gitea: format, enable declarative ldap
This commit is contained in:
parent
e39aed92b4
commit
76883a973b
|
@ -1,10 +1,12 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, libS, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
c3d2.deployment.server = "server10";
|
c3d2.deployment.server = "server10";
|
||||||
|
|
||||||
microvm.mem = 4 * 1024;
|
microvm.mem = 4 * 1024;
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [ postgresql unzip ]; # used to restore database dumps
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "gitea";
|
hostName = "gitea";
|
||||||
firewall.allowedTCPPorts = [ 2222 ];
|
firewall.allowedTCPPorts = [ 2222 ];
|
||||||
|
@ -14,20 +16,23 @@
|
||||||
gitea = rec {
|
gitea = rec {
|
||||||
enable = true;
|
enable = true;
|
||||||
appName = "Gitea: with a cup of Kolle Mate";
|
appName = "Gitea: with a cup of Kolle Mate";
|
||||||
domain = "gitea.c3d2.de";
|
|
||||||
rootUrl = "https://${domain}/";
|
|
||||||
|
|
||||||
database.type = "postgres";
|
database.type = "postgres";
|
||||||
|
domain = "gitea.c3d2.de";
|
||||||
repositoryRoot = "/var/lib/gitea/repositories";
|
|
||||||
|
|
||||||
lfs.enable = true;
|
lfs.enable = true;
|
||||||
|
repositoryRoot = "/var/lib/gitea/repositories";
|
||||||
|
rootUrl = "https://${domain}/";
|
||||||
|
|
||||||
dump = {
|
dump = {
|
||||||
# Is a nice feature once we have a dedicated backup storage.
|
# Is a nice feature once we have a dedicated backup storage.
|
||||||
# For now it is disabled, since it delays `nixos-rebuild switch`.
|
# For now it is disabled, since it delays `nixos-rebuild switch`.
|
||||||
enable = false;
|
enable = false;
|
||||||
backupDir = "/var/lib/gitea/dump";
|
backupDir = "/var/backup/gitea/";
|
||||||
|
};
|
||||||
|
|
||||||
|
ldap = {
|
||||||
|
enable = true;
|
||||||
|
adminGroup = "gitea-admins";
|
||||||
|
bindPasswordFile = config.sops.secrets."gitea/ldapSearchUserPassword".path;
|
||||||
};
|
};
|
||||||
|
|
||||||
settings = {
|
settings = {
|
||||||
|
@ -124,6 +129,11 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
sops = {
|
||||||
|
defaultSopsFile = ./secrets.yaml;
|
||||||
|
secrets."gitea/ldapSearchUserPassword" = libS.sops.permissionForUser "gitea";
|
||||||
|
};
|
||||||
|
|
||||||
programs.msmtp = {
|
programs.msmtp = {
|
||||||
enable = true;
|
enable = true;
|
||||||
accounts.default = {
|
accounts.default = {
|
||||||
|
@ -137,7 +147,5 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [ postgresql unzip ]; # used to restore database dumps
|
|
||||||
|
|
||||||
system.stateVersion = "21.11";
|
system.stateVersion = "21.11";
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue