From 5ecd8a3b5d03cc54653c0dba4decef394342682d Mon Sep 17 00:00:00 2001
From: David Crompton <david.crompton@mail.utoronto.ca>
Date: Tue, 29 Aug 2023 11:59:58 -0400
Subject: [PATCH] Gitea: Prepare for with domain

---
 machines/kcnhub/servers/gitea.nix | 57 +++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 machines/kcnhub/servers/gitea.nix

diff --git a/machines/kcnhub/servers/gitea.nix b/machines/kcnhub/servers/gitea.nix
new file mode 100644
index 0000000..634d87e
--- /dev/null
+++ b/machines/kcnhub/servers/gitea.nix
@@ -0,0 +1,57 @@
+{ pkgs, config, ...}: let
+  # Domain TBD
+  domain = "git.kcnhub.syzygial.cc";
+in {
+  services.gitea = {
+    enable = true;
+    database = {
+      type = "postgres";
+      socket = "/run/postgresql";
+    };
+    settings = {
+      server = {
+        HTTP_PORT = 5000;
+        ROOT_URL = "https://git.${davesDomain}";
+      };
+      actions = {
+        ENABLED = true;
+      };
+    };
+  };
+
+  # Services Runner running in nixos-container w/ host label
+  # This allows sharing of nix-store for caching actions builds
+  # ... Maybe I'll actually set this up. Some concern for clearing its
+  # cache and it overpopulating. Idk. We'll see.
+  # services.gitea-actions-runner.instances."nix-runner" = {
+  #   enable = true;
+  #   name = "nix-runner";
+  #   url = "http://localhost:${config.services.gitea.settings.server.HTTP_PORT}";
+  #   labels = [
+  #     # don't require docker/podman
+  #     "native:host"
+  #   ];
+  #   tokenFile = "/var/lib/gitea/runner_token";
+  # };
+  
+  services.postgresql = {
+    enable = true;
+    port = 5432;
+    ensureUsers = [{
+      name = "gitea";
+      ensurePermissions = {
+        "DATABASE \"gitea\"" = "ALL PRIVILEGES";
+      };
+      ensureClauses = {
+        createdb = true;
+      };
+    }];
+  };
+  services.caddy.virtualHosts = {
+    "${domain}" = {
+	    extraConfig = ''
+        reverse_proxy 127.0.0.1:${toString config.services.gitea.settings.server.HTTP_PORT}
+      '';           
+    };
+  };
+}