swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: modularize forgejo config

Browse source
This commit is contained in:
Swarsel 2024-12-15 15:14:50 +01:00
parent 917a256f4b
commit 8057e7fb89
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
5 changed files with 163 additions and 63 deletions
Download patch file Download diff file Expand all files Collapse all files

146
SwarselSystems.org
View file

@ -1257,7 +1257,7 @@ I have removed most of the machines from this section. What remains are some hos
{ {
imports = [ imports = [
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
@ -1329,19 +1329,6 @@ I have removed most of the machines from this section. What remains are some hos
}; };
}; };
"swagit.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"/" = {
proxyPass = "http://localhost:3000";
extraConfig = ''
client_max_body_size 0;
'';
};
};
};
}; };
}; };
@ -1397,23 +1384,16 @@ I have removed most of the machines from this section. What remains are some hos
openDefaultPorts = true; openDefaultPorts = true;
}; };
services.forgejo = {
enable = true; swarselsystems = {
settings = { hasBluetooth = false;
DEFAULT = { hasFingerprint = false;
APP_NAME = "~SwaGit~"; impermanence = false;
}; isBtrfs = false;
server = { flakePath = "/.dotfiles";
PROTOCOL = "http"; server = {
HTTP_PORT = 3000; enable = true;
HTTP_ADDR = "0.0.0.0"; forgejo = true;
DOMAIN = "swagit.swarsel.win";
ROOT_URL = "https://swagit.swarsel.win";
};
service = {
DISABLE_REGISTRATION = true;
SHOW_REGISTRATION_BUTTON = false;
};
}; };
}; };
@ -2434,6 +2414,7 @@ I usually use =mutableUsers = false= in my NixOS configuration. However, on a ne
options.swarselsystems.server.monitoring = lib.mkEnableOption "enable monitoring on server"; options.swarselsystems.server.monitoring = lib.mkEnableOption "enable monitoring on server";
options.swarselsystems.server.jenkins = lib.mkEnableOption "enable jenkins on server"; options.swarselsystems.server.jenkins = lib.mkEnableOption "enable jenkins on server";
options.swarselsystems.server.emacs = lib.mkEnableOption "enable emacs server on server"; options.swarselsystems.server.emacs = lib.mkEnableOption "enable emacs server on server";
options.swarselsystems.server.forgejo = lib.mkEnableOption "enable forgejo on server";
} }
#+end_src #+end_src
@ -4663,6 +4644,7 @@ Also, the system state version is set here. No need to touch it.
./monitoring.nix ./monitoring.nix
./jenkins.nix ./jenkins.nix
./emacs.nix ./emacs.nix
./forgejo.nix
]; ];
} }
#+end_src #+end_src
@ -6179,6 +6161,108 @@ Also, the system state version is set here. No need to touch it.
} }
#+end_src #+end_src
**** forgejo (git server)
#+begin_src nix :tangle profiles/server/nixos/forgejo.nix
{ lib, config, ... }:
{
config = lib.mkIf config.swarselsystems.server.forgejo {
networking.firewall.allowedTCPPorts = [ 3000 ];
services.forgejo = {
enable = true;
settings = {
DEFAULT = {
APP_NAME = "~SwaGit~";
};
server = {
PROTOCOL = "http";
HTTP_PORT = 3000;
HTTP_ADDR = "0.0.0.0";
DOMAIN = "swagit.swarsel.win";
ROOT_URL = "https://swagit.swarsel.win";
};
service = {
DISABLE_REGISTRATION = true;
SHOW_REGISTRATION_BUTTON = false;
};
};
};
services.nginx = {
virtualHosts = {
"swagit.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"/" = {
proxyPass = "http://localhost:3000";
extraConfig = ''
client_max_body_size 0;
'';
};
};
};
};
};
};
}
#+end_src
**** forgejo (git server)
#+begin_src nix :tangle profiles/server/nixos/ankisync.nix
{ lib, config, ... }:
{
config = lib.mkIf config.swarselsystems.server.ankisync {
networking.firewall.allowedTCPPorts = [ 9812 ];
services.forgejo = {
enable = true;
settings = {
DEFAULT = {
APP_NAME = "~SwaGit~";
};
server = {
PROTOCOL = "http";
HTTP_PORT = 3000;
HTTP_ADDR = "0.0.0.0";
DOMAIN = "swagit.swarsel.win";
ROOT_URL = "https://swagit.swarsel.win";
};
service = {
DISABLE_REGISTRATION = true;
SHOW_REGISTRATION_BUTTON = false;
};
};
};
services.nginx = {
virtualHosts = {
"swagit.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"/" = {
proxyPass = "http://localhost:3000";
extraConfig = ''
client_max_body_size 0;
'';
};
};
};
};
};
};
}
#+end_src
*** Darwin *** Darwin
:PROPERTIES: :PROPERTIES:
:CUSTOM_ID: h:ac0cd8b3-06cf-4dca-ba73-6100c8fedb47 :CUSTOM_ID: h:ac0cd8b3-06cf-4dca-ba73-6100c8fedb47

