server-configs/machines/gerd/services/forgejo/forgejo.nix

52 lines
1.3 KiB
Nix
Raw Normal View History

{ config, lib, pkgs, ... }:
let
svc_domain = "git.${config.mine.shared.settings.domain}";
in {
services.forgejo = {
enable = true;
stateDir = config.mine.zfsMounts."rpool/safe/svcs/forgejo";
package = pkgs.forgejo.overrideAttrs (old: {
patches = old.patches ++ [
./patches/signin-template.patch
./patches/link-accounts-template.patch
];
});
# use postgres, will create and start postgresql
# itself, as well as databdase and user
database.type = "postgres";
settings = {
server = {
DOMAIN = svc_domain;
ROOT_URL = "https://${svc_domain}";
HTTPPORT = 3000;
};
# sync ldap and forgejo
"cron.sync_external_users" = {
RUN_AT_START = true;
SCHEDULE = "@every 15m";
UPDATE_EXISTING = true;
};
# disable registration, only account linking is possible
service.DISABLE_REGISTRATION = true;
};
};
services.nginx.virtualHosts."${svc_domain}" = {
forceSSL = true;
enableACME = true;
extraConfig = ''
client_max_body_size 512M;
'';
locations."/".proxyPass = "http://localhost:${builtins.toString config.services.forgejo.settings.server.HTTPPORT}";
};
# settings
mine.shared.settings.forgejo.domain = svc_domain;
}