nixfiles/config/services/forgejo.nix

85 lines
2.3 KiB
Nix
Raw Permalink Normal View History

2024-05-09 16:41:01 +02:00
{ config, pkgs, ... }: {
2024-04-30 21:55:41 +02:00
sops.secrets."services/forgejo/mailerPassword" = {
sopsFile = ../../secrets/services/forgejo.yaml;
owner = "forgejo";
};
services.forgejo = {
enable = true;
2024-10-24 20:46:03 +02:00
package = pkgs.forgejo;
secrets.mailer.PASSWD = config.sops.secrets."services/forgejo/mailerPassword".path;
2024-04-30 21:55:41 +02:00
database = {
createDatabase = true;
type = "postgres";
socket = "/run/postgresql";
};
dump = {
enable = true;
type = "tar.xz";
};
settings = {
"cron.sync_external_users" = {
RUN_AT_START = true;
SCHEDULE = "@every 24h";
UPDATE_EXISTING = true;
};
2024-06-19 13:13:32 +02:00
DEFAULT.APP_NAME = "The dog girl Git";
2024-04-30 21:55:41 +02:00
federation.ENABLED = true;
log.LEVEL = "Info";
2024-08-06 00:27:44 +02:00
indexer = {
REPO_INDEXER_ENABLED = true;
};
2024-04-30 21:55:41 +02:00
mailer = {
ENABLED = true;
PROTOCOL = "smtp+starttls";
FROM = "git@kyouma.net";
SMTP_ADDR = "mail.kyouma.net";
USER = "git@kyouma.net";
};
mirror.DEFAULT_INTERVAL = "1h";
2024-06-13 13:02:01 +02:00
oauth2_client.REGISTER_EMAIL_CONFIRM = false;
openid = {
ENABLE_OPENID_SIGNIN = true;
ENABLE_OPENID_SIGNUP = true;
};
2024-04-30 21:55:41 +02:00
session = {
COOKIE_SECURE = true;
PROVIDER = "db";
SESSION_LIFE_TIME = 2592000;
};
server = {
STATIC_URL_PREFIX = "/static";
PROTOCOL = "http+unix";
2024-06-19 13:13:32 +02:00
DOMAIN = "woof.rip";
ROOT_URL = "https://woof.rip";
2024-04-30 21:55:41 +02:00
};
security = {
LOGIN_REMEMBER_DAYS = 90;
PASSWORD_HASH_ALGO = "argon2";
MIN_PASSWORD_LENGTH = 16;
PASSWORD_COMPLEXITY = "spec";
};
service = {
REGISTER_EMAIL_CONFIRM = true;
ENABLE_NOTIFY_MAIL = true;
ENABLE_CAPTCHA = true;
DEFAULT_KEEP_EMAIL_PRIVATE = true;
};
repository.ENABLE_PUSH_CREATE_USER = true;
ui = {
EXPLORE_PAGING_NUM = 50;
ISSUE_PAGING_NUM = 50;
MEMBERS_PAGING_NUM = 50;
DEFAULT_THEME = "forgejo-dark";
SHOW_USER_EMAIL = false;
};
};
};
2024-06-19 13:13:32 +02:00
kyouma.nginx.virtualHosts."woof.rip" = {
2024-04-30 21:55:41 +02:00
locations."/static/".alias = "${pkgs.forgejo.data}/public/";
locations."/" = {
2024-06-13 13:02:01 +02:00
proxyPass = "http://unix:/run/forgejo/forgejo.sock";
2024-04-30 21:55:41 +02:00
};
};
2024-06-19 13:13:32 +02:00
security.acme.certs."woof.rip" = {};
2024-04-30 21:55:41 +02:00
}