nixin-krops/modules/forgejo.nix

100 lines
3.6 KiB
Nix

# Forgejo
{ config, pkgs, lib, ... }:
let
inherit (lib) mkOption mkDefault;
in
{
options = {
nixin.forgejo = {
http-port = mkOption { type = lib.types.int; };
domain = mkOption { type = lib.types.str; };
smtp-addr = mkOption { type = lib.types.str; };
smtp-user = mkOption { type = lib.types.str; };
smtp-from = mkOption { type = lib.types.str; };
#smtp-pwd = mkOption { type = lib.types.str; };
smtp-pwd-file = mkOption { type = lib.types.str; };
admin-email = mkOption { type = lib.types.str; };
admin-user = mkOption { type = lib.types.str; };
admin-pwd = mkOption { type = lib.types.str; };
};
};
config = {
services.forgejo = {
enable = true;
database.type = "postgres";
# Enable support for Git Large File Storage
lfs.enable = true;
settings = {
server = {
DOMAIN = "${config.nixin.forgejo.domain}";
# You need to specify this to remove the port from URLs in the web UI.
ROOT_URL = "https://${config.nixin.forgejo.domain}/";
HTTP_PORT = config.nixin.forgejo.http-port;
};
# You can temporarily allow registration to create an admin user.
service.DISABLE_REGISTRATION = true;
# Add support for actions, based on act: https://github.com/nektos/act
actions = {
ENABLED = true;
DEFAULT_ACTIONS_URL = "github";
};
# Sending emails is completely optional
# You can send a test email from the web UI at:
# Profile Picture > Site Administration > Configuration > Mailer Configuration
mailer = {
ENABLED = true;
PROTOCOL = "smtp+starttls";
SMTP_ADDR = "${config.nixin.forgejo.smtp-addr}";
FROM = "${config.nixin.forgejo.smtp-from}";
USER = "${config.nixin.forgejo.smtp-user}";
#PASSWD = "${config.nixin.forgejo.smtp-pwd}";
};
};
secrets.mailer.PASSWD = "${config.nixin.forgejo.smtp-pwd-file}";
};
environment.systemPackages = let
cfg = config.services.forgejo;
forgejo-cli = pkgs.writeScriptBin "forgejo" ''
#!${pkgs.runtimeShell}
cd ${cfg.stateDir}
sudo=exec
if [[ "$USER" != forgejo ]]; then
sudo='exec /run/wrappers/bin/sudo -u ${cfg.user} -g ${cfg.group} --preserve-env=GITEA_WORK_DIR --preserve-env=GITEA_CUSTOM'
fi
# Note that these variable names will change
export GITEA_WORK_DIR=${cfg.stateDir}
export GITEA_CUSTOM=${cfg.customDir}
$sudo ${lib.getExe cfg.package} "$@"
'';
in [
forgejo-cli
];
networking.hosts = {
"127.0.0.1" = ["${config.nixin.forgejo.domain}"];
};
systemd.services.forgejo.preStart = let
adminCmd = "${lib.getExe config.services.forgejo.package} admin user";
in ''
env >/tmp/debug
${adminCmd} create --admin --email "${config.nixin.forgejo.admin-email}" --username "${config.nixin.forgejo.admin-user}" --password "${config.nixin.forgejo.admin-pwd}" || true
## uncomment this line to change an admin user which was already created
# ${adminCmd} change-password --username ${config.nixin.forgejo.admin-user} --password "${config.nixin.forgejo.admin-pwd}" || true
'';
services.traefik.dynamicConfigOptions.http.services."service-forgejo" = {
loadBalancer.servers = [
{ url = "http://localhost:${toString config.nixin.forgejo.http-port}"; }
];
};
services.traefik.dynamicConfigOptions.http.routers."router-forgejo" = {
rule = "Host(`${config.nixin.forgejo.domain}`)";
service = "service-forgejo";
};
};
}