feat: fw final switch to forgejo

2026-02-01 15:23:10 +01:00 · 2026-02-01 15:23:10 +01:00 · f5a0bc582d
commit f5a0bc582d
parent 25580ded3b
6 changed files with 10 additions and 24 deletions
--- a/hosts/fw/modules/forgejo.nix
+++ b/hosts/fw/modules/forgejo.nix
@ -19,13 +19,12 @@ in
  users.users.forgejo = user;
  users.groups.forgejo = group;

-  # Reuse the existing git.cloonar.com ACME cert from gitea.nix
-  security.acme.certs."forgejo.cloonar.com" = {
+  security.acme.certs."git.cloonar.com" = {
    group = "nginx";
  };

  containers.forgejo = {
-    autoStart = false;  # Don't start until migration is complete
+    autoStart = true;
    ephemeral = false; # because of ssh key
    privateNetwork = true;
    hostBridge = "server";
@ -37,8 +36,7 @@ in
        isReadOnly = false;
      };
      "/var/lib/acme/forgejo/" = {
-        # hostPath = config.security.acme.certs.${domain}.directory;
-        hostPath = config.security.acme.certs."forgejo.cloonar.com".directory;
+        hostPath = config.security.acme.certs.${domain}.directory;
        isReadOnly = true;
      };
      "/run/secrets/forgejo-mailer-password" = {
@ -146,7 +144,6 @@ in

  sops.secrets.forgejo-mailer-password = {
    owner = "forgejo";
-    # restartUnits removed - would start the container even with autoStart=false
-    # Re-add after migration: restartUnits = [ "container@forgejo.service" ];
+    restartUnits = [ "container@forgejo.service" ];
  };
 }