diff --git a/nixos/default.nix b/nixos/default.nix index 2440c30..e2637ac 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -6,5 +6,6 @@ }: { imports = [ ./trash + ./services ]; } diff --git a/nixos/services/default.nix b/nixos/services/default.nix new file mode 100644 index 0000000..36b456a --- /dev/null +++ b/nixos/services/default.nix @@ -0,0 +1,10 @@ +{ + config, + lib, + pkgs, + ... +}: { + imports = [ + ./forgejo + ]; +} diff --git a/nixos/services/forgejo/default.nix b/nixos/services/forgejo/default.nix new file mode 100644 index 0000000..b15d2d9 --- /dev/null +++ b/nixos/services/forgejo/default.nix @@ -0,0 +1,66 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cfg = config.options.trivium.services.forgejo; +in { + options.trivium.services.forgejo = { + enable = mkEnableOption "forgejo settings"; + + virtualHost = mkOption { + type = types.string; + description = "Virtualhost to use for nginx's reverse proxy. Usually something like git..com"; + }; + + appName = mkOption { + type = types.string; + description = "You guess what this does"; + }; + + disableRegistration = mkOption { + type = types.bool; + default = true; + description = "Turn this off just to create the first admin account"; + }; + }; + + config = mkIf cfg.enable { + services = { + nginx = { + virtualHosts."${cfg.virtualHost}" = { + enableACME = true; + forceSSL = true; + locations."/".proxyPass = "http://localhost:9170"; + }; + }; + + forgejo = { + enable = true; + lfs.enable = true; + useWizard = false; + settings = { + general.APP_NAME = "${cfg.appName}"; + ui.DEFAULT_THEME = "forgejo-dark"; + server = { + DOMAIN = "${cfg.virtualHost}"; + ROOT_URL = "https://${cfg.virtualHost}"; + HTTP_PORT = 9170; + LANDING_PAGE = "explore"; + }; + + service.DISABLE_REGISTRATION = ${cfg.disableRegistration}; + + actions = { + ENABLED = true; + }; + mailer = { + ENABLED = false; + }; + }; + }; + }; + }; +}