# Forgejo { config, pkgs, lib, ... }: let inherit (lib) mkOption mkDefault; in { options = { nixin.forge = { http-port = mkOption { type = lib.types.int; }; domain = mkOption { type = lib.types.str; }; smtp-addr = mkOption { type = lib.types.str; }; smtp-user = mkOption { type = lib.types.str; }; smtp-from = mkOption { type = lib.types.str; }; #smtp-pwd = mkOption { type = lib.types.str; }; smtp-pwd-file = mkOption { type = lib.types.str; }; admin-email = mkOption { type = lib.types.str; }; admin-user = mkOption { type = lib.types.str; }; admin-pwd = mkOption { type = lib.types.str; }; }; }; config = { services.forgejo = { enable = true; database.type = "postgres"; # Enable support for Git Large File Storage lfs.enable = true; settings = { server = { DOMAIN = "${config.nixin.forge.domain}"; # You need to specify this to remove the port from URLs in the web UI. ROOT_URL = "https://${config.nixin.forge.domain}/"; HTTP_PORT = config.nixin.forge.http-port; }; # You can temporarily allow registration to create an admin user. service.DISABLE_REGISTRATION = true; # Add support for actions, based on act: https://github.com/nektos/act actions = { ENABLED = true; DEFAULT_ACTIONS_URL = "github"; }; # Sending emails is completely optional # You can send a test email from the web UI at: # Profile Picture > Site Administration > Configuration > Mailer Configuration mailer = { ENABLED = true; PROTOCOL = "smtp+starttls"; SMTP_ADDR = "${config.nixin.forge.smtp-addr}"; FROM = "${config.nixin.forge.smtp-from}"; USER = "${config.nixin.forge.smtp-user}"; #PASSWD = "${config.nixin.forge.smtp-pwd}"; }; }; secrets.mailer.PASSWD = "${config.nixin.forge.smtp-pwd-file}"; }; environment.systemPackages = let cfg = config.services.forgejo; forgejo-cli = pkgs.writeScriptBin "forgejo" '' #!${pkgs.runtimeShell} cd ${cfg.stateDir} sudo=exec if [[ "$USER" != forgejo ]]; then sudo='exec /run/wrappers/bin/sudo -u ${cfg.user} -g ${cfg.group} --preserve-env=GITEA_WORK_DIR --preserve-env=GITEA_CUSTOM' fi # Note that these variable names will change export GITEA_WORK_DIR=${cfg.stateDir} export GITEA_CUSTOM=${cfg.customDir} $sudo ${lib.getExe cfg.package} "$@" ''; in [ forgejo-cli ]; networking.hosts = { "127.0.0.1" = ["${config.nixin.forge.domain}"]; }; systemd.services.forgejo.preStart = let adminCmd = "${lib.getExe config.services.forgejo.package} admin user"; in '' env >/tmp/debug ${adminCmd} create --admin --email "${config.nixin.forge.admin-email}" --username "${config.nixin.forge.admin-user}" --password "${config.nixin.forge.admin-pwd}" || true ## uncomment this line to change an admin user which was already created # ${adminCmd} change-password --username ${config.nixin.forge.admin-user} --password "${config.nixin.forge.admin-pwd}" || true ''; services.traefik.dynamicConfigOptions.http.services."service-forgejo" = { loadBalancer.servers = [ { url = "http://localhost:${toString config.nixin.forge.http-port}"; } ]; }; services.traefik.dynamicConfigOptions.http.routers."router-forgejo" = { rule = "Host(`${config.nixin.forge.domain}`)"; service = "service-forgejo"; }; }; }