Change gitea for forgejo

flake.nix

@@ -105,16 +105,16 @@
           }
         ];
       };
-      #        template = nixpkgs.lib.nixosSystem {
-      #          inherit system;
-      #          modules = [
-      #            agenix.nixosModules.default
-      #            "${inputs.self}/systems/minimalVMConfig.nix"
-      #            {
-      #              networking.hostName = "nixos";
-      #            }
-      #          ];
-      #        };
+      template = nixpkgs.lib.nixosSystem {
+        inherit system;
+        modules = [
+          agenix.nixosModules.default
+          "${inputs.self}/systems/minimalVMConfig.nix"
+          {
+            networking.hostName = "nixos";
+          }
+        ];
+      };
       jellyfin = nixpkgs.lib.nixosSystem {
         inherit system;
         modules = [

secrets.nix

@@ -2,12 +2,12 @@ let
   tbarnouin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos";
   users = [tbarnouin];
 
-  forgejo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF2NAam+nseSCzJV/1UTyO2LgMjx0xT7/vTOOi5EG9HV root@forgejo-runner";
   grafana = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDQxvO9vdd2f9aV4F3LEQrrTJaLwLvSLbLtjB9qNxc4z root@grafana";
   onlyoffice = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGbnzv2/Or4XdQXLDjIbr7oIDTQEvgSMTX4aiNCQk4tC root@onlyoffice";
   postgresql = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJW7qA7j1sICuu1RAfs9ifR9dmOlHq45tKu1ga7CKaob root@pgsql";
+  forgejo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILMf3Cc/S0p/LFcW+RLMEqpxOOv8q/HrKO4I9joHmRxl root@forgejo";
 
-  systems = [forgejo grafana];
+  systems = [grafana onlyoffice postgresql forgejo];
 in {
   "secrets/initialPassword.age".publicKeys = users ++ systems;
   "services/grafana/secrets/grafana-db.age".publicKeys = [tbarnouin grafana];
@@ -15,8 +15,9 @@ in {
   "services/grafana/secrets/kuma-token.age".publicKeys = [tbarnouin grafana];
   "services/onlyoffice/secrets/office-dbpass.age".publicKeys = [tbarnouin onlyoffice];
   "services/onlyoffice/secrets/office-jwtpass.age".publicKeys = [tbarnouin onlyoffice];
-  "services/postgresql/secrets/nextcloudDBPass.age".publicKeys = [ tbarnouin postgresql ];
-  "services/postgresql/secrets/giteaDBPass.age".publicKeys = [ tbarnouin postgresql ];
-  "services/postgresql/secrets/authentikDBPass.age".publicKeys = [ tbarnouin postgresql ];
-  "services/postgresql/secrets/grafanaDBPass.age".publicKeys = [ tbarnouin postgresql ];
+  "services/forgejo/secrets/forgejoDBPass.age".publicKeys = [tbarnouin forgejo];
+  "services/postgresql/secrets/nextcloudDBPass.age".publicKeys = [tbarnouin postgresql];
+  "services/postgresql/secrets/giteaDBPass.age".publicKeys = [tbarnouin postgresql];
+  "services/postgresql/secrets/authentikDBPass.age".publicKeys = [tbarnouin postgresql];
+  "services/postgresql/secrets/grafanaDBPass.age".publicKeys = [tbarnouin postgresql];
 }

services/default.nix

@@ -1,7 +1,7 @@
 {inputs, ...}: {
   imports = [
     ./nginx
-    ./gitea
+    ./forgejo
     ./redis
     ./jellyfin
     ./nextcloud

services/forgejo/default.nix

@@ -4,30 +4,32 @@
   lib,
   ...
 }: let
-  cfg = config.services.vm_gitea;
+  cfg = config.services.vm_forgejo;
 in {
-  options.services.vm_gitea = {
+  options.services.vm_forgejo = {
     enable = lib.mkEnableOption "Enable minimal config";
     db_ip = lib.mkOption {
       type = lib.types.str;
-      description = "Gitea database IP address";
+      description = "forgejo database IP address";
     };
   };
   config = lib.mkIf cfg.enable {
-    services.gitea = {
+    services.forgejo = {
       enable = true;
       user = "tbarnouin";
       settings = {
         server.HTTP_PORT = 3000;
-        server.ROOT_URL = "http://${config.services.vm.vm_ip}/";
+        server.DISABLE_SSH = true;
+        server.ROOT_URL = "https://git.le43.eu";
         service.DISABLE_REGISTRATION = true;
       };
       database = {
         createDatabase = false;
         type = "postgres";
         host = "${cfg.db_ip}";
+        name = "gitea";
         user = "gitea";
-        passwordFile = "/run/secrets/gitea/gitea-dbpass";
+        passwordFile = "/run/secrets/forgejo/forgejo-dbpass";
       };
     };
     networking.firewall.allowedTCPPorts = [3000];

services/forgejo/secrets/forgejoDBPass.age

@@ -0,0 +1,13 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBaeXE2
+ZWQ1VFdHZnVaL2ZMc0R0aGRRcC8rVlozdUxyRkpkV0NYbnJmY0JzCmdIS1dzdlYz
+ZW5Wd25FREZHdjJBUkdMOHVlTUNQNWNNZG5HWE1HNE5lOFkKLT4gc3NoLWVkMjU1
+MTkgeHFteWpBIFJ4Z1hkUC9QT2ZiMjJMRVQxQ2ZoS016V0FLdHVaWkduYzFlK09V
+YjhsaU0KRzB5L2hpRnJyUGZOVVd3ZFkycHRsVVdqME9sNHdiemRUeHBjb0NSbFo3
+NAotPiArdE8iIy1ncmVhc2UgekhEID5Sbl8gUydFIE86IltpCktRUm85QXltM3VJ
+NjJ2M2hyZVVjL2V6R2s3N2dUNXErVVpLT3pSY1pVeTNydlYyMFNNWktnZmhVM3Fy
+eSswOUgKdEVxcjk5S25BQnYrUG1JR01GSjNpc2FqTUtPT0JtV1hOV1B2dFV0WDI0
+dzNBeXZKZXZBTWNUV2l2SVQ5YWcKLS0tIFAvK09oWjduaDJiUkVGTXdETm5uaEVa
+K3JOejBhRlJ1UE91S0ZoOXBSazQKn5G3rTSmRTYc8Z9R2pjuAWFnJ/CuNblQKgK/
+XjUtInmR6DDQpEvZaiuWXTM=
+-----END AGE ENCRYPTED FILE-----