46 lines
934 B
Nix
46 lines
934 B
Nix
{ config, ... }:
|
|
|
|
let
|
|
my = config.my;
|
|
port = 3000;
|
|
in
|
|
{
|
|
imports = [ ./drone.nix ./drone-runners.nix ];
|
|
services.gitea = {
|
|
enable = true;
|
|
domain = "git.${my.subZone}";
|
|
rootUrl = "https://git.${my.subZone}/";
|
|
httpAddress = "127.0.0.1";
|
|
httpPort = port;
|
|
database.type = "postgres";
|
|
disableRegistration = false;
|
|
log = {
|
|
level = "Warn";
|
|
};
|
|
settings = {
|
|
openid = {
|
|
ENABLE_OPENID_SIGNUP = true;
|
|
};
|
|
oauth2_account = {
|
|
ENABLE_AUTO_REGISTRATION = true;
|
|
USERNAME = "email";
|
|
};
|
|
service = {
|
|
EMAIL_DOMAIN_WHITELIST = "ens.fr";
|
|
ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
|
|
};
|
|
};
|
|
};
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
virtualHosts."git.${my.subZone}" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:${toString port}";
|
|
};
|
|
};
|
|
};
|
|
}
|