From 8057e7fb890a3f22d8e981c5bdfb861154474a48 Mon Sep 17 00:00:00 2001 From: Swarsel Date: Sun, 15 Dec 2024 15:14:50 +0100 Subject: [PATCH] feat: modularize forgejo config --- SwarselSystems.org | 146 +++++++++++++++++++++++------- hosts/nixos/sync/default.nix | 32 ------- modules/nixos/setup.nix | 1 + profiles/server/nixos/default.nix | 1 + profiles/server/nixos/forgejo.nix | 46 ++++++++++ 5 files changed, 163 insertions(+), 63 deletions(-) create mode 100644 profiles/server/nixos/forgejo.nix diff --git a/SwarselSystems.org b/SwarselSystems.org index 9dc6491..1892f55 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -1257,7 +1257,7 @@ I have removed most of the machines from this section. What remains are some hos { imports = [ - inputs.sops-nix.nixosModules.sops + inputs.sops-nix.nixosModules.sops ./hardware-configuration.nix ]; @@ -1329,19 +1329,6 @@ I have removed most of the machines from this section. What remains are some hos }; }; - "swagit.swarsel.win" = { - enableACME = true; - forceSSL = true; - acmeRoot = null; - locations = { - "/" = { - proxyPass = "http://localhost:3000"; - extraConfig = '' - client_max_body_size 0; - ''; - }; - }; - }; }; }; @@ -1397,23 +1384,16 @@ I have removed most of the machines from this section. What remains are some hos openDefaultPorts = true; }; - services.forgejo = { - enable = true; - settings = { - DEFAULT = { - APP_NAME = "~SwaGit~"; - }; - server = { - PROTOCOL = "http"; - HTTP_PORT = 3000; - HTTP_ADDR = "0.0.0.0"; - DOMAIN = "swagit.swarsel.win"; - ROOT_URL = "https://swagit.swarsel.win"; - }; - service = { - DISABLE_REGISTRATION = true; - SHOW_REGISTRATION_BUTTON = false; - }; + + swarselsystems = { + hasBluetooth = false; + hasFingerprint = false; + impermanence = false; + isBtrfs = false; + flakePath = "/.dotfiles"; + server = { + enable = true; + forgejo = true; }; }; @@ -2434,6 +2414,7 @@ I usually use =mutableUsers = false= in my NixOS configuration. However, on a ne options.swarselsystems.server.monitoring = lib.mkEnableOption "enable monitoring on server"; options.swarselsystems.server.jenkins = lib.mkEnableOption "enable jenkins on server"; options.swarselsystems.server.emacs = lib.mkEnableOption "enable emacs server on server"; + options.swarselsystems.server.forgejo = lib.mkEnableOption "enable forgejo on server"; } #+end_src @@ -4663,6 +4644,7 @@ Also, the system state version is set here. No need to touch it. ./monitoring.nix ./jenkins.nix ./emacs.nix + ./forgejo.nix ]; } #+end_src @@ -6179,6 +6161,108 @@ Also, the system state version is set here. No need to touch it. } #+end_src +**** forgejo (git server) + +#+begin_src nix :tangle profiles/server/nixos/forgejo.nix + { lib, config, ... }: + { + config = lib.mkIf config.swarselsystems.server.forgejo { + + networking.firewall.allowedTCPPorts = [ 3000 ]; + + services.forgejo = { + enable = true; + settings = { + DEFAULT = { + APP_NAME = "~SwaGit~"; + }; + server = { + PROTOCOL = "http"; + HTTP_PORT = 3000; + HTTP_ADDR = "0.0.0.0"; + DOMAIN = "swagit.swarsel.win"; + ROOT_URL = "https://swagit.swarsel.win"; + }; + service = { + DISABLE_REGISTRATION = true; + SHOW_REGISTRATION_BUTTON = false; + }; + }; + }; + + services.nginx = { + virtualHosts = { + "swagit.swarsel.win" = { + enableACME = true; + forceSSL = true; + acmeRoot = null; + locations = { + "/" = { + proxyPass = "http://localhost:3000"; + extraConfig = '' + client_max_body_size 0; + ''; + }; + }; + }; + }; + }; + }; + + } +#+end_src + +**** forgejo (git server) + +#+begin_src nix :tangle profiles/server/nixos/ankisync.nix + { lib, config, ... }: + { + config = lib.mkIf config.swarselsystems.server.ankisync { + + networking.firewall.allowedTCPPorts = [ 9812 ]; + + services.forgejo = { + enable = true; + settings = { + DEFAULT = { + APP_NAME = "~SwaGit~"; + }; + server = { + PROTOCOL = "http"; + HTTP_PORT = 3000; + HTTP_ADDR = "0.0.0.0"; + DOMAIN = "swagit.swarsel.win"; + ROOT_URL = "https://swagit.swarsel.win"; + }; + service = { + DISABLE_REGISTRATION = true; + SHOW_REGISTRATION_BUTTON = false; + }; + }; + }; + + services.nginx = { + virtualHosts = { + "swagit.swarsel.win" = { + enableACME = true; + forceSSL = true; + acmeRoot = null; + locations = { + "/" = { + proxyPass = "http://localhost:3000"; + extraConfig = '' + client_max_body_size 0; + ''; + }; + }; + }; + }; + }; + }; + + } +#+end_src + *** Darwin :PROPERTIES: :CUSTOM_ID: h:ac0cd8b3-06cf-4dca-ba73-6100c8fedb47 diff --git a/hosts/nixos/sync/default.nix b/hosts/nixos/sync/default.nix index 299527d..93468bc 100644 --- a/hosts/nixos/sync/default.nix +++ b/hosts/nixos/sync/default.nix @@ -75,19 +75,6 @@ }; }; - "swagit.swarsel.win" = { - enableACME = true; - forceSSL = true; - acmeRoot = null; - locations = { - "/" = { - proxyPass = "http://localhost:3000"; - extraConfig = '' - client_max_body_size 0; - ''; - }; - }; - }; }; }; @@ -143,24 +130,5 @@ openDefaultPorts = true; }; - services.forgejo = { - enable = true; - settings = { - DEFAULT = { - APP_NAME = "~SwaGit~"; - }; - server = { - PROTOCOL = "http"; - HTTP_PORT = 3000; - HTTP_ADDR = "0.0.0.0"; - DOMAIN = "swagit.swarsel.win"; - ROOT_URL = "https://swagit.swarsel.win"; - }; - service = { - DISABLE_REGISTRATION = true; - SHOW_REGISTRATION_BUTTON = false; - }; - }; - }; } diff --git a/modules/nixos/setup.nix b/modules/nixos/setup.nix index 9d92e6b..a40e976 100644 --- a/modules/nixos/setup.nix +++ b/modules/nixos/setup.nix @@ -25,4 +25,5 @@ in options.swarselsystems.server.monitoring = lib.mkEnableOption "enable monitoring on server"; options.swarselsystems.server.jenkins = lib.mkEnableOption "enable jenkins on server"; options.swarselsystems.server.emacs = lib.mkEnableOption "enable emacs server on server"; + options.swarselsystems.server.forgejo = lib.mkEnableOption "enable forgejo on server"; } diff --git a/profiles/server/nixos/default.nix b/profiles/server/nixos/default.nix index 72806e5..514b1c5 100644 --- a/profiles/server/nixos/default.nix +++ b/profiles/server/nixos/default.nix @@ -34,5 +34,6 @@ in ./monitoring.nix ./jenkins.nix ./emacs.nix + ./forgejo.nix ]; } diff --git a/profiles/server/nixos/forgejo.nix b/profiles/server/nixos/forgejo.nix new file mode 100644 index 0000000..402a409 --- /dev/null +++ b/profiles/server/nixos/forgejo.nix @@ -0,0 +1,46 @@ +{ lib, config, ... }: +{ + config = lib.mkIf config.swarselsystems.server.forgejo { + + networking.firewall.allowedTCPPorts = [ 3000 ]; + + services.forgejo = { + enable = true; + settings = { + DEFAULT = { + APP_NAME = "~SwaGit~"; + }; + server = { + PROTOCOL = "http"; + HTTP_PORT = 3000; + HTTP_ADDR = "0.0.0.0"; + DOMAIN = "swagit.swarsel.win"; + ROOT_URL = "https://swagit.swarsel.win"; + }; + service = { + DISABLE_REGISTRATION = true; + SHOW_REGISTRATION_BUTTON = false; + }; + }; + }; + + services.nginx = { + virtualHosts = { + "swagit.swarsel.win" = { + enableACME = true; + forceSSL = true; + acmeRoot = null; + locations = { + "/" = { + proxyPass = "http://localhost:3000"; + extraConfig = '' + client_max_body_size 0; + ''; + }; + }; + }; + }; + }; + }; + +}