yisroelbaum/home-server-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
home-server-config/forgejo.nix

58 lines
1.5 KiB
Nix
Raw Blame History

{
domainName,
config,
...
}:
{
services = {
forgejo = {
enable = true;
settings = {
server = {
ROOT_URL = "https://git.${domainName}/";
PROTOCOL = "http";
DOMAIN = "git.${domainName}";
SSH_PORT = 2222;
START_SSH_SERVER = true;
};
session.COOKIE_SECURE = true;
service.DISABLE_REGISTRATION = true;
mailer = {
ENABLED = true;
SMTP_ADDR = "in-v3.mailjet.com";
SMTP_PORT = 587;
FROM = "me@${domainName}";
# USER and PASSWD come from secrets below
};
};
secrets.mailer.USER = config.sops.secrets."forgejo-mailer-user".path;
secrets.mailer.PASSWD = config.sops.secrets."forgejo-mailer-passwd".path;
};
nginx.virtualHosts."git.${domainName}" = {
forceSSL = true;
enableACME = true;
extraConfig = ''
client_max_body_size 512M;
'';
locations = {
"/" = {
proxyPass = "http://localhost:3000";
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
'';
};
};
};
};
sops.secrets."forgejo-mailer-user" = {
sopsFile = ./secrets/forgejo.yaml;
mode = "0400";
};
sops.secrets."forgejo-mailer-passwd" = {
sopsFile = ./secrets/forgejo.yaml;
mode = "0400";
};
}
Reference in a new issue View git blame Copy permalink