fix(forgejo): Rename db for passwordless connection

2023-11-29 20:31:16 +01:00 · 2023-11-29 20:31:16 +01:00 · 9e893664ec
commit 9e893664ec
parent 3e34fbebe1
1 changed files with 65 additions and 63 deletions
--- a/machines/storage01/forgejo.nix
+++ b/machines/storage01/forgejo.nix
@ -4,75 +4,77 @@ let
  port = 3000;
  host = "git.dgnum.eu";
 in {
-  services.forgejo = {
+  services = {
-    enable = true;
+    forgejo = {
      enable = true;
    user = "git";
    package = pkgs.forgejo;
    stateDir = "/var/lib/git";
    database = {
      type = "postgres";
      user = "git";
-      name = "gitea";
+      package = pkgs.forgejo;
-      passwordFile = config.age.secrets."forgejo-database_password_file".path;
+      stateDir = "/var/lib/git";
-      createDatabase = false;
+
      database = {
        type = "postgres";
        user = "git";
        name = "git";
      };
      settings = {
        DEFAULT = { APP_NAME = "Forge git de la DGNum"; };
        server = {
          ROOT_URL = "https://${host}/";
          DOMAIN = host;
          HTTP_ADDRESS = "127.0.0.1";
          HTTP_PORT = port;
          APP_DATA_PATH = "/var/lib/git/data";
        };
        service = {
          EMAIL_DOMAIN_ALLOWLIST = "dgnum.eu";
          DISABLE_REGISTRATION = false;
        };
        log.LEVEL = "Warn";
        ui.THEMES = "forgejo-auto,forgejo-light,forgejo-dark";
        actions = {
          ENABLED = true;
          DEFAULT_ACTIONS_URL = "https://gitea.com";
        };
        mailer = {
          ENABLED = false;
          FROM = "git@infra.dgnum.eu";
          MAILER_TYPE = "smtp";
          SMTP_ADDR = "kurisu.lahfa.xyz";
          SMTP_PORT = 465;
          IS_TLS_ENABLED = true;
          USER = "web-services@infra.dgnum.eu";
        };
      };
      # Dump configuration
      # dump = {
      #   enable = false;
      #   type = "tar.xz";
      #   file = "gitea.bk";
      # };
      # mailerPasswordFile = config.age.secrets."_ht-mail.pwd".path;
    };
-    settings = {
+    postgresql.enable = true;
      DEFAULT = { APP_NAME = "Forge git de la DGNum"; };
-      server = {
+    nginx = {
-        ROOT_URL = "https://${host}/";
+      enable = true;
-        DOMAIN = host;
+
-        HTTP_ADDRESS = "127.0.0.1";
+      virtualHosts.${host} = {
-        HTTP_PORT = port;
+        enableACME = true;
-        APP_DATA_PATH = "/var/lib/git/data";
+        forceSSL = true;
        locations."/" = { proxyPass = "http://127.0.0.1:${toString port}"; };
      };
      service = {
        EMAIL_DOMAIN_ALLOWLIST = "dgnum.eu";
        DISABLE_REGISTRATION = false;
      };
      log.LEVEL = "Warn";
      ui.THEMES = "forgejo-auto,forgejo-light,forgejo-dark";
      actions = {
        ENABLED = true;
        DEFAULT_ACTIONS_URL = "https://gitea.com";
      };
      mailer = {
        ENABLED = false;
        FROM = "git@infra.dgnum.eu";
        MAILER_TYPE = "smtp";
        SMTP_ADDR = "kurisu.lahfa.xyz";
        SMTP_PORT = 465;
        IS_TLS_ENABLED = true;
        USER = "web-services@infra.dgnum.eu";
      };
    };
    # Dump configuration
    # dump = {
    #   enable = false;
    #   type = "tar.xz";
    #   file = "gitea.bk";
    # };
    # mailerPasswordFile = config.age.secrets."_ht-mail.pwd".path;
  };
  services.nginx = {
    enable = true;
    virtualHosts.${host} = {
      enableACME = true;
      forceSSL = true;
      locations."/" = { proxyPass = "http://127.0.0.1:${toString port}"; };
    };
  };