64 lines
1.7 KiB
Nix
64 lines
1.7 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
namespace,
|
|
...
|
|
}:
|
|
with lib;
|
|
let
|
|
cfg = config.${namespace}.services.gitea;
|
|
rootUrl = "https://gitea.mjallen.dev/";
|
|
mailerPasswordFile = config.sops.secrets."jallen-nas/gitea/mail-key".path;
|
|
metricsTokenFile = config.sops.secrets."jallen-nas/gitea/metrics-key".path;
|
|
|
|
# Create reverse proxy configuration using mkReverseProxy
|
|
reverseProxyConfig = lib.${namespace}.mkReverseProxy {
|
|
name = "gitea";
|
|
subdomain = cfg.reverseProxy.subdomain;
|
|
url = "http://${cfg.localAddress}:${toString cfg.httpPort}";
|
|
middlewares = cfg.reverseProxy.middlewares;
|
|
};
|
|
|
|
traefik = {
|
|
"${namespace}".services.traefik = lib.mkIf cfg.reverseProxy.enable {
|
|
reverseProxies = [ reverseProxyConfig ];
|
|
};
|
|
};
|
|
in
|
|
{
|
|
imports = [ ./options.nix ];
|
|
config =
|
|
mkIf cfg.enable {
|
|
services.gitea = {
|
|
enable = true;
|
|
stateDir = cfg.dataDir;
|
|
user = "nix-apps";
|
|
group = "jallen-nas";
|
|
mailerPasswordFile = mailerPasswordFile;
|
|
metricsTokenFile = metricsTokenFile;
|
|
settings = {
|
|
server = {
|
|
DOMAIN = "jallen-nas";
|
|
HTTP_ADDR = "0.0.0.0";
|
|
HTTP_PORT = cfg.httpPort;
|
|
PROTOCOL = "http";
|
|
ROOT_URL = rootUrl;
|
|
START_SSH_SERVER = true;
|
|
SSH_PORT = cfg.sshPort;
|
|
};
|
|
service = {
|
|
REGISTER_EMAIL_CONFIRM = false;
|
|
ENABLE_CAPTCHA = false;
|
|
DISABLE_REGISTRATION = true;
|
|
ENABLE_OPENID_SIGNIN = false;
|
|
ENABLE_LDAP_SIGNIN = false;
|
|
ENABLE_SSH_SIGNIN = true;
|
|
ENABLE_BUILTIN_SSH_SERVER = true;
|
|
ENABLE_REVERSE_PROXY_AUTHENTICATION = true;
|
|
};
|
|
};
|
|
};
|
|
}
|
|
// traefik;
|
|
}
|