38 lines
945 B
Nix
38 lines
945 B
Nix
|
{config, ...}: {
|
||
|
services.gitea = {
|
||
|
enable = true;
|
||
|
|
||
|
database = {
|
||
|
type = "postgres";
|
||
|
passwordFile = config.age.secrets."services/gitea/password-database".path;
|
||
|
};
|
||
|
|
||
|
lfs.enable = true;
|
||
|
|
||
|
appName = "nekowinston's Gitea";
|
||
|
settings = {
|
||
|
server = rec {
|
||
|
DOMAIN = "git.winston.sh";
|
||
|
HTTP_ADDR = "127.0.0.1";
|
||
|
HTTP_PORT = 12492;
|
||
|
ROOT_URL = "https://${DOMAIN}/";
|
||
|
};
|
||
|
service.DISABLE_REGISTRATION = true;
|
||
|
session.COOKIE_SECURE = true;
|
||
|
};
|
||
|
};
|
||
|
|
||
|
age.secrets."services/gitea/password-database".owner = "gitea";
|
||
|
|
||
|
services.nginx.virtualHosts.${config.services.gitea.settings.server.DOMAIN} = {
|
||
|
forceSSL = true;
|
||
|
enableACME = false;
|
||
|
useACMEHost = "winston.sh";
|
||
|
|
||
|
locations."/" = with config.services.gitea.settings.server; {
|
||
|
extraConfig = "client_max_body_size 512M;";
|
||
|
proxyPass = "http://${HTTP_ADDR}:${toString HTTP_PORT}";
|
||
|
};
|
||
|
};
|
||
|
}
|