";
httpPort = 8002;
settings = {
log = {
LEVEL = "Error";
};
service = {
ENABLE_USER_HEATMAP = false;
};
other = {
SHOW_FOOTER_VERSION = false;
};
metrics = {
ENABLED = true;
ENABLED_ISSUE_BY_REPOSITORY = true;
};
repository = {
ENABLE_PUSH_CREATE_USER = true;
DEFAULT_BRANCH = "main";
};
server = {
DISABLE_SSH = true;
};
};
dump.enable = false;
database = {
type = "sqlite3";
user = "git";
};
};
services.nginx.virtualHosts."git.fcuny.net" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8002";
proxyWebsockets = true;
};
locations."= /robots.txt".alias = robots-deny;
};
services.prometheus.scrapeConfigs = [{
job_name = "gitea";
metrics_path = "/metrics";
scheme = "https";
scrape_interval = "30s";
static_configs = [{ targets = [ "git.fcuny.net" ]; }];
}];
my.services.backup = { paths = [ cfg.stateDir ]; };
};
}
|
