Change gitea for forgejo
This commit is contained in:
Théo Barnouin
parent
8d685c6953
commit
dbdb2036bf
5 changed files with 39 additions and 23 deletions
20
flake.nix
20
flake.nix
|
|
@ -105,16 +105,16 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
# template = nixpkgs.lib.nixosSystem {
|
template = nixpkgs.lib.nixosSystem {
|
||||||
# inherit system;
|
inherit system;
|
||||||
# modules = [
|
modules = [
|
||||||
# agenix.nixosModules.default
|
agenix.nixosModules.default
|
||||||
# "${inputs.self}/systems/minimalVMConfig.nix"
|
"${inputs.self}/systems/minimalVMConfig.nix"
|
||||||
# {
|
{
|
||||||
# networking.hostName = "nixos";
|
networking.hostName = "nixos";
|
||||||
# }
|
}
|
||||||
# ];
|
];
|
||||||
# };
|
};
|
||||||
jellyfin = nixpkgs.lib.nixosSystem {
|
jellyfin = nixpkgs.lib.nixosSystem {
|
||||||
inherit system;
|
inherit system;
|
||||||
modules = [
|
modules = [
|
||||||
|
|
|
||||||
13
secrets.nix
13
secrets.nix
|
|
@ -2,12 +2,12 @@ let
|
||||||
tbarnouin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos";
|
tbarnouin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos";
|
||||||
users = [tbarnouin];
|
users = [tbarnouin];
|
||||||
|
|
||||||
forgejo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF2NAam+nseSCzJV/1UTyO2LgMjx0xT7/vTOOi5EG9HV root@forgejo-runner";
|
|
||||||
grafana = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDQxvO9vdd2f9aV4F3LEQrrTJaLwLvSLbLtjB9qNxc4z root@grafana";
|
grafana = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDQxvO9vdd2f9aV4F3LEQrrTJaLwLvSLbLtjB9qNxc4z root@grafana";
|
||||||
onlyoffice = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGbnzv2/Or4XdQXLDjIbr7oIDTQEvgSMTX4aiNCQk4tC root@onlyoffice";
|
onlyoffice = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGbnzv2/Or4XdQXLDjIbr7oIDTQEvgSMTX4aiNCQk4tC root@onlyoffice";
|
||||||
postgresql = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJW7qA7j1sICuu1RAfs9ifR9dmOlHq45tKu1ga7CKaob root@pgsql";
|
postgresql = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJW7qA7j1sICuu1RAfs9ifR9dmOlHq45tKu1ga7CKaob root@pgsql";
|
||||||
|
forgejo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILMf3Cc/S0p/LFcW+RLMEqpxOOv8q/HrKO4I9joHmRxl root@forgejo";
|
||||||
|
|
||||||
systems = [forgejo grafana];
|
systems = [grafana onlyoffice postgresql forgejo];
|
||||||
in {
|
in {
|
||||||
"secrets/initialPassword.age".publicKeys = users ++ systems;
|
"secrets/initialPassword.age".publicKeys = users ++ systems;
|
||||||
"services/grafana/secrets/grafana-db.age".publicKeys = [tbarnouin grafana];
|
"services/grafana/secrets/grafana-db.age".publicKeys = [tbarnouin grafana];
|
||||||
|
|
@ -15,8 +15,9 @@ in {
|
||||||
"services/grafana/secrets/kuma-token.age".publicKeys = [tbarnouin grafana];
|
"services/grafana/secrets/kuma-token.age".publicKeys = [tbarnouin grafana];
|
||||||
"services/onlyoffice/secrets/office-dbpass.age".publicKeys = [tbarnouin onlyoffice];
|
"services/onlyoffice/secrets/office-dbpass.age".publicKeys = [tbarnouin onlyoffice];
|
||||||
"services/onlyoffice/secrets/office-jwtpass.age".publicKeys = [tbarnouin onlyoffice];
|
"services/onlyoffice/secrets/office-jwtpass.age".publicKeys = [tbarnouin onlyoffice];
|
||||||
"services/postgresql/secrets/nextcloudDBPass.age".publicKeys = [ tbarnouin postgresql ];
|
"services/forgejo/secrets/forgejoDBPass.age".publicKeys = [tbarnouin forgejo];
|
||||||
"services/postgresql/secrets/giteaDBPass.age".publicKeys = [ tbarnouin postgresql ];
|
"services/postgresql/secrets/nextcloudDBPass.age".publicKeys = [tbarnouin postgresql];
|
||||||
"services/postgresql/secrets/authentikDBPass.age".publicKeys = [ tbarnouin postgresql ];
|
"services/postgresql/secrets/giteaDBPass.age".publicKeys = [tbarnouin postgresql];
|
||||||
"services/postgresql/secrets/grafanaDBPass.age".publicKeys = [ tbarnouin postgresql ];
|
"services/postgresql/secrets/authentikDBPass.age".publicKeys = [tbarnouin postgresql];
|
||||||
|
"services/postgresql/secrets/grafanaDBPass.age".publicKeys = [tbarnouin postgresql];
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
{inputs, ...}: {
|
{inputs, ...}: {
|
||||||
imports = [
|
imports = [
|
||||||
./nginx
|
./nginx
|
||||||
./gitea
|
./forgejo
|
||||||
./redis
|
./redis
|
||||||
./jellyfin
|
./jellyfin
|
||||||
./nextcloud
|
./nextcloud
|
||||||
|
|
|
||||||
|
|
@ -4,30 +4,32 @@
|
||||||
lib,
|
lib,
|
||||||
...
