added forgejo config using sqlite.

2024-07-29 15:02:40 -05:00 · 2024-07-29 15:02:40 -05:00 · f91cb5469d
commit f91cb5469d
parent 6dcbb146b7
8 changed files with 77 additions and 32 deletions
--- a/configs/nixos/forgejo.nix
+++ b/configs/nixos/forgejo.nix
@ -0,0 +1,41 @@
+{
+  inputs,
+  config,
+  pkgs,
+  lib,
+  ...
+}: let
+  cfg = config.services.forgejo;
+  srv = cfg.settings.server;
+in {
+  services.forgejo = {
+    enable = true;
+    database.type = "sqlite3";
+    lfs.enable = true;
+    settings = {
+      server = {
+        DOMAIN = "test.venberg.xyz";
+        ROOT_URL = "https://${srv.DOMAIN}";
+        HTTP_PORT = 3000;
+        ENABLE_GZIP = true;
+      };
+      service.DISABLE_REGISTRATION = true;
+      ui.DEFAULT_THEME = "forgejo-dark";
+      log.LEVEL = "Warn";
+      "cron.git_gc_repos".ENABLED = true;
+      "cron.resync_all_sshkeys".ENABLED = true;
+      "cron.reinit_missing_repos".ENABLED = true;
+      "cron.delete_old_actions".ENABLED = true;
+      "cron.delete_old_system_notices".ENABLED = true;
+      "cron.gc_lfs".ENABLED = true;
+    };
+  };
+
+  services.nginx.virtualHosts.${srv.DOMAIN} = {
+    enableACME = true;
+    forceSSL = true;
+    locations."/" = {
+      proxyPass = "http://localhost:${toString srv.HTTP_PORT}";
+    };
+  };
+}
--- a/configs/nixos/radicale.nix
+++ b/configs/nixos/radicale.nix
@ -5,18 +5,23 @@
  lib,
  ...
 }: {
-  services.radicale={
-    enable=true;
-    settings={
-      server={
-        hosts=[ "0.0.0.0:5232" "[::]:5232" ];
-      };
-      auth={
-        type="htpasswd";
-        htpasswd_encryption="md5";
-        htpasswd_filename="${inputs.nix-secrets}/radicale-users";
+  services.radicale = {
+    enable = true;
+    settings = {
+      auth = {
+        type = "htpasswd";
+        htpasswd_encryption = "md5";
+        htpasswd_filename = "${inputs.nix-secrets}/radicale-users";
      };
    };
  };
  networking.firewall.allowedTCPPorts = [5232];
+
+  services.nginx.virtualHosts."cal.venberg.xyz" = {
+    enableACME = true;
+    forceSSL = true;
+    locations."/" = {
+      proxyPass = "http://localhost:5232";
+    };
+  };
 }
--- a/hosts/cirrus/default.nix
+++ b/hosts/cirrus/default.nix
@ -19,6 +19,7 @@ inputs.nixpkgs.lib.nixosSystem {
    ../../configs/nixos/sshd.nix
    ../../configs/nixos/secrets.nix
    ../../configs/nixos/radicale.nix
+    # ../../configs/nixos/forgejo.nix
    ({
      config,
      pkgs,
--- a/hosts/cirrus/disk-config.nix
+++ b/hosts/cirrus/disk-config.nix
@ -35,4 +35,3 @@
    };
  };
 }
-
--- a/hosts/cirrus/nginx.nix
+++ b/hosts/cirrus/nginx.nix
@ -8,12 +8,10 @@
  imports = [
    ../../configs/nixos/nginx.nix
  ];
-  services.nginx.virtualHosts."cal.venberg.xyz" = {
+  services.nginx.virtualHosts."gabevenberg.com" = {
    enableACME = true;
    forceSSL = true;
-    locations."/" = {
-      proxyPass = "http://localhost:5232";
-    };
+    root = "/var/www/gabevenberg.com";
  };
  networking.firewall.allowedTCPPorts = [443 80];
 }
--- a/hosts/rockhole64/adguard.nix
+++ b/hosts/rockhole64/adguard.nix
@ -6,9 +6,9 @@
  lib,
  ...
 }: {
-  services.adguardhome={
-    enable=true;
-    mutableSettings=true;
-    allowDHCP=true;
+  services.adguardhome = {
+    enable = true;
+    mutableSettings = true;
+    allowDHCP = true;
  };
 }
--- a/lib/default.nix
+++ b/lib/default.nix
@ -1,8 +1,6 @@
-{lib}:let 
+{lib}: let
  net = import ./net.nix {inherit lib;};
-in
-{
-
+in {
  dirToStrings = dir: (map (v: builtins.readFile "${dir}/${v}")
    (builtins.filter (v:
      (builtins.readFileType "${dir}/${v}") == "regular") (
@ -14,8 +12,11 @@ in
      else []
    )));

-
-  calcSystemdDhcpPoolOffset = {base, start, end}: {
+  calcSystemdDhcpPoolOffset = {
+    base,
+    start,
+    end,
+  }: {
    offset = net.lib.net.ip.diff start base;
    size = net.lib.net.ip.diff end start;
  };