poz/niksos
poz/niksos
1
3
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity

attempt at changing the forgejo ssh port

Browse source
This commit is contained in:
jacekpoz 2024-08-26 23:16:38 +02:00
parent d1f639e88e
commit 3ae589a77c
Signed by: poz
SSH key fingerprint: SHA256:JyLeVWE4bF3tDnFeUpUaJsPsNlJyBldDGV/dIKSLyN8
2 changed files with 14 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
hosts/chmura/configuration.nix
View file

@ -47,7 +47,7 @@ in {
oci-containers.backend = "podman"; oci-containers.backend = "podman";
}; };
networking.firewall.allowedTCPPorts = [ 80 443 22 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];
poz = { poz = {
other.home-manager.enable = true; other.home-manager.enable = true;
@ -70,7 +70,7 @@ in {
agent.enable = false; agent.enable = false;
daemon = { daemon = {
enable = true; enable = true;
ports = [ 7312 ]; ports = [ 7312 22 ];
}; };
}; };
syncthing.enable = true; syncthing.enable = true;

18
hosts/chmura/services/forgejo.nix
View file

@ -5,6 +5,8 @@
... ...
}: let }: let
inherit (lib.attrsets) attrValues; inherit (lib.attrsets) attrValues;
srv = config.services.forgejo.settings.server;
in { in {
age.secrets.forgejo-runner-token.file = ../../../secrets/forgejo-runner-token.age; age.secrets.forgejo-runner-token.file = ../../../secrets/forgejo-runner-token.age;
@ -22,12 +24,14 @@ in {
APP_NAME = "fuck it we code"; APP_NAME = "fuck it we code";
}; };
server = rec { server = {
DOMAIN = "git.jacekpoz.pl"; DOMAIN = "git.jacekpoz.pl";
HTTP_PORT = 1849; HTTP_PORT = 1849;
PROTOCOL = "http"; ROOT_URL = "https://${srv.DOMAIN}/";
SSH_PORT = 8236;
ROOT_URL = "${PROTOCOL}://${DOMAIN}/"; # START_SSH_SERVER = true;
# SSH_PORT = 8236;
# SSH_LISTEN_PORT = 8236;
}; };
service = { service = {
DISABLE_REGISTRATION = true; DISABLE_REGISTRATION = true;
@ -47,7 +51,7 @@ in {
chmura = { chmura = {
enable = true; enable = true;
name = config.networking.hostName; name = config.networking.hostName;
url = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}"; url = "http://localhost:${toString srv.HTTP_PORT}";
tokenFile = config.age.secrets.forgejo-runner-token.path; tokenFile = config.age.secrets.forgejo-runner-token.path;
labels = [ labels = [
"native:host" "native:host"
@ -82,10 +86,12 @@ in {
ReadWritePaths = "/srv/web"; ReadWritePaths = "/srv/web";
}; };
# networking.firewall.allowedTCPPorts = [ srv.SSH_PORT ];
services.caddy = { services.caddy = {
enable = true; enable = true;
virtualHosts."git.jacekpoz.pl".extraConfig = '' virtualHosts."git.jacekpoz.pl".extraConfig = ''
reverse_proxy * localhost:${toString config.services.forgejo.settings.server.HTTP_PORT} reverse_proxy * localhost:${toString srv.HTTP_PORT}
''; '';
}; };
} }