73 lines
1.7 KiB
Nix
73 lines
1.7 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
with lib; let
|
|
cfg = config.my.services.forgejo;
|
|
inherit (config.my.server) domain proxyIP firewallInterface;
|
|
url = "https://git.${domain}";
|
|
in {
|
|
options.my.services.forgejo = {
|
|
enable = mkEnableOption "Forgejo";
|
|
proxy = mkEnableOption "Forgejo reverse proxy entry";
|
|
subdomain = mkOption {
|
|
type = types.str;
|
|
default = "git";
|
|
example = "git";
|
|
description = "Subdomain to use for the service.";
|
|
};
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 3000;
|
|
example = 8080;
|
|
description = "HTTP port for the Forgejo service.";
|
|
};
|
|
};
|
|
|
|
config = mkMerge [
|
|
(mkIf cfg.enable {
|
|
services.forgejo = {
|
|
enable = true;
|
|
settings.server = {
|
|
DOMAIN = "git.${domain}";
|
|
ROOT_URL = url;
|
|
DISABLE_SSH = true;
|
|
HTTP_PORT = cfg.port;
|
|
};
|
|
settings.session = {
|
|
COOKIE_SECURE = true;
|
|
};
|
|
settings.service = {
|
|
DISABLE_REGISTRATION = true;
|
|
};
|
|
settings.openid = {
|
|
ENABLE_OPENID_SIGNIN = true;
|
|
ENABLE_OPENID_SIGNUP = true;
|
|
};
|
|
settings.oauth2_client = {
|
|
ENABLE_AUTO_REGISTRATION = true;
|
|
};
|
|
};
|
|
|
|
networking.firewall.interfaces."${firewallInterface}".allowedTCPPorts = [cfg.port];
|
|
|
|
# services.homepage-dashboard.services = [
|
|
# {
|
|
# Git = {
|
|
# Forgejo = {
|
|
# href = url;
|
|
# description = "Beyond coding. We forge.";
|
|
# };
|
|
# };
|
|
# }
|
|
# ];
|
|
})
|
|
(mkIf cfg.proxy {
|
|
services.caddy.virtualHosts."${url}".extraConfig = ''
|
|
reverse_proxy http://${proxyIP}:${cfg.port}
|
|
'';
|
|
})
|
|
];
|
|
}
|