Kyren223/server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Setup gitea

Browse Source
This commit is contained in:
Kyren223
2024-12-29 22:48:05 +02:00
parent e44a8f3f59
commit 54a34f683a
4 changed files with 55 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
host/configuration.nix
View File

@@ -7,6 +7,7 @@
./../nixosModules/website.nix
./../nixosModules/auto-updade.nix
./../nixosModules/actual-budget.nix
./../nixosModules/gitea.nix
];
boot.loader.grub = {
@@ -35,6 +36,7 @@
# Apps
website.enable = true;
actualBudget.enable = true;
gitea.enable = true
# Automatically pull this config from git
autoUpdate.enable = true;

1
nixosModules/actual-budget.nix
View File

@@ -28,7 +28,6 @@
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
'';
};
};
}

50
nixosModules/gitea.nix Normal file
View File

@@ -0,0 +1,50 @@
{ pkgs, lib, config, ... }: {
imports = [
./acme.nix
];
options = {
gitea.enable = lib.mkEnableOption "enables gitea";
};
config = lib.mkIf config.gitea.enable {
# Open http and https ports to the public
networking.firewall.allowedTCPPorts = [ 443 80 ];
# Make sure acme module is active for the "kyren.codes" ssl cert
acme.enable = true;
services.nginx.virtualHosts."git.kyren.codes" = {
useACMEHost = "kyren.codes";
forceSSL = true;
locations."/".proxyPass = "http://localhost:3001/";
};
# Configure database
services.postgresql.enable = true;
services.postgresql = {
ensureDatabases = [ config.services.gitea.user ];
ensureUsers = [{
name = config.services.gitea.database.user;
ensurePermissions."DATABASE ${config.services.gitea.database.name}" = "ALL PRIVILEGES";
}];
};
sops.secrets.gitea-db-password = {
owner = config.services.gitea.user;
};
services.gitea = {
enable = true;
appName = "Kyren's Gitea";
domain = "git.kyren.codes";
database = {
type = "postgres";
passwordFile = config.sops.secrets.gitea-db-password.path;
};
rootUrl = "https://git.kyren.codes/";
httpPort = 3001;
};
};
}

5
nixosModules/secrets.yaml
View File

@@ -1,5 +1,6 @@
github-access-token: ENC[AES256_GCM,data:VXzObn7doHiMzHzzLaBp8Awe3lO256zUoC8u06APR2WQitvJZs1EIqJs92rA5aORny4J6EahBaKRlcrur8oxBfRSAYkzXrECNm6E8mDYFelKv3sjXlPC3KHvHWtNewkkOA8yDOjdvw7kQVWsqZcO73GxZtN6/LgNiZfW7HMC,iv:3jr6uz+3ZUmIXP9aeqzOtvrHZhbc7Wpbdi1ZA0L8r+I=,tag:4eaV7GsdGrP7sLZAPVIDyQ==,type:str]
cloudflare-dns-api-token: ENC[AES256_GCM,data:NtHjCIgY3O3hMdscGeBHLTzgxnW3uvIdf4Pin/v41ZV1YdsPtz2rXA==,iv:r5jOfkYFUgadCePCTCGeoRtmnrSfRCPytxwUBdLX290=,tag:Fq69nnShzj7QcGT4cPGftA==,type:str]
gitea-db-password: ENC[AES256_GCM,data:LHru7hpuT9dmEsfEfcsejfcyoNo2JHITmDzxcqHsj+XCBgQOroi9t+I57QN/Qs6+0Eq4wkSq3o2E,iv:mM9xzbXZK9JUMh078TvsNoMtb4g6dffQmRnYqC7UFf4=,tag:k3v1lKhdYSejoFgs3HTk2g==,type:str]
sops:
kms: []
gcp_kms: []
@@ -15,8 +16,8 @@ sops:
b254YjZLRm9odks2Y1Erdk1NSU1CVncKnhMnBLjSLfMO3A7gTUI9vIRQvaK07I7k
mQdtsGZM+1FqlbxsFIoqji+xrqAvcBQENott5+tuFM+ePT5EjQUYGg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-12-27T17:08:50Z"
mac: ENC[AES256_GCM,data:VC+m4Xa27AAIz3oe+SdonfcJpRRONA3EfoduxHQKsK3LohEd90tnwdQRMQ8TrZbghpxTUff2kAzr2TTyzbqw6wB0DK5+d1vlQmGgLEHiFxtFJtH/eA0F/0PLGmASOgQYGVhWC7taHHredaOsCVI1CwUyV0Uznkj48fWqoKHEfLU=,iv:L9npPtZdMkSnQ+Ha0rnuv6LDd6qIGcUoYULTZ2NtfKc=,tag:tQv5JukyN+ZCLvwZ90suFg==,type:str]
lastmodified: "2024-12-29T20:46:56Z"
mac: ENC[AES256_GCM,data:KUlfjIJ0y8SdWSoH44m5fdA0Qy5X4tawjjKREYYBzyiST3vR4+zywl5WPNS7kqslXYJJwuZ0zk28UwrnEnFov8VkZu/lM0814pD3S0NnFlZtmIrXiCmYlnkTIG8M/qWFenes99gzHdHgv6eUWlosDVdX02JeSN1OmsnlsEzdYZo=,iv:3cSgN2GW+zrlv0obtGSWvIagRmfBUH7OYT7xXMPjqm8=,tag:cdYplNXDjcfIAQa5z802Ig==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1