lynatic/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
flake/services/forgejo.nix

41 lines
1 KiB
Nix
Raw Blame History

{pkgs, lib, config, ...}:
with lib; with builtins; {
services.forgejo = {
enable = true;
settings.server = {
ROOT_URL = "https://git.shibe.pro";
DOMAIN = "git.shibe.pro";
HTTP_PORT = 48540;
OFFLINE_MODE = true; # disable gravatar, CDN
};
settings.actions = {
ENABLED = true;
};
settings."repository.upload" = {
FILE_MAX_SIZE = 4095;
MAX_FILES = 20;
};
settings."attachment" = {
MAX_SIZE = 4095;
MAX_FILES = 20;
};
settings.service = {
DISABLE_REGISTRATION = true;
DEFAULT_KEEP_EMAIL_PRIVATE = true;
};
database = {
user = "forgejo";
passwordFile = config.sops.secrets."hosts/forgenite/forgejo/db_password".path;
name = "forgejodb";
type = "mysql";
};
};
# Allow forgejo user to adjust authorized_keys dynamically
services.openssh.extraConfig = ''
Match User forgejo
AuthorizedKeysFile ${config.users.users.forgejo.home}/.ssh/authorized_keys
'';
networking.firewall.allowedTCPPorts = [48540];
}
Reference in a new issue View git blame Copy permalink