98 lines
2.9 KiB
Nix
98 lines
2.9 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
inherit (lib.attrsets) attrValues;
|
|
|
|
srv = config.services.forgejo.settings.server;
|
|
in {
|
|
age.secrets.forgejo-runner-token.file = ../../../secrets/forgejo-runner-token.age;
|
|
|
|
services = {
|
|
forgejo = {
|
|
enable = true;
|
|
package = pkgs.forgejo;
|
|
lfs.enable = true;
|
|
database.type = "postgres";
|
|
dump = {
|
|
enable = true;
|
|
type = "tar.xz";
|
|
};
|
|
settings = {
|
|
DEFAULT = {
|
|
APP_NAME = "fuck it we code";
|
|
};
|
|
|
|
server = {
|
|
DOMAIN = "git.jacekpoz.pl";
|
|
HTTP_PORT = 1849;
|
|
ROOT_URL = "https://${srv.DOMAIN}/";
|
|
|
|
# START_SSH_SERVER = true;
|
|
# SSH_PORT = 8236;
|
|
# SSH_LISTEN_PORT = 8236;
|
|
};
|
|
service = {
|
|
DISABLE_REGISTRATION = true;
|
|
};
|
|
actions = {
|
|
ENABLED = true;
|
|
DEFAULT_ACTIONS_URL = "https://code.forgejo.org";
|
|
};
|
|
federation = {
|
|
ENABLED = true;
|
|
};
|
|
};
|
|
};
|
|
gitea-actions-runner = {
|
|
package = pkgs.forgejo-runner;
|
|
instances = {
|
|
chmura = {
|
|
enable = true;
|
|
name = config.networking.hostName;
|
|
url = "http://localhost:${toString srv.HTTP_PORT}";
|
|
tokenFile = config.age.secrets.forgejo-runner-token.path;
|
|
labels = [
|
|
"native:host"
|
|
];
|
|
hostPackages = attrValues {
|
|
inherit (pkgs)
|
|
nix
|
|
nodejs
|
|
git
|
|
bash
|
|
fd
|
|
ripgrep
|
|
;
|
|
};
|
|
settings = {
|
|
log.level = "info";
|
|
runner = {
|
|
file = ".runner";
|
|
capacity = 2;
|
|
timeout = "3h";
|
|
insecure = false;
|
|
fetch_timeout = "5s";
|
|
fetch_interval = "2s";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.services.gitea-runner-chmura.serviceConfig = {
|
|
ReadWritePaths = "/srv/web";
|
|
};
|
|
|
|
# networking.firewall.allowedTCPPorts = [ srv.SSH_PORT ];
|
|
|
|
services.caddy = {
|
|
enable = true;
|
|
virtualHosts."git.jacekpoz.pl".extraConfig = ''
|
|
reverse_proxy * localhost:${toString srv.HTTP_PORT}
|
|
'';
|
|
};
|
|
}
|