32
hosts/nixos/sync/default.nix
View file

@ -75,19 +75,6 @@
}; };
}; };
"swagit.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"/" = {
proxyPass = "http://localhost:3000";
extraConfig = ''
client_max_body_size 0;
'';
};
};
};
}; };
}; };
@ -143,24 +130,5 @@
openDefaultPorts = true; openDefaultPorts = true;
}; };
services.forgejo = {
enable = true;
settings = {
DEFAULT = {
APP_NAME = "~SwaGit~";
};
server = {
PROTOCOL = "http";
HTTP_PORT = 3000;
HTTP_ADDR = "0.0.0.0";
DOMAIN = "swagit.swarsel.win";
ROOT_URL = "https://swagit.swarsel.win";
};
service = {
DISABLE_REGISTRATION = true;
SHOW_REGISTRATION_BUTTON = false;
};
};
};
} }

1
modules/nixos/setup.nix
View file

@ -25,4 +25,5 @@ in
options.swarselsystems.server.monitoring = lib.mkEnableOption "enable monitoring on server"; options.swarselsystems.server.monitoring = lib.mkEnableOption "enable monitoring on server";
options.swarselsystems.server.jenkins = lib.mkEnableOption "enable jenkins on server"; options.swarselsystems.server.jenkins = lib.mkEnableOption "enable jenkins on server";
options.swarselsystems.server.emacs = lib.mkEnableOption "enable emacs server on server"; options.swarselsystems.server.emacs = lib.mkEnableOption "enable emacs server on server";
options.swarselsystems.server.forgejo = lib.mkEnableOption "enable forgejo on server";
} }

1
profiles/server/nixos/default.nix
View file

@ -34,5 +34,6 @@ in
./monitoring.nix ./monitoring.nix
./jenkins.nix ./jenkins.nix
./emacs.nix ./emacs.nix
./forgejo.nix
]; ];
} }

46
profiles/server/nixos/forgejo.nix Normal file
View file

@ -0,0 +1,46 @@
{ lib, config, ... }:
{
config = lib.mkIf config.swarselsystems.server.forgejo {
networking.firewall.allowedTCPPorts = [ 3000 ];
services.forgejo = {
enable = true;
settings = {
DEFAULT = {
APP_NAME = "~SwaGit~";
};
server = {
PROTOCOL = "http";
HTTP_PORT = 3000;
HTTP_ADDR = "0.0.0.0";
DOMAIN = "swagit.swarsel.win";
ROOT_URL = "https://swagit.swarsel.win";
};
service = {
DISABLE_REGISTRATION = true;
SHOW_REGISTRATION_BUTTON = false;
};
};
};
services.nginx = {
virtualHosts = {
"swagit.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"/" = {
proxyPass = "http://localhost:3000";
extraConfig = ''
client_max_body_size 0;
'';
};
};
};
};
};
};
}