47 lines
1.3 KiB
Nix
47 lines
1.3 KiB
Nix
{ lib, config, ... }:
|
|
let
|
|
inherit (lib.lists) singleton optional;
|
|
inherit (config.flake.lib.options) mkPortOption;
|
|
inherit (config.flake.lib.services) mkWebApp;
|
|
in
|
|
{
|
|
flake.modules.nixos.default =
|
|
{ config, ... }:
|
|
let
|
|
cfg = config.server.web-apps.forgejo;
|
|
upstreamCfg = config.services.forgejo;
|
|
in
|
|
mkWebApp {
|
|
inherit config;
|
|
name = "forgejo";
|
|
defaultPort = 3000;
|
|
persistDirs = singleton {
|
|
directory = upstreamCfg.stateDir;
|
|
inherit (upstreamCfg) user group;
|
|
};
|
|
extraOptions = {
|
|
sshPort = mkPortOption 2222;
|
|
};
|
|
extraConfig = {
|
|
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.sshPort;
|
|
services.forgejo = {
|
|
enable = true;
|
|
settings = {
|
|
server = {
|
|
DOMAIN = cfg.domain;
|
|
ROOT_URL = "https://${cfg.domain}/";
|
|
HTTP_PORT = cfg.port;
|
|
START_SSH_SERVER = true;
|
|
SSH_PORT = cfg.sshPort;
|
|
};
|
|
repository = {
|
|
USE_COMPAT_SSH_URI = false;
|
|
ENABLE_PUSH_CREATE_USER = true;
|
|
ENABLE_PUSH_CREATE_ORG = true;
|
|
};
|
|
"repository.signing".FORMAT = "ssh";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|