115 lines
2.6 KiB
Nix
115 lines
2.6 KiB
Nix
{
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
cfg = config.my.services.forgejo;
|
|
httpPort = 3000;
|
|
sshPort = 22;
|
|
in
|
|
{
|
|
|
|
options.my.services.forgejo = {
|
|
enable = lib.mkEnableOption "Enable Forgejo code repository";
|
|
|
|
stateDir = lib.mkOption {
|
|
type = lib.types.path;
|
|
default = "/var/lib/forgejo/media";
|
|
description = "Directory with Immich will store media files";
|
|
};
|
|
|
|
settings = lib.mkOption {
|
|
default = { };
|
|
description = ''
|
|
Settings for Forgejo
|
|
'';
|
|
};
|
|
|
|
secrets = lib.mkOption {
|
|
description = "Secrets declared ";
|
|
type = lib.types.submodule {
|
|
freeformType = with lib.types; attrsOf (attrsOf path);
|
|
options = { };
|
|
};
|
|
default = { };
|
|
};
|
|
|
|
proxy = {
|
|
enable = lib.mkEnableOption "Set the proxy entry for this service";
|
|
|
|
domain = lib.mkOption {
|
|
default = "example.com";
|
|
type = lib.types.str;
|
|
description = ''
|
|
The domain where Caddy is reachable
|
|
'';
|
|
};
|
|
|
|
subdomain = lib.mkOption {
|
|
default = "git";
|
|
type = lib.types.str;
|
|
description = ''
|
|
The subdomain where Immich is reachable
|
|
'';
|
|
};
|
|
|
|
host = lib.mkOption {
|
|
default = "localhost";
|
|
type = lib.types.str;
|
|
description = ''
|
|
host name where the service is running
|
|
'';
|
|
};
|
|
|
|
};
|
|
};
|
|
|
|
config = lib.mkMerge [
|
|
(lib.mkIf cfg.enable {
|
|
|
|
services.forgejo = {
|
|
enable = true;
|
|
lfs.enable = true;
|
|
stateDir = cfg.stateDir;
|
|
secrets = cfg.secrets;
|
|
database = {
|
|
createDatabase = true;
|
|
type = "postgres";
|
|
};
|
|
settings = lib.recursiveUpdate {
|
|
server = {
|
|
DOMAIN = "git.${cfg.proxy.domain}";
|
|
ROOT_URL = "https://git.${cfg.proxy.domain}";
|
|
START_SSH_SERVER = true;
|
|
SSH_PORT = sshPort;
|
|
# Listen on all interfaces so git push/pull via SSH works from other hosts
|
|
SSH_LISTEN_HOST = "0.0.0.0";
|
|
HTTP_PORT = httpPort;
|
|
};
|
|
actions = {
|
|
ENABLED = true;
|
|
DEFAULT_ACTIONS_URL = "https://code.forgejo.org";
|
|
ARTIFACT_RETENTION_DAYS = 90;
|
|
};
|
|
} cfg.settings;
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
httpPort
|
|
sshPort
|
|
];
|
|
|
|
})
|
|
|
|
(lib.mkIf cfg.proxy.enable {
|
|
services.caddy = with cfg.proxy; {
|
|
virtualHosts."${subdomain}.${domain}".extraConfig = ''
|
|
reverse_proxy http://${host}:${toString httpPort}
|
|
import cloudflare_${domain}
|
|
'';
|
|
};
|
|
})
|
|
];
|
|
}
|