2023-07-13 09:05:07 +00:00
{ pkgs , self , . . . }: {
2023-07-04 17:56:58 +00:00
2023-07-13 09:05:07 +00:00
imports = [
./postgresql.nix
./actions-runner.nix
] ;
2023-07-04 17:56:58 +00:00
services . gitea = {
enable = true ;
database = {
type = " p o s t g r e s " ;
host = " / r u n / p o s t g r e s q l " ;
port = 5432 ;
} ;
2024-03-18 16:34:37 +00:00
lfs . enable = true ;
2023-07-13 09:05:07 +00:00
package = self . packages . ${ pkgs . hostPlatform . system } . gitea ;
settings . actions . ENABLED = true ;
2023-07-04 17:56:58 +00:00
settings . mailer = {
ENABLED = true ;
FROM = " g i t e a @ c l a n . l o l " ;
2023-07-05 10:52:45 +00:00
HOST = " l o c a l h o s t : 2 5 " ;
2023-07-04 17:56:58 +00:00
} ;
settings . log . LEVEL = " E r r o r " ;
2023-07-05 13:22:57 +00:00
settings . service . DISABLE_REGISTRATION = false ;
2023-07-04 17:56:58 +00:00
settings . metrics . ENABLED = true ;
settings . server = {
2023-07-13 09:17:56 +00:00
APP_DATA_PATH = " / v a r / l i b / g i t e a / d a t a " ;
2023-07-04 17:56:58 +00:00
DISABLE_ROUTER_LOG = true ;
ROOT_URL = " h t t p s : / / g i t . c l a n . l o l " ;
HTTP_PORT = 3002 ;
DOMAIN = " g i t . c l a n . l o l " ;
2023-10-24 16:13:48 +00:00
LANDING_PAGE = " e x p l o r e " ;
2023-07-04 17:56:58 +00:00
} ;
2024-03-18 09:15:47 +00:00
settings . session . COOKIE_SECURE = true ;
2023-07-04 17:56:58 +00:00
} ;
services . nginx . virtualHosts . " g i t . c l a n . l o l " = {
forceSSL = true ;
enableACME = true ;
2024-03-17 11:18:21 +00:00
# The add_header directive is used to set the Content-Security-Policy header to allow embedding the Gitea instance in an iframe on the pad.lassul.us instance.
2023-07-04 17:56:58 +00:00
locations . " / " . extraConfig = ''
proxy_pass http://localhost:3002 ;
2024-03-17 11:18:21 +00:00
add_header Content-Security-Policy " f r a m e - a n c e s t o r s ' s e l f ' h t t p s : / / p a d . l a s s u l . u s " ;
2023-07-04 17:56:58 +00:00
'' ;
} ;
}