2021-03-13 15:32:44 +01:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
|
|
{
|
|
|
|
services.openssh.ports = [ 2222 ];
|
|
|
|
services.gitea = {
|
|
|
|
enable = true;
|
|
|
|
appName = "Git: entr0py.de";
|
|
|
|
database = {
|
|
|
|
createDatabase = false;
|
|
|
|
type = "postgres";
|
|
|
|
name = "gitea";
|
|
|
|
user = "gitea";
|
|
|
|
socket = "/run/postgresql";
|
|
|
|
};
|
|
|
|
cookieSecure = true;
|
|
|
|
disableRegistration = true;
|
|
|
|
rootUrl = "https://git.entr0py.de/";
|
|
|
|
domain = "git.entr0py.de";
|
|
|
|
httpAddress = "127.0.0.1";
|
|
|
|
httpPort = 3000;
|
|
|
|
lfs.enable = true;
|
|
|
|
log.level = "Info";
|
|
|
|
ssh = {
|
|
|
|
enable = true;
|
|
|
|
clonePort = 2222;
|
|
|
|
};
|
|
|
|
settings = {
|
|
|
|
database = {
|
|
|
|
CHARSET = "utf8";
|
|
|
|
};
|
|
|
|
repository = {
|
|
|
|
ENABLE_PUSH_CREATE_USER = true;
|
|
|
|
ENABLE_PUSH_CREATE_ORG = true;
|
|
|
|
DEFAULT_PRIVATE = true;
|
|
|
|
};
|
|
|
|
server = {
|
|
|
|
OFFLINE_MODE = true;
|
|
|
|
LANDING_PAGE = "explore";
|
|
|
|
};
|
|
|
|
mailer = {
|
|
|
|
enabled = false;
|
|
|
|
};
|
|
|
|
service = {
|
|
|
|
REGISTER_EMAIL_CONFIRM = false;
|
|
|
|
ENABLE_NOTIFY_MAIL = false;
|
|
|
|
ALLOW_ONLY_EXTERNAL_REGISTRATION = false;
|
|
|
|
ENABLE_CAPTCHA = false;
|
|
|
|
REQUIRE_SIGNIN_VIEW = false;
|
|
|
|
DEFAULT_KEEP_EMAIL_PRIVATE = true;
|
|
|
|
DEFAULT_ALLOW_CREATE_ORGANIZATION = true;
|
|
|
|
DEFAULT_ENABLE_TIMETRACKING = false;
|
|
|
|
};
|
|
|
|
picture = {
|
|
|
|
DISABLE_GRAVATAR = true;
|
|
|
|
ENABLE_FEDERATED_AVATAR = false;
|
|
|
|
};
|
|
|
|
openid = {
|
|
|
|
ENABLE_OPENID_SIGNIN = false;
|
|
|
|
ENABLE_OPENID_SIGNUP = false;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
services.postgresql = {
|
|
|
|
enable = true;
|
|
|
|
package = pkgs.postgresql_12;
|
|
|
|
ensureDatabases = [ "gitea" ];
|
|
|
|
ensureUsers = [
|
|
|
|
{
|
|
|
|
name = "gitea";
|
|
|
|
ensurePermissions."DATABASE gitea" = "ALL PRIVILEGES";
|
|
|
|
}
|
|
|
|
];
|
|
|
|
};
|
2021-06-14 16:36:30 +02:00
|
|
|
services.prometheus.exporters.postgres = {
|
|
|
|
enable = true;
|
|
|
|
port = 9101;
|
|
|
|
runAsLocalSuperUser = true;
|
|
|
|
openFirewall = true;
|
|
|
|
firewallFilter = "-i wg-monitoring -p tcp -m tcp --dport 9101";
|
|
|
|
};
|
2021-03-13 15:32:44 +01:00
|
|
|
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
|
|
services.nginx = {
|
|
|
|
enable = true; # Enable Nginx
|
|
|
|
recommendedGzipSettings = true;
|
|
|
|
recommendedOptimisation = true;
|
|
|
|
recommendedProxySettings = true;
|
|
|
|
recommendedTlsSettings = true;
|
|
|
|
virtualHosts."git.entr0py.de" = { # Gitea hostname
|
|
|
|
enableACME = true; # Use ACME certs
|
|
|
|
forceSSL = true; # Force SSL
|
|
|
|
locations."/".proxyPass = "http://localhost:3000/"; # Proxy Gitea
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|