{ pkgs, config, ...}: let # Domain TBD domain = "git.ws.kcnhub.com"; in { services.gitea = { enable = true; database = { type = "postgres"; socket = "/run/postgresql"; }; settings = { server = { HTTP_PORT = 5000; ROOT_URL = "https://${domain}"; }; actions = { ENABLED = true; }; service.DISABLE_REGISTRATION = true; }; }; # To allow gitea to access /etc/shadow for PAM authentication users.users.gitea.extraGroups = [ "shadow" ]; # Services Runner running in nixos-container w/ host label # This allows sharing of nix-store for caching actions builds # ... Maybe I'll actually set this up. Some concern for clearing its # cache and it overpopulating. Idk. We'll see. # services.gitea-actions-runner.instances."nix-runner" = { # enable = true; # name = "nix-runner"; # url = "http://localhost:${config.services.gitea.settings.server.HTTP_PORT}"; # labels = [ # # don't require docker/podman # "native:host" # ]; # tokenFile = "/var/lib/gitea/runner_token"; # }; services.postgresql = { enable = true; port = 5432; ensureUsers = [{ name = "gitea"; # Ensures gitea user owns a db called gitea ensureDBOwnership = true; ensureClauses = { createdb = true; }; }]; }; services.caddy.virtualHosts = { "ws.kcnhub.com" = { extraConfig = '' redir "https://git.ws.kcnhub.com/DavidC/WS-KCNHUB/wiki" ''; }; "${domain}" = { extraConfig = '' reverse_proxy 127.0.0.1:${toString config.services.gitea.settings.server.HTTP_PORT} ''; }; }; }