{ config, pkgs, ... }:

{
  services.gitea = rec {
    enable = true;
    domain = "gitea.c3d2.de";
    rootUrl = "https://${domain}/";
    ssh.clonePort = 2222;

    database = {
      type = "postgres";
      host = "127.0.0.1";
      name = "gitea";
      user = "gitea";
      passwordFile = "/etc/giteaPassword";
    };
    repositoryRoot = "/var/lib/gitea/repositories";

    #disableRegistration = true;

    lfs.enable = true;

    dump = {
      ## Is a nice feature once we have a dedicated backup storage.
      ## For now it is disabled, since it delays `nixos-rebuild switch`.
      enable = false;
      backupDir = "/var/lib/gitea/dump";
    };
  };

  networking.firewall.allowedTCPPorts = [ 3000 2222 ];

  environment.systemPackages = with pkgs; [ postgresql unzip ];  ## used to restore database dumps
}