77 lines
2 KiB
Nix
77 lines
2 KiB
Nix
{ config, inputs, pkgs, ... }: {
|
|
imports = [
|
|
inputs.sops-nix.nixosModules.sops
|
|
];
|
|
sops.secrets."services/forgejo/mailerPassword" = {
|
|
sopsFile = ../../secrets/services/forgejo.yaml;
|
|
owner = "forgejo";
|
|
};
|
|
services.forgejo = {
|
|
enable = true;
|
|
mailerPasswordFile = config.sops.secrets."services/forgejo/mailerPassword".path;
|
|
database = {
|
|
createDatabase = true;
|
|
type = "postgres";
|
|
socket = "/run/postgresql";
|
|
};
|
|
dump = {
|
|
enable = true;
|
|
type = "tar.xz";
|
|
};
|
|
settings = {
|
|
"cron.sync_external_users" = {
|
|
RUN_AT_START = true;
|
|
SCHEDULE = "@every 24h";
|
|
UPDATE_EXISTING = true;
|
|
};
|
|
federation.ENABLED = true;
|
|
log.LEVEL = "Info";
|
|
mailer = {
|
|
ENABLED = true;
|
|
PROTOCOL = "smtp+starttls";
|
|
FROM = "git@kyouma.net";
|
|
SMTP_ADDR = "mail.kyouma.net";
|
|
USER = "git@kyouma.net";
|
|
};
|
|
mirror.DEFAULT_INTERVAL = "1h";
|
|
session = {
|
|
COOKIE_SECURE = true;
|
|
PROVIDER = "db";
|
|
SESSION_LIFE_TIME = 2592000;
|
|
};
|
|
server = {
|
|
STATIC_URL_PREFIX = "/static";
|
|
PROTOCOL = "http+unix";
|
|
DOMAIN = "git.kyouma.net";
|
|
};
|
|
security = {
|
|
LOGIN_REMEMBER_DAYS = 90;
|
|
PASSWORD_HASH_ALGO = "argon2";
|
|
MIN_PASSWORD_LENGTH = 16;
|
|
PASSWORD_COMPLEXITY = "spec";
|
|
};
|
|
service = {
|
|
REGISTER_EMAIL_CONFIRM = true;
|
|
ENABLE_NOTIFY_MAIL = true;
|
|
ENABLE_CAPTCHA = true;
|
|
DEFAULT_KEEP_EMAIL_PRIVATE = true;
|
|
};
|
|
repository.ENABLE_PUSH_CREATE_USER = true;
|
|
ui = {
|
|
EXPLORE_PAGING_NUM = 50;
|
|
ISSUE_PAGING_NUM = 50;
|
|
MEMBERS_PAGING_NUM = 50;
|
|
DEFAULT_THEME = "forgejo-dark";
|
|
SHOW_USER_EMAIL = false;
|
|
};
|
|
};
|
|
};
|
|
kyouma.nginx.virtualHosts."git.kyouma.net" = {
|
|
locations."/static/".alias = "${pkgs.forgejo.data}/public/";
|
|
locations."/" = {
|
|
proxyPass = "http://unix:/run/forgejo/forgejo.socket";
|
|
};
|
|
};
|
|
security.acme.certs."git.kyouma.net" = {};
|
|
}
|