strato-infra/nixos/machines/gitea/default.nix

41 lines
1,016 B
Nix

{ config, pkgs, ... }: {
imports = [ ../../common ../../common/lxc.nix ];
networking.hostName = "gitea";
system.stateVersion = "21.11";
environment.systemPackages = with pkgs; [ gnupg unzip ];
networking.firewall.enable = false;
networking.firewall.allowedTCPPorts = [ 3000 ];
services.openssh.permitRootLogin = "no";
services.openssh.passwordAuthentication = false;
# The db can only be accessed from the machine anyways
# so the password is just set to x
environment.etc.giteaPass = {
enable = true;
text = "x";
};
services.gitea = {
enable = true;
ssh = { clonePort = 4321; };
lfs.enable = true;
appName = "Voidcorp Gitea";
domain = "git.asraphiel.dev";
rootUrl = "https://git.asraphiel.dev/";
database = {
type = "postgres";
host = "postgres.lxd";
name = "gitea";
user = "gitea";
passwordFile = "/etc/giteaPass";
createDatabase = false;
};
cookieSecure = true;
disableRegistration = true;
};
}