cy/nixos-config
cy/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

migrate to forgejo
Some checks are pending
build and cache random stuff / build (.#attic-client) (push) Waiting to run
Details
build and cache random stuff / build (.#attic-server) (push) Waiting to run
Details
build and cache random stuff / build (.#conduwuit) (push) Waiting to run
Details
build and cache random stuff / build (.#eza) (push) Waiting to run
Details
nix flake and fmt check / flake-check (push) Waiting to run
Details
mirror to gitlab / build (push) Waiting to run
Details

Browse source
This commit is contained in:
cy 2025-01-10 01:27:05 -05:00
parent d506bc2b6a
commit 876cb663b1
3 changed files with 42 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
hosts/chunk/Caddyfile
View file

@ -11,9 +11,14 @@
header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
} }
git.cy7.sh, git.cything.io { git.cything.io {
import common import common
reverse_proxy unix//run/gitlab/gitlab-workhorse.socket redir https://git.cy7.sh{uri} permanent
}
git.cy7.sh {
import common
reverse_proxy localhost:3000
} }
rss.cything.io { rss.cything.io {

28
hosts/chunk/default.nix
View file

@ -9,7 +9,6 @@
../common.nix ../common.nix
../zsh.nix ../zsh.nix
./hardware-configuration.nix ./hardware-configuration.nix
./gitlab.nix
./backup.nix ./backup.nix
./rclone.nix ./rclone.nix
./postgres.nix ./postgres.nix
@ -25,6 +24,7 @@
./immich.nix ./immich.nix
./element.nix ./element.nix
./attic.nix ./attic.nix
./forgejo.nix
]; ];
sops.age.keyFile = "/root/.config/sops/age/keys.txt"; sops.age.keyFile = "/root/.config/sops/age/keys.txt";
@ -59,26 +59,6 @@
"miniflux/env" = { "miniflux/env" = {
sopsFile = ../../secrets/services/miniflux.yaml; sopsFile = ../../secrets/services/miniflux.yaml;
}; };
"gitlab/root" = {
sopsFile = ../../secrets/services/gitlab.yaml;
owner = config.users.users.git.name;
};
"gitlab/secret" = {
sopsFile = ../../secrets/services/gitlab.yaml;
owner = config.users.users.git.name;
};
"gitlab/jws" = {
sopsFile = ../../secrets/services/gitlab.yaml;
owner = config.users.users.git.name;
};
"gitlab/db" = {
sopsFile = ../../secrets/services/gitlab.yaml;
owner = config.users.users.git.name;
};
"gitlab/otp" = {
sopsFile = ../../secrets/services/gitlab.yaml;
owner = config.users.users.git.name;
};
"rsyncnet/id_ed25519" = { "rsyncnet/id_ed25519" = {
sopsFile = ../../secrets/zh5061/chunk.yaml; sopsFile = ../../secrets/zh5061/chunk.yaml;
}; };
@ -157,6 +137,12 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdhAQYy0+vS+QmyCd0MAbqbgzyMGcsuuFyf6kg2yKge yt@ytlinux" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdhAQYy0+vS+QmyCd0MAbqbgzyMGcsuuFyf6kg2yKge yt@ytlinux"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyn2+OoRN4nExti+vFQ1NHEZip0slAoCH9C5/FzvgZD yt@ytnix" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyn2+OoRN4nExti+vFQ1NHEZip0slAoCH9C5/FzvgZD yt@ytnix"
]; ];
# for forgejo
users.users.git = {
isSystemUser = true;
group = "git";
};
users.groups.git = {};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
vim vim

28
hosts/chunk/forgejo.nix Normal file
View file

@ -0,0 +1,28 @@
{...}:
{
services.forgejo = {
enable = true;
user = "git";
group = "git";
settings = {
server = {
ROOT_URL = "https://git.cy7.sh";
HTTP_PORT = 3000;
HTTP_ADDR = "127.0.0.1";
DOMAIN = "git.cy7.sh";
};
session.COOKIE_SECURE = true;
service.DISABLE_REGISTRATION = true;
ui = {
AMBIGUOUS_UNICODE_DETECTION = false;
DEFAULT_THEME = "gitea-dark";
};
};
database = {
type = "postgres";
socket = "/run/postgresql";
user = "git";
name = "git";
};
};
}