dotfiles/nixos/boxes/vpsfree1/gitea.nix

{ config, pkgs, inputs, lib, ... }:
let
  httpPort = 8083;
  sshPort = 22;
  domain = "git.cyplo.dev";
  baseurl = "https://${domain}";
  path = "/var/lib/gitea";
in {
  imports = [ ../nginx.nix ];

  boot.kernel.sysctl = { "net.ipv4.ip_unprivileged_port_start" = 0; };
  systemd.services.systemd-sysctl.enable = lib.mkForce true;

  networking.firewall.allowedTCPPorts = [ sshPort ];
  services.nginx = {
    virtualHosts = {
      "${domain}" = {
        forceSSL = true;
        enableACME = true;
        locations."/" = {
          proxyPass = "http://localhost:" + toString httpPort;
        };
      };
    };
  };

  containers.gitea = {
    autoStart = true;
    forwardPorts = [
      {
        inherit httpPort;
        containerPort = httpPort;
      }
      {
        containerPort = sshPort;
        hostPort = sshPort;
      }
    ];
    bindMounts = {
      "${path}" = {
        hostPath = "${path}";
        isReadOnly = false;
      };
    };
    config = { config, pkgs, lib, ... }: {
      system.stateVersion = "22.05";
      services.gitea = {
        inherit domain httpPort;
        enable = true;
        rootUrl = baseurl;
        stateDir = path;
        settings = {
          service.DISABLE_REGISTRATION = true;
          server = {
            START_SSH_SERVER = true;
            SSH_PORT = sshPort;
            SSH_LISTEN_PORT = sshPort;
            DISABLE_SSH = false;
            LFS_START_SERVER = true;
          };
        };
      };
    };
  };
}
add gitea 2022-10-25 21:23:22 +01:00			`{ config, pkgs, inputs, lib, ... }:`
			`let`
			`httpPort = 8083;`
allow gitea (and everyone else) to bind to low ports 2022-10-30 19:24:46 +00:00			`sshPort = 22;`
add gitea 2022-10-25 21:23:22 +01:00			`domain = "git.cyplo.dev";`
			`baseurl = "https://${domain}";`
			`path = "/var/lib/gitea";`
			`in {`
			`imports = [ ../nginx.nix ];`

allow gitea (and everyone else) to bind to low ports 2022-10-30 19:24:46 +00:00			`boot.kernel.sysctl = { "net.ipv4.ip_unprivileged_port_start" = 0; };`
			`systemd.services.systemd-sysctl.enable = lib.mkForce true;`

			`networking.firewall.allowedTCPPorts = [ sshPort ];`
add gitea 2022-10-25 21:23:22 +01:00			`services.nginx = {`
			`virtualHosts = {`
			`"${domain}" = {`
			`forceSSL = true;`
			`enableACME = true;`
			`locations."/" = {`
			`proxyPass = "http://localhost:" + toString httpPort;`
			`};`
			`};`
			`};`
			`};`

			`containers.gitea = {`
			`autoStart = true;`
			`forwardPorts = [`
			`{`
fix statix checks 2022-11-08 17:06:20 +00:00			`inherit httpPort;`
add gitea 2022-10-25 21:23:22 +01:00			`containerPort = httpPort;`
			`}`
			`{`
allow gitea (and everyone else) to bind to low ports 2022-10-30 19:24:46 +00:00			`containerPort = sshPort;`
			`hostPort = sshPort;`
add gitea 2022-10-25 21:23:22 +01:00			`}`
			`];`
			`bindMounts = {`
			`"${path}" = {`
			`hostPath = "${path}";`
			`isReadOnly = false;`
			`};`
			`};`
enable gitea to listen on the default ssh port for nicer clone urls 2022-10-29 22:44:34 +01:00			`config = { config, pkgs, lib, ... }: {`
add gitea 2022-10-25 21:23:22 +01:00			`system.stateVersion = "22.05";`
			`services.gitea = {`
fix statix checks 2022-11-08 17:06:20 +00:00			`inherit domain httpPort;`
add gitea 2022-10-25 21:23:22 +01:00			`enable = true;`
			`rootUrl = baseurl;`
			`stateDir = path;`
enable gitea to listen on the default ssh port for nicer clone urls 2022-10-29 22:44:34 +01:00			`settings = {`
upgrade vpsfree 2022-12-02 20:35:46 +00:00			`service.DISABLE_REGISTRATION = true;`
enable gitea to listen on the default ssh port for nicer clone urls 2022-10-29 22:44:34 +01:00			`server = {`
			`START_SSH_SERVER = true;`
allow gitea (and everyone else) to bind to low ports 2022-10-30 19:24:46 +00:00			`SSH_PORT = sshPort;`
			`SSH_LISTEN_PORT = sshPort;`
enable gitea to listen on the default ssh port for nicer clone urls 2022-10-29 22:44:34 +01:00			`DISABLE_SSH = false;`
enable lfs on gitea 2022-12-03 16:41:55 +00:00			`LFS_START_SERVER = true;`
enable gitea to listen on the default ssh port for nicer clone urls 2022-10-29 22:44:34 +01:00			`};`
add gitea 2022-10-25 21:23:22 +01:00			`};`
			`};`
			`};`
			`};`
			`}`