try again gitea

hosts/fw.cloonar.com/modules/gitea.nix

@@ -104,12 +104,12 @@ in
     # privateNetwork = true;
     # hostBridge = "server";
     # localAddress = "10.42.97.2";
-    bindMounts = {
-      "/var/lib/gitea" = {
-        hostPath = "/var/lib/gitea/";
-        isReadOnly = false;
-      };
-    };
+    # bindMounts = {
+    #   "/var/lib/gitea" = {
+    #     hostPath = "/var/lib/gitea/";
+    #     isReadOnly = false;
+    #   };
+    # };
     # bindMounts = {
     #   "/var/lib/acme/gitea/" = {
     #     hostPath = "${security.acme.certs.${domain}.directory}";
@@ -118,7 +118,7 @@ in
     # };
     config = { lib, config, pkgs, ... }: {
       networking = {
-        hostName = "gitea";
+        # hostName = "gitea";
         # interfaces.eth0.useDHCP = true;
         interfaces.mv-vserver = {
           ipv4.addresses = [ { address = "10.42.97.2"; prefixLength = 24; } ];
@@ -128,49 +128,49 @@ in
         #   allowedTCPPorts = [ 22 80 443 ];
         # };
         # Use systemd-resolved inside the container
-        useHostResolvConf = false;
+        # useHostResolvConf = false;
       };
-      services.resolved.enable = true;
+      # services.resolved.enable = true;
 
-      services.nginx.enable = true;
-      services.nginx.virtualHosts."${domain}" = {
-        sslCertificate = "/var/lib/acme/gitea/fullchain.pem";
-        sslCertificateKey = "/var/lib/acme/gitea/key.pem";
-        sslTrustedCertificate = "/var/lib/acme/gitea/chain.pem";
-        forceSSL = true;
-        locations."/" = {
-          proxyPass = "http://localhost:3001/";
-        };
-      };
-
-      nixpkgs.config.permittedInsecurePackages = [
-        "gitea-1.19.4"
-      ];
-
-      services.gitea = {
-        enable = true;
-        appName = "Cloonar Gitea server"; # Give the site a name
-        settings = {
-          server = {
-            ROOT_URL = "https://${domain}/";
-            HTTP_PORT = 3001;
-            DOMAIN = domain;
-          };
-          openid = {
-            ENABLE_OPENID_SIGNIN = false;
-            ENABLE_OPENID_SIGNUP = true;
-            WHITELISTED_URIS     = "auth.example.com";
-          };
-          service = {
-            DISABLE_REGISTRATION                          = false;
-            ALLOW_ONLY_EXTERNAL_REGISTRATION              = true;
-            SHOW_REGISTRATION_BUTTON                      = false;
-          };
-          webhook.ALLOWED_HOST_LIST = "drone.cloonar.com";
-        };
-      };
-
-      system.stateVersion = "23.05";
+      # services.nginx.enable = true;
+      # services.nginx.virtualHosts."${domain}" = {
+      #   sslCertificate = "/var/lib/acme/gitea/fullchain.pem";
+      #   sslCertificateKey = "/var/lib/acme/gitea/key.pem";
+      #   sslTrustedCertificate = "/var/lib/acme/gitea/chain.pem";
+      #   forceSSL = true;
+      #   locations."/" = {
+      #     proxyPass = "http://localhost:3001/";
+      #   };
+      # };
+      #
+      # nixpkgs.config.permittedInsecurePackages = [
+      #   "gitea-1.19.4"
+      # ];
+      #
+      # services.gitea = {
+      #   enable = true;
+      #   appName = "Cloonar Gitea server"; # Give the site a name
+      #   settings = {
+      #     server = {
+      #       ROOT_URL = "https://${domain}/";
+      #       HTTP_PORT = 3001;
+      #       DOMAIN = domain;
+      #     };
+      #     openid = {
+      #       ENABLE_OPENID_SIGNIN = false;
+      #       ENABLE_OPENID_SIGNUP = true;
+      #       WHITELISTED_URIS     = "auth.example.com";
+      #     };
+      #     service = {
+      #       DISABLE_REGISTRATION                          = false;
+      #       ALLOW_ONLY_EXTERNAL_REGISTRATION              = true;
+      #       SHOW_REGISTRATION_BUTTON                      = false;
+      #     };
+      #     webhook.ALLOWED_HOST_LIST = "drone.cloonar.com";
+      #   };
+      # };
+      #
+      # system.stateVersion = "23.05";
     };
   };
 }