diff --git a/config/services/forgejo.nix b/config/services/forgejo.nix index d431bec..c8807e0 100644 --- a/config/services/forgejo.nix +++ b/config/services/forgejo.nix @@ -21,6 +21,7 @@ SCHEDULE = "@every 24h"; UPDATE_EXISTING = true; }; + DEFAULT.APP_NAME = "The Gay Git"; federation.ENABLED = true; log.LEVEL = "Info"; mailer = { @@ -31,6 +32,11 @@ USER = "git@kyouma.net"; }; mirror.DEFAULT_INTERVAL = "1h"; + oauth2_client.REGISTER_EMAIL_CONFIRM = false; + openid = { + ENABLE_OPENID_SIGNIN = true; + ENABLE_OPENID_SIGNUP = true; + }; session = { COOKIE_SECURE = true; PROVIDER = "db"; @@ -40,6 +46,7 @@ STATIC_URL_PREFIX = "/static"; PROTOCOL = "http+unix"; DOMAIN = "git.kyouma.net"; + ROOT_URL = "https://git.kyouma.net"; }; security = { LOGIN_REMEMBER_DAYS = 90; @@ -66,7 +73,7 @@ kyouma.nginx.virtualHosts."git.kyouma.net" = { locations."/static/".alias = "${pkgs.forgejo.data}/public/"; locations."/" = { - proxyPass = "http://unix:/run/forgejo/forgejo.socket"; + proxyPass = "http://unix:/run/forgejo/forgejo.sock"; }; }; security.acme.certs."git.kyouma.net" = {}; diff --git a/config/services/vaultwarden.nix b/config/services/vaultwarden.nix index 953bf83..1207442 100644 --- a/config/services/vaultwarden.nix +++ b/config/services/vaultwarden.nix @@ -6,14 +6,12 @@ services.vaultwarden = { enable = true; environmentFile = config.sops.secrets."services/vaultwarden/environmentFile".path; + backupDir = "/var/backup/bitwarden_rs"; config = { - DATA_FOLDER = "/var/lib/vaultwarden"; - DOMAIN = "staging.vault.kyouma.net"; + DOMAIN = "https://staging.vault.kyouma.net"; DATABASE_MAX_CONNS = 15; WEB_VAULT_ENABLED = true; - WEBSOCKET_ENABLED = true; WEBSOCKET_ADDRESS = "::1"; - WEBSOCKET_PORT = 3012; SENDS_ALLOWED = true; ORG_ATTACHMENT_LIMIT = 1048576; USER_ATTACHMENT_LIMIT = 524288; @@ -30,13 +28,13 @@ SMTP_USERNAME = "vault@kyouma.net"; SMTP_SECURITY = "starttls"; SMTP_PORT = 587; - ROCKET_ADDRESS = "unix:/run/vaultwarden/rocket.socket"; - ROCKET_PORT = ""; + ROCKET_ADDRESS = "::1"; + ROCKET_PORT = "8222"; }; }; kyouma.nginx.virtualHosts."staging.vault.kyouma.net" = { locations."/" = { - proxyPass = "http://unix:/run/vaultwarden/rocket.socket"; + proxyPass = "http://[::1]:8222"; proxyWebsockets = true; }; };