diff --git a/docs/GETTING_STARTED.md b/docs/GETTING_STARTED.md index 98f97a6..d6173ca 100644 --- a/docs/GETTING_STARTED.md +++ b/docs/GETTING_STARTED.md @@ -16,13 +16,19 @@ To test the environment, you can launch a virtualized NixOS system derived from nix run '.#nixosConfigurations..config.system.build.vm' ``` -Here, `` refers to the hostname of the system you want to test (e.g., tuxcord-ca). +Here, `` refers to the hostname of the system you want to test (e.g., tuxcord-test). Note that this will create a `qcow2` image file in the current directory. Nix will automatically manage changes to the configuration and update the image file accordingly while keeping part of its mutable state (e.g., root bash history). > [!WARNING] > Not all changes are applied automatically. Updates such as user passwords changes or modifications to the filesystem layout will require deleting the image file so that Nix can re-create it from scratch. +# Host + +The initial password for the `root` account is `tuxcord`. + +SSH login is enabled for the configured user keys through the bridged IP. + # Tooling Tooling used to aid in development. diff --git a/nixos/common.nix b/nixos/common.nix index 927f849..6031a36 100644 --- a/nixos/