forgejo: update configuration options

This commit is contained in:
Serĉanto de Scio 2024-02-07 02:08:09 +10:00
parent 56965f56ce
commit 06917aab82
Signed by: sercanto
GPG key ID: 7DBA9F5689EFB6AA

View file

@ -9,18 +9,12 @@
sources = import ../nix/sources.nix; sources = import ../nix/sources.nix;
unstable = import sources.nixpkgsUnstable {}; unstable = import sources.nixpkgsUnstable {};
in { in {
services.gitea = { services.forgejo = {
enable = true; # Enable Forgejo enable = true; # Enable Forgejo
appName = "mcwhirter.io: Forgejo Service"; # Give the site a name
database = { database = {
type = "postgres"; # Database type type = "postgres"; # Database type
passwordFile = "/run/keys/gitea-dbpass"; # Where to find the password passwordFile = "/run/keys/forgejo-dbpass"; # Where to find the password
}; };
disableRegistration = true;
domain = "source.mcwhirter.io"; # Domain name
rootUrl = "https://source.mcwhirter.io/"; # Root web URL
httpPort = 3002; # Provided unique port
package = pkgs.forgejo; # a soft fork of gitea
settings = let settings = let
docutils = pkgs.python39.withPackages (ps: docutils = pkgs.python39.withPackages (ps:
with ps; [ with ps; [
@ -28,12 +22,21 @@ in {
pygments # Provides syntax highlighting pygments # Provides syntax highlighting
]); ]);
in { in {
DEFAULT.APP_NAME = "mcwhirter.io: Forgejo Service"; # Give the site a name
mailer = { mailer = {
ENABLED = true; ENABLED = true;
FROM = "gitea@mcwhirter.io"; FROM = "forgejo@mcwhirter.io";
}; };
repository = {DEFAULT_BRANCH = "consensus";}; repository = {DEFAULT_BRANCH = "consensus";};
service = {REGISTER_EMAIL_CONFIRM = true;}; service = {REGISTER_EMAIL_CONFIRM = true;};
server = {
DOMAIN = "source.mcwhirter.io"; # Domain name
HTTP_PORT = 3002; # Provided unique port
ROOT_URL = "https://source.mcwhirter.io/"; # Root web URL
};
service = {
DISABLE_REGISTRATION = true;
};
"markup.restructuredtext" = { "markup.restructuredtext" = {
ENABLED = true; ENABLED = true;
FILE_EXTENSIONS = ".rst"; FILE_EXTENSIONS = ".rst";
@ -49,10 +52,10 @@ in {
systemd = { systemd = {
services = { services = {
gitea = { forgejo = {
# Ensure gitea starts after nixops keys are loaded # Ensure forgejo starts after nixops keys are loaded
after = ["gitea-dbpass-key.service"]; after = ["forgejo-dbpass-key.service"];
wants = ["gitea-dbpass-key.service"]; wants = ["forgejo-dbpass-key.service"];
}; };
}; };
}; };
@ -60,27 +63,23 @@ in {
services.postgresql = { services.postgresql = {
enable = true; # Ensure postgresql is enabled enable = true; # Ensure postgresql is enabled
authentication = '' authentication = ''
local gitea all ident map=gitea-users local forgejo all ident map=forgejo-users
''; '';
identMap = identMap =
# Map the gitea user to postgresql # Map the forgejo user to postgresql
'' ''
gitea-users gitea gitea forgejo-users forgejo forgejo
''; '';
ensureDatabases = ["gitea"]; # Ensure the database persists ensureDatabases = ["forgejo"]; # Ensure the database persists
ensureUsers = [ ensureUsers = [
{ {
name = "gitea"; # Ensure the database user persists name = "forgejo"; # Ensure the database user persists
ensurePermissions = { ensureDBOwnership = true;
# Ensure the database permissions persist
"DATABASE gitea" = "ALL PRIVILEGES";
"ALL TABLES IN SCHEMA public" = "ALL PRIVILEGES";
};
} }
]; ];
}; };
services.postgresqlBackup.databases = ["gitea"]; services.postgresqlBackup.databases = ["forgejo"];
services.nginx = { services.nginx = {
enable = true; # Enable Nginx enable = true; # Enable Nginx
@ -117,5 +116,5 @@ in {
}; };
}; };
users.groups.keys.members = ["gitea"]; # Required due to NixOps issue #1204 users.groups.keys.members = ["forgejo"]; # Required due to NixOps issue #1204
} }