nix/machines
1
0
Fork 0
Code Issues Releases Packages Activity Actions
machines/nix/systems/aarch64-linux/kas.codes/forgejo/default.nix
Kaare Hoff Skovgaard 1f88fa3c49
Some checks failed
/ dev-shell (push) Successful in 43s
Details
/ terraform-providers (push) Successful in 47s
Details
/ check (push) Failing after 1m55s
Details
/ rust-packages (push) Successful in 48s
Details
/ systems (push) Successful in 4m9s
Details
Move kas.codes over to using mx.kaareskovgaard.net
2025-08-01 02:04:06 +02:00

198 lines
5.5 KiB
Nix
Raw Blame History

{ config, pkgs, ... }:
let
home_forgejo = pkgs.writeText "home_forgejo.tmpl" ''
<div class="ui stackable middle very relaxed page grid">
<div class="eight wide center column">
<h1 class="hero ui icon header">
{{svg "octicon-person"}}
</h1>
<p class="large">
This is just a personal self hosted software forge for my projects. I might publish a few things here for public consumption.
</p>
</div>
<div class="eight wide center column">
<h1 class="hero ui icon header">
{{svg "octicon-code"}}
</h1>
<p class="large">
This server is running <a target="_blank" rel="noopener noreferrer" href="https://forgejo.org">Forgejo</a>. Click the link to learn more.
</p>
</div>
</div>
'';
# This simply has the <h2> tag removed.
home = pkgs.writeText "home.tmpl" ''
{{template "base/head" .}}
<div role="main" aria-label="{{if .IsSigned}}{{ctx.Locale.Tr "dashboard"}}{{else}}{{ctx.Locale.Tr "home"}}{{end}}" class="page-content home">
<div class="tw-mb-8 tw-px-8">
<div class="center">
<img class="logo" width="220" height="220" src="{{AssetUrlPrefix}}/img/logo.svg" alt="{{ctx.Locale.Tr "logo"}}">
<div class="hero">
<h1 class="ui icon header title">
{{AppDisplayName}}
</h1>
</div>
</div>
</div>
{{template "home_forgejo" .}}
</div>
{{template "base/footer" .}}
'';
in
{
imports = [
./oauth.nix
./smtp.nix
];
services.forgejo = {
enable = true;
user = "git";
group = "git";
settings = {
DEFAULT = {
APP_NAME = "KAS: Codes";
};
metrics = {
ENABLED = true;
};
server = rec {
DOMAIN = "kas.codes";
ROOT_URL = "https://${DOMAIN}";
};
session = {
COOKIE_SECURE = true;
};
service = {
DISABLE_REGISTRATION = true;
ENABLE_INTERNAL_SIGNIN = false;
};
repository = {
DEFAULT_REPO_UNITS = "repo.code,repo.releases,repo.issues,repo.packages,repo.actions";
};
"ui.meta" = {
AUTHOR = "Kaare Hoff Skovgaard <kaare@kaareskovgaard.net>";
DESCRIPTION = "A self-hosted software forge for KAS/KHS";
KEYWORDS = "khs,kas,kastermester,code";
};
actions = {
DEFAULT_ACTIONS_URL = "https://kas.codes";
};
oauth2_client = {
ENABLE_AUTO_REGISTRATION = true;
USERNAME = "nickname";
ACCOUNT_LINKING = "disabled";
REGISTER_EMAIL_CONFIRM = false;
};
};
lfs = {
enable = true;
};
database = {
type = "postgres";
user = "git";
name = "git";
};
dump = {
enable = true;
file = "forgejo-dump";
};
};
systemd.services.write-forgejo-templates = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
before = [ "forgejo.service" ];
serviceConfig = {
Type = "oneshot";
ExecStart = pkgs.lib.getExe (
pkgs.writeShellApplication {
name = "write-forgejo-templates";
runtimeInputs = [ pkgs.uutils-coreutils-noprefix ];
text = ''
if [ ! -d /var/lib/forgejo/custom/templates ]; then
mkdir /var/lib/forgejo/custom/templates
fi
ln -sf ${home_forgejo} /var/lib/forgejo/custom/templates/home_forgejo.tmpl
ln -sf ${home} /var/lib/forgejo/custom/templates/home.tmpl
'';
}
);
};
};
users.users.forgejo-backup = {
isNormalUser = true;
home = "/home/forgejo-backup";
group = "forgejo-backup";
createHome = true;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/hn4Q1+5KpViol+Kk7bUvWrka2hhKEXqUJVY0quQLu forgejo-backup@truenas.kaareskovgaard.net"
];
};
users.groups.forgejo-backup = { };
systemd.timers.forgejo-dump = {
timerConfig = {
Unit = "forgejo-copy-dump.service";
};
};
systemd.services.forgejo-copy-dump = {
requires = [ "forgejo-dump.service" ];
after = [ "forgejo-dump.service" ];
wantedBy = [ "timers.target" ];
serviceConfig = {
Type = "oneshot";
ExecStart = pkgs.lib.getExe (
pkgs.writeShellApplication {
name = "forgejo-copy-dump";
runtimeInputs = [ pkgs.uutils-coreutils-noprefix ];
text = ''
mv /var/lib/forgejo/dump/forgejo-dump.zip /home/forgejo-backup/dump.zip
chown forgejo-backup:forgejo-backup /home/forgejo-backup/dump.zip
chmod 0640 /home/forgejo-backup/dump.zip
'';
}
);
};
};
khscodes.services.nginx = {
enable = true;
virtualHosts = {
"kas.codes" = {
extraConfig = ''
client_max_body_size 32M;
'';
locations."/" = {
proxyPass = "http://localhost:3000";
};
locations."/metrics" = {
return = "404";
};
};
};
};
users.users.git = {
isSystemUser = true;
group = "git";
home = config.services.forgejo.stateDir;
useDefaultShell = true;
};
users.groups.git = { };
environment.etc."alloy/forgejo_prometheus.alloy" = {
text = ''
prometheus.scrape "forgejo_exporter" {
scrape_interval = "1m"
targets = [
{
"__address__" = "127.0.0.1:${toString config.services.forgejo.settings.server.HTTP_PORT}",
},
]
metrics_path = "/metrics"
forward_to = [otelcol.receiver.prometheus.default.receiver]
}
'';
};
}
Reference in a new issue View git blame Copy permalink