Browse Source

Prepare hardcase for gitea

master
m1cr0man 2 years ago
parent
commit
1a7859b418
2 changed files with 30 additions and 17 deletions
  1. +6
    -0
      hosts/hardcase/hardware-configuration.nix
  2. +24
    -17
      services/gitea.nix

+ 6
- 0
hosts/hardcase/hardware-configuration.nix View File

@@ -28,6 +28,12 @@
fsType = "zfs";
};

# zfs create -o mountpoint=legacy zroot/git
fileSystems."/zroot/git" =
{ device = "zroot/git";
fsType = "zfs";
};

fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/0b075b97-42b6-4444-a16f-8f0e86aae318";
fsType = "ext4";


+ 24
- 17
services/gitea.nix View File

@@ -1,19 +1,25 @@
{ lib, ... }:
{
let
common = import ../common/variables.nix;

stateDir = "/var/lib/gitea";
repositoryRoot = "/zroot/git";
in {
users.users.git = {
description = "Service user for gitea";
isSystemUser = true;
group = "gitea";
shell = "/dev/null";
home = "/dev/null";
};
services.gitea = {
inherit stateDir repositoryRoot;
enable = true;
appName = "Redbrick";
user = "git";
domain = "redbrick.dcu.ie";
domain = common.tld;
httpPort = 3000;
rootUrl = "https://redbricktest.ml:3000/";
rootUrl = "https://git.${common.tld}/";

database = {
createDatabase = false;
@@ -27,7 +33,7 @@

extraConfig = ''
[repository.upload]
TEMP_PATH = /var/lib/gitea/uploads
TEMP_PATH = ${stateDir}/uploads

[server]
SSH_DOMAIN = git.redbrick.dcu.ie
@@ -37,22 +43,22 @@
OFFLINE_MODE = false

[session]
PROVIDER_CONFIG = /var/lib/gitea/sessions
PROVIDER_CONFIG = ${stateDir}/sessions
PROVIDER = file
[picture]
AVATAR_UPLOAD_PATH = /var/lib/gitea/avatars
AVATAR_UPLOAD_PATH = ${stateDir}/avatars
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = false
[attachment]
PATH = /var/lib/gitea/attachments
PATH = ${stateDir}/attachments
[mailer]
ENABLED = true
HOST = mailhost.redbrick.dcu.ie:587
FROM = gitea@redbrick.dcu.ie
[service]
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = true
@@ -61,20 +67,21 @@
REQUIRE_SIGNIN_VIEW = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
NO_REPLY_ADDRESS = noreply.redbrick.dcu.ie
[security]
INSTALL_LOCK = true
SECRET_KEY = ZaAgYxsMt3
INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE0OTI2MDcxMDR9.T3CCdLpGcXvOzC_Wg7Uq8fN-YE3TCJPofGmiHnaypUg
[openid]
ENABLE_OPENID_SIGNUP = false
ENABLE_OPENID_SIGNIN = false
[oauth2]
JWT_SECRET = 0l4Md3fIHiSXRVK4gFpvO2CFXqhb8qSzWLuHPioWUyo

'';
};
networking.firewall.allowedTCPPorts = [3000];

networking.firewall.allowedTCPPorts = [ 3000 ];
}

Loading…
Cancel
Save