78 lines
1.9 KiB
Nix
78 lines
1.9 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
with lib; let
|
|
cfg = config.my.services.forgejo;
|
|
inherit (config.my.server) domain proxyIP firewallInterface;
|
|
forgejoDomain = "git.${domain}";
|
|
forgejoUrl = "https://${forgejoDomain}";
|
|
in {
|
|
options.my.services.forgejo = {
|
|
enable = mkEnableOption "Forgejo";
|
|
proxy = mkEnableOption "Forgejo reverse proxy entry";
|
|
subdomain = mkOption {
|
|
type = types.str;
|
|
default = "git";
|
|
example = "git";
|
|
description = "Subdomain to use for the service.";
|
|
};
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 3000;
|
|
example = 8080;
|
|
description = "HTTP port for the Forgejo service.";
|
|
};
|
|
};
|
|
|
|
config = mkMerge [
|
|
(mkIf cfg.enable {
|
|
services.forgejo = {
|
|
enable = true;
|
|
settings.server = {
|
|
DOMAIN = forgejoDomain;
|
|
ROOT_URL = forgejoUrl;
|
|
DISABLE_SSH = true;
|
|
HTTP_PORT = cfg.port;
|
|
};
|
|
settings.session = {
|
|
COOKIE_SECURE = true;
|
|
};
|
|
settings.service = {
|
|
DISABLE_REGISTRATION = true;
|
|
};
|
|
settings.openid = {
|
|
ENABLE_OPENID_SIGNIN = true;
|
|
ENABLE_OPENID_SIGNUP = true;
|
|
};
|
|
settings.oauth2_client = {
|
|
ENABLE_AUTO_REGISTRATION = true;
|
|
};
|
|
};
|
|
|
|
networking.firewall.interfaces."${firewallInterface}".allowedTCPPorts = [cfg.port];
|
|
|
|
webapps.dashboardCategories = [
|
|
{
|
|
name = "Git";
|
|
tag = "git";
|
|
}
|
|
];
|
|
|
|
webapps.apps.forgejo.dashboard = {
|
|
name = "Forgejo";
|
|
category = "git";
|
|
icon = "git-alt";
|
|
url = forgejoUrl;
|
|
description = "Beyond coding. We forge.";
|
|
};
|
|
})
|
|
(mkIf cfg.proxy {
|
|
services.caddy.virtualHosts."${forgejoDomain}".extraConfig = ''
|
|
reverse_proxy http://${proxyIP}:${toString cfg.port}
|
|
'';
|
|
})
|
|
];
|
|
}
|