Set up Gitea

This commit is contained in:
coolneng 2019-11-16 10:55:10 +01:00
parent 4a2f5b2e32
commit f103b449e9
5 changed files with 51 additions and 3 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
secrets

View File

@ -36,10 +36,10 @@
CLOSED: [2019-11-08 Fri 13:51]
- [X] Harden password
** Web stack [1/7] [14%]
*** IN-PROGRESS Nginx [2/5] [40%]
*** IN-PROGRESS Nginx [3/4] [75%]
- [X] Radicale reverse proxy
- [X] Syncthing reverse proxy
- [ ] Gitea vhost
- [X] Gitea vhost
- [ ] Miniflux vhost
*** TODO PHP [0/1] [0%]
- [ ] Php-fpm

View File

@ -102,6 +102,7 @@
./modules/datasync.nix
./modules/hardware-configuration.nix
./modules/webstack.nix
./modules/devops.nix
];
}

23
modules/devops.nix Normal file
View File

@ -0,0 +1,23 @@
# Software development configuration
{ config, pkgs, lib, ... }:
{
environment.systemPackages = with pkgs; [
gitea
];
# Gitea setup with daily backup
services.gitea = {
enable = true;
domain = "coolneng.duckdns.org/gitea";
rootUrl = "https://coolneng.duckdns.org/gitea";
database = {
type = "postgres";
passwordFile = "/var/keys/gitea/db";
};
cookieSecure = true;
#disableRegistration = true;
repositoryRoot = "/vault/git";
dump.enable = true;
};
}

View File

@ -62,6 +62,9 @@
locations."/syncthing/" = {
proxyPass = "http://localhost:8384/";
};
locations."/gitea/" = {
proxyPass = "http://localhost:3000/";
};
};
};
};
@ -81,7 +84,27 @@
};
# Enable PostgreSQL with daily backup
services.postgresql.enable = true;
services.postgresql = {
enable = true;
package = pkgs.postgresql_11;
ensureDatabases = [ "gitea" ];
ensureUsers = [
{
name = "gitea";
ensurePermissions = {"DATABASE gitea" = "ALL PRIVILEGES";};
}
];
authentication = lib.mkForce ''
# Generated file; do not edit!
# TYPE DATABASE USER ADDRESS METHOD
local all all trust
host all all 127.0.0.1/32 trust
host all all ::1/128 trust
'';
identMap = ''
gitea-users gitea gitea
'';
};
services.postgresqlBackup = {
enable = true;