|
...
|
||||||
}: let
|
}: let
|
||||||
cfg = config.services.vm_gitea;
|
cfg = config.services.vm_forgejo;
|
||||||
in {
|
in {
|
||||||
options.services.vm_gitea = {
|
options.services.vm_forgejo = {
|
||||||
enable = lib.mkEnableOption "Enable minimal config";
|
enable = lib.mkEnableOption "Enable minimal config";
|
||||||
db_ip = lib.mkOption {
|
db_ip = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
description = "Gitea database IP address";
|
description = "forgejo database IP address";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services.gitea = {
|
services.forgejo = {
|
||||||
enable = true;
|
enable = true;
|
||||||
user = "tbarnouin";
|
user = "tbarnouin";
|
||||||
settings = {
|
settings = {
|
||||||
server.HTTP_PORT = 3000;
|
server.HTTP_PORT = 3000;
|
||||||
server.ROOT_URL = "http://${config.services.vm.vm_ip}/";
|
server.DISABLE_SSH = true;
|
||||||
|
server.ROOT_URL = "https://git.le43.eu";
|
||||||
service.DISABLE_REGISTRATION = true;
|
service.DISABLE_REGISTRATION = true;
|
||||||
};
|
};
|
||||||
database = {
|
database = {
|
||||||
createDatabase = false;
|
createDatabase = false;
|
||||||
type = "postgres";
|
type = "postgres";
|
||||||
host = "${cfg.db_ip}";
|
host = "${cfg.db_ip}";
|
||||||
|
name = "gitea";
|
||||||
user = "gitea";
|
user = "gitea";
|
||||||
passwordFile = "/run/secrets/gitea/gitea-dbpass";
|
passwordFile = "/run/secrets/forgejo/forgejo-dbpass";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
networking.firewall.allowedTCPPorts = [3000];
|
networking.firewall.allowedTCPPorts = [3000];
|
||||||
13
services/forgejo/secrets/forgejoDBPass.age
Normal file
13
services/forgejo/secrets/forgejoDBPass.age
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBaeXE2
|
||||||
|
ZWQ1VFdHZnVaL2ZMc0R0aGRRcC8rVlozdUxyRkpkV0NYbnJmY0JzCmdIS1dzdlYz
|
||||||
|
ZW5Wd25FREZHdjJBUkdMOHVlTUNQNWNNZG5HWE1HNE5lOFkKLT4gc3NoLWVkMjU1
|
||||||
|
MTkgeHFteWpBIFJ4Z1hkUC9QT2ZiMjJMRVQxQ2ZoS016V0FLdHVaWkduYzFlK09V
|
||||||
|
YjhsaU0KRzB5L2hpRnJyUGZOVVd3ZFkycHRsVVdqME9sNHdiemRUeHBjb0NSbFo3
|
||||||
|
NAotPiArdE8iIy1ncmVhc2UgekhEID5Sbl8gUydFIE86IltpCktRUm85QXltM3VJ
|
||||||
|
NjJ2M2hyZVVjL2V6R2s3N2dUNXErVVpLT3pSY1pVeTNydlYyMFNNWktnZmhVM3Fy
|
||||||
|
eSswOUgKdEVxcjk5S25BQnYrUG1JR01GSjNpc2FqTUtPT0JtV1hOV1B2dFV0WDI0
|
||||||
|
dzNBeXZKZXZBTWNUV2l2SVQ5YWcKLS0tIFAvK09oWjduaDJiUkVGTXdETm5uaEVa
|
||||||
|
K3JOejBhRlJ1UE91S0ZoOXBSazQKn5G3rTSmRTYc8Z9R2pjuAWFnJ/CuNblQKgK/
|
||||||
|
XjUtInmR6DDQpEvZaiuWXTM=
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
Loading…
Add table
Reference in a new issue