100 lines
3.6 KiB
Nix
100 lines
3.6 KiB
Nix
# Forgejo
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
let
|
|
inherit (lib) mkOption mkDefault;
|
|
in
|
|
{
|
|
options = {
|
|
nixin.forgejo = {
|
|
http-port = mkOption { type = lib.types.int; };
|
|
domain = mkOption { type = lib.types.str; };
|
|
smtp-addr = mkOption { type = lib.types.str; };
|
|
smtp-user = mkOption { type = lib.types.str; };
|
|
smtp-from = mkOption { type = lib.types.str; };
|
|
#smtp-pwd = mkOption { type = lib.types.str; };
|
|
smtp-pwd-file = mkOption { type = lib.types.str; };
|
|
admin-email = mkOption { type = lib.types.str; };
|
|
admin-user = mkOption { type = lib.types.str; };
|
|
admin-pwd = mkOption { type = lib.types.str; };
|
|
};
|
|
};
|
|
|
|
config = {
|
|
services.forgejo = {
|
|
enable = true;
|
|
database.type = "postgres";
|
|
# Enable support for Git Large File Storage
|
|
lfs.enable = true;
|
|
settings = {
|
|
server = {
|
|
DOMAIN = "${config.nixin.forgejo.domain}";
|
|
# You need to specify this to remove the port from URLs in the web UI.
|
|
ROOT_URL = "https://${config.nixin.forgejo.domain}/";
|
|
HTTP_PORT = config.nixin.forgejo.http-port;
|
|
};
|
|
# You can temporarily allow registration to create an admin user.
|
|
service.DISABLE_REGISTRATION = true;
|
|
# Add support for actions, based on act: https://github.com/nektos/act
|
|
actions = {
|
|
ENABLED = true;
|
|
DEFAULT_ACTIONS_URL = "github";
|
|
};
|
|
# Sending emails is completely optional
|
|
# You can send a test email from the web UI at:
|
|
# Profile Picture > Site Administration > Configuration > Mailer Configuration
|
|
mailer = {
|
|
ENABLED = true;
|
|
PROTOCOL = "smtp+starttls";
|
|
SMTP_ADDR = "${config.nixin.forgejo.smtp-addr}";
|
|
FROM = "${config.nixin.forgejo.smtp-from}";
|
|
USER = "${config.nixin.forgejo.smtp-user}";
|
|
#PASSWD = "${config.nixin.forgejo.smtp-pwd}";
|
|
};
|
|
};
|
|
secrets.mailer.PASSWD = "${config.nixin.forgejo.smtp-pwd-file}";
|
|
};
|
|
|
|
environment.systemPackages = let
|
|
cfg = config.services.forgejo;
|
|
forgejo-cli = pkgs.writeScriptBin "forgejo" ''
|
|
#!${pkgs.runtimeShell}
|
|
cd ${cfg.stateDir}
|
|
sudo=exec
|
|
if [[ "$USER" != forgejo ]]; then
|
|
sudo='exec /run/wrappers/bin/sudo -u ${cfg.user} -g ${cfg.group} --preserve-env=GITEA_WORK_DIR --preserve-env=GITEA_CUSTOM'
|
|
fi
|
|
# Note that these variable names will change
|
|
export GITEA_WORK_DIR=${cfg.stateDir}
|
|
export GITEA_CUSTOM=${cfg.customDir}
|
|
$sudo ${lib.getExe cfg.package} "$@"
|
|
'';
|
|
in [
|
|
forgejo-cli
|
|
];
|
|
|
|
networking.hosts = {
|
|
"127.0.0.1" = ["${config.nixin.forgejo.domain}"];
|
|
};
|
|
|
|
systemd.services.forgejo.preStart = let
|
|
adminCmd = "${lib.getExe config.services.forgejo.package} admin user";
|
|
in ''
|
|
env >/tmp/debug
|
|
${adminCmd} create --admin --email "${config.nixin.forgejo.admin-email}" --username "${config.nixin.forgejo.admin-user}" --password "${config.nixin.forgejo.admin-pwd}" || true
|
|
## uncomment this line to change an admin user which was already created
|
|
# ${adminCmd} change-password --username ${config.nixin.forgejo.admin-user} --password "${config.nixin.forgejo.admin-pwd}" || true
|
|
'';
|
|
|
|
|
|
services.traefik.dynamicConfigOptions.http.services."service-forgejo" = {
|
|
loadBalancer.servers = [
|
|
{ url = "http://localhost:${toString config.nixin.forgejo.http-port}"; }
|
|
];
|
|
};
|
|
services.traefik.dynamicConfigOptions.http.routers."router-forgejo" = {
|
|
rule = "Host(`${config.nixin.forgejo.domain}`)";
|
|
service = "service-forgejo";
|
|
};
|
|
};
|
|
}
|