70 lines
1.5 KiB
Nix
70 lines
1.5 KiB
Nix
{ config, ... }:
|
|
let
|
|
domain = "git.cloonar.com";
|
|
ip = "10.42.97.3";
|
|
in
|
|
{
|
|
services.nginx.virtualHosts."${domain}" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "https://${ip}:443/";
|
|
extraConfig = ''
|
|
proxy_set_header=Host ${domain}
|
|
'';
|
|
};
|
|
};
|
|
|
|
environment.etc."gitea/app.ini".text = ''
|
|
APP_NAME = Cloonar Gitea server
|
|
RUN_MODE = prod
|
|
|
|
[cron.update_checker]
|
|
ENABLED=false
|
|
|
|
[database]
|
|
DB_TYPE=sqlite3
|
|
PATH=/bitnami/gitea/data/gitea.db
|
|
|
|
[openid]
|
|
ENABLE_OPENID_SIGNIN=false
|
|
ENABLE_OPENID_SIGNUP=true
|
|
WHITELISTED_URIS=auth.cloonar.com
|
|
|
|
[server]
|
|
DISABLE_SSH=false
|
|
DOMAIN=git.cloonar.com
|
|
HTTP_ADDR=0.0.0.0
|
|
HTTP_PORT=443
|
|
PROTOCOL=https
|
|
ROOT_URL=https://git.cloonar.com/
|
|
SSH_PORT=22
|
|
CERT_FILE=/opt/bitnami/gitea/ssl/fullchain.pem
|
|
KEY_FILE=/opt/binami/gitea/ssl/key.pem
|
|
|
|
[service]
|
|
ALLOW_ONLY_EXTERNAL_REGISTRATION=true
|
|
DISABLE_REGISTRATION=false
|
|
SHOW_REGISTRATION_BUTTON=false
|
|
|
|
[webhook]
|
|
ALLOWED_HOST_LIST=drone.cloonar.com
|
|
'';
|
|
|
|
virtualisation = {
|
|
oci-containers.containers = {
|
|
gitea = {
|
|
image = "bitnami/gitea:1";
|
|
volumes = [
|
|
"/var/lib/gitea:/opt/bitnami/gitea"
|
|
"/etc/gitea/app.ini:/opt/bitnami/gitea/custom/conf/app.ini:ro"
|
|
"/var/lib/acme/git.cloonar.com:/opt/bitnami/gitea/ssl:ro"
|
|
];
|
|
extraOptions = [
|
|
"--ip=${ip}"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|