shared-public-infra/modules/gitea.nix

35 lines
872 B
Nix

{ ... }: {
services.gitea = {
enable = true;
appName = "Newtype's Git";
mailerPasswordFile = "/var/lib/secrets/gitea/mailpw";
settings = {
server = {
ROOT_URL = "https://git.newtype.fr";
DOMAIN = "git.newtype.fr";
};
service.DISABLE_REGISTRATION = true;
session.COOKIE_SECURE = true;
mailer = {
ENABLED = true;
HOST = "mail.gandi.net:465";
USER = "git@newtype.fr";
FROM = "Newtype's Git <git@newtype.fr>";
IS_TLS_ENABLED = true;
};
};
};
services.nginx = {
enable = true;
virtualHosts."git.newtype.fr" = {
enableACME = true;
forceSSL = true;
locations."/" = { proxyPass = "http://127.0.0.1:3000"; };
};
};
security.acme.certs = { "git.newtype.fr".email = "contact@newtype.fr"; };
security.acme.acceptTerms = true;
}