Gitea server

This commit is contained in:
Sky Hearn 2024-03-03 23:08:31 -08:00
parent a6ccd25396
commit d02f1e8b9d
1 changed files with 44 additions and 0 deletions

44
gitea.nix Normal file
View File

@ -0,0 +1,44 @@
{ config, ... }:
{
services.certbot = {
enable = true;
agreeTerms = true;
};
services.nginx.virtualHosts."git.my-domain.tld" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:3001/";
};
};
services.postgresql = {
ensureDatabases = [ config.services.gitea.user ];
ensureUsers = [
{
name = config.services.gitea.database.user;
ensurePermissions."DATABASE ${config.services.gitea.database.name}" = "ALL PRIVILEGES";
}
];
};
sops.secrets."postgres/gitea_dbpass" = {
sopsFile = ../.secrets/postgres.yaml; # bring your own password file
owner = config.services.gitea.user;
};
services.gitea = {
enable = true;
appName = "My awesome Gitea server"; # Give the site a name
database = {
type = "postgres";
passwordFile = config.sops.secrets."postgres/gitea_dbpass".path;
};
domain = "git.my-domain.tld";
rootUrl = "https://git.my-domain.tld/";
httpPort = 3001;
};
}