gitea running with data from imbert

This commit is contained in:
root 2021-09-05 00:25:29 +02:00
commit 0d5886e539
9 changed files with 169 additions and 0 deletions

14
Migration.md Normal file
View File

@ -0,0 +1,14 @@
## Migration from imbert to zentralwerk
[based on](https://docs.gitea.io/en-us/backup-and-restore/)
@imbert:
```shell
sudo -u git gitea dump -c /etc/gitea/app.ini
```
@gitea.hq.c3d2.de (lxc 315 @server6):
- copied `gitea-dump-*.zip` from imbert to `/tmp/`
```shell
/etc/nixos/migrate.sh
```

18
configuration.nix Normal file
View File

@ -0,0 +1,18 @@
{ config, pkgs, ... }:
{
boot.isContainer = true;
nix.useSandbox = false;
imports = [
./modules/nix.nix
./modules/gitea.nix
./modules/admin.nix
./modules/ssh.nix
];
system.stateVersion = "21.11";
networking.hostName = "gitea";
time.timeZone = "Europe/Berlin";
}

27
flake.lock Normal file
View File

@ -0,0 +1,27 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1630761588,
"narHash": "sha256-7GXckvZy7DGh2KIyfdArqwnyeSc5Owy1fumEDQyd8eY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a51aa6523bd8ee985bc70987909eff235900197a",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

17
flake.nix Normal file
View File

@ -0,0 +1,17 @@
{
description = "gitea.c3d2.de, migrated from inbert to zentralwerk by j03";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
};
outputs = { self, nixpkgs }:
{
nixosConfigurations = {
gitea = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ ./configuration.nix ];
};
};
};
}

17
migrate.sh Executable file
View File

@ -0,0 +1,17 @@
#/usr/bin/env bash -e
DUMP=gitea-dump-1630784448
USER=gitea
DATABASE=gitea
cd /tmp/
unzip ${DUMP}.zip
systemctl stop gitea
mv gitea-repositories/* /var/lib/gitea/repositories/
chown -R gitea:gitea /var/lib/gitea
psql -U $USER -d $DATABASE < gitea-db.sql
systemctl start gitea

9
modules/admin.nix Normal file
View File

@ -0,0 +1,9 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
vim tmux git htop
];
environment.variables = { EDITOR = "vim"; };
}

34
modules/gitea.nix Normal file
View File

@ -0,0 +1,34 @@
{ config, pkgs, ... }:
{
services.gitea = rec {
enable = true;
domain = "gitea.c3d2.de";
rootUrl = "https://${domain}/";
ssh.clonePort = 2222;
database = {
type = "postgres";
host = "127.0.0.1";
name = "gitea";
user = "gitea";
passwordFile = "/etc/giteaPassword";
};
repositoryRoot = "/var/lib/gitea/repositories";
#disableRegistration = true;
lfs.enable = true;
dump = {
## Is a nice feature once we have a dedicated backup storage.
## For now it is disabled, since it delays `nixos-rebuild switch`.
enable = false;
backupDir = "/var/lib/gitea/dump";
};
};
networking.firewall.allowedTCPPorts = [ 3000 2222 ];
environment.systemPackages = with pkgs; [ postgresql unzip ]; ## used to restore database dumps
}

17
modules/nix.nix Normal file
View File

@ -0,0 +1,17 @@
{ config, pkgs, nixpkgs, ... }:
{
boot.cleanTmpDir = true;
nix.package = pkgs.nixUnstable;
nix.extraOptions = "experimental-features = nix-command flakes";
nix.daemonIONiceLevel = 7;
nix.daemonNiceLevel = 19;
nix.autoOptimiseStore = true;
nix.gc = {
automatic = true;
dates = "weekly";
};
}

16
modules/ssh.nix Normal file
View File

@ -0,0 +1,16 @@
{ config, pkgs, ... }:
{
## only used to receive gitea-dump from inbert via scp
services.openssh = {
enable = true;
permitRootLogin = "prohibit-password";
};
users.users.root = {
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDW+YfsFtRz1h/0ubcKU+LyGfxH505yUkbWa5VtRFNWF2fjTAYGj6o5M4dt+fv1h370HXvvOBtt8sIlWQgMsD10+9mvjdXWhTcpnYPx4yWuyEERE1/1BhItrog6XJKAedbCDpQQ+POoewouiHWVAUfFByPj5RXuE8zKUeIEkGev/QKrKTLnTcS8zFs/yrokf1qYYR571B3U8IPDjpV/Y1GieG3MSNaefIMCwAAup1gPkUA0XZ4A1L7NdEiUEHlceKVu9eYiWUM+wDRunBXnLHubeGyP8KmBA7PNKgml3WWRNTZjqNQk4u9Bl+Qea5eCkD8KI257EqgXYXy0QBWNyF8X j03@l302"
];
};
}