nixin-krops/modules/forgejo.nix

# Forgejo
{ config, pkgs, lib, ... }:

let
  inherit (lib) mkOption mkDefault;
in
{
  options = {
    nixin.forge = {
      http-port = mkOption { type = lib.types.int; };
      domain = mkOption { type = lib.types.str; };
      smtp-addr = mkOption { type = lib.types.str; };
      smtp-user = mkOption { type = lib.types.str; };
      smtp-from = mkOption { type = lib.types.str; };
      #smtp-pwd = mkOption { type = lib.types.str; };
      smtp-pwd-file = mkOption { type = lib.types.str; };
      admin-email = mkOption { type = lib.types.str; };
      admin-user = mkOption { type = lib.types.str; };
      admin-pwd = mkOption { type = lib.types.str; };
    };
  };

  config = {
    services.forgejo = {
      enable = true;
      database.type = "postgres";
      # Enable support for Git Large File Storage
      lfs.enable = true;
      settings = {
        server = {
          DOMAIN = "${config.nixin.forge.domain}";
          # You need to specify this to remove the port from URLs in the web UI.
          ROOT_URL = "https://${config.nixin.forge.domain}/";
          HTTP_PORT = config.nixin.forge.http-port;
        };
        # You can temporarily allow registration to create an admin user.
        service.DISABLE_REGISTRATION = true;
        # Add support for actions, based on act: https://github.com/nektos/act
        actions = {
          ENABLED = true;
          DEFAULT_ACTIONS_URL = "github";
        };
        # Sending emails is completely optional
        # You can send a test email from the web UI at:
        # Profile Picture > Site Administration > Configuration > Mailer Configuration
        mailer = {
          ENABLED = true;
          PROTOCOL = "smtp+starttls";
          SMTP_ADDR = "${config.nixin.forge.smtp-addr}";
          FROM = "${config.nixin.forge.smtp-from}";
          USER = "${config.nixin.forge.smtp-user}";
          #PASSWD = "${config.nixin.forge.smtp-pwd}";
        };
      };
      secrets.mailer.PASSWD = "${config.nixin.forge.smtp-pwd-file}";
    };

    systemd.services.forgejo.preStart = let 
      adminCmd = "${lib.getExe config.services.forgejo.package} admin user";
    in ''
      env >/tmp/debug
      ${adminCmd} create --admin --email "${config.nixin.forge.admin-email}" --username "${config.nixin.forge.admin-user}" --password "${config.nixin.forge.admin-pwd}" || true
      ## uncomment this line to change an admin user which was already created
      # ${adminCmd} change-password --username ${config.nixin.forge.admin-user} --password "${config.nixin.forge.admin-pwd}" || true
    '';


    services.traefik.dynamicConfigOptions.http.services."service-forgejo" = {
      loadBalancer.servers = [
        { url = "http://localhost:${toString config.nixin.forge.http-port}"; }
      ];
    };
    services.traefik.dynamicConfigOptions.http.routers."router-forgejo" = {
      rule = "Host(`${config.nixin.forge.domain}`)";
      service = "service-forgejo";
    };
  };
}
add forgejo to arachnide server 2024-12-20 17:56:01 +00:00			`# Forgejo`
			`{ config, pkgs, lib, ... }:`

			`let`
			`inherit (lib) mkOption mkDefault;`
			`in`
			`{`
			`options = {`
			`nixin.forge = {`
			`http-port = mkOption { type = lib.types.int; };`
			`domain = mkOption { type = lib.types.str; };`
			`smtp-addr = mkOption { type = lib.types.str; };`
			`smtp-user = mkOption { type = lib.types.str; };`
			`smtp-from = mkOption { type = lib.types.str; };`
			`#smtp-pwd = mkOption { type = lib.types.str; };`
			`smtp-pwd-file = mkOption { type = lib.types.str; };`
			`admin-email = mkOption { type = lib.types.str; };`
			`admin-user = mkOption { type = lib.types.str; };`
			`admin-pwd = mkOption { type = lib.types.str; };`
			`};`
			`};`

			`config = {`
			`services.forgejo = {`
			`enable = true;`
			`database.type = "postgres";`
			`# Enable support for Git Large File Storage`
			`lfs.enable = true;`
			`settings = {`
			`server = {`
			`DOMAIN = "${config.nixin.forge.domain}";`
			`# You need to specify this to remove the port from URLs in the web UI.`
			`ROOT_URL = "https://${config.nixin.forge.domain}/";`
			`HTTP_PORT = config.nixin.forge.http-port;`
			`};`
			`# You can temporarily allow registration to create an admin user.`
			`service.DISABLE_REGISTRATION = true;`
			`# Add support for actions, based on act: https://github.com/nektos/act`
			`actions = {`
			`ENABLED = true;`
			`DEFAULT_ACTIONS_URL = "github";`
			`};`
			`# Sending emails is completely optional`
			`# You can send a test email from the web UI at:`
			`# Profile Picture > Site Administration > Configuration > Mailer Configuration`
			`mailer = {`
			`ENABLED = true;`
			`PROTOCOL = "smtp+starttls";`
			`SMTP_ADDR = "${config.nixin.forge.smtp-addr}";`
			`FROM = "${config.nixin.forge.smtp-from}";`
			`USER = "${config.nixin.forge.smtp-user}";`
			`#PASSWD = "${config.nixin.forge.smtp-pwd}";`
			`};`
			`};`
			`secrets.mailer.PASSWD = "${config.nixin.forge.smtp-pwd-file}";`
			`};`

			`systemd.services.forgejo.preStart = let`
			`adminCmd = "${lib.getExe config.services.forgejo.package} admin user";`
			`in ''`
			`env >/tmp/debug`
			`${adminCmd} create --admin --email "${config.nixin.forge.admin-email}" --username "${config.nixin.forge.admin-user}" --password "${config.nixin.forge.admin-pwd}" \|\| true`
			`## uncomment this line to change an admin user which was already created`
			`# ${adminCmd} change-password --username ${config.nixin.forge.admin-user} --password "${config.nixin.forge.admin-pwd}" \|\| true`
			`'';`


			`services.traefik.dynamicConfigOptions.http.services."service-forgejo" = {`
			`loadBalancer.servers = [`
			`{ url = "http://localhost:${toString config.nixin.forge.http-port}"; }`
			`];`
			`};`
			`services.traefik.dynamicConfigOptions.http.routers."router-forgejo" = {`
			rule = "Host(`${config.nixin.forge.domain}`)";
			`service = "service-forgejo";`
			`};`
			`};`
			`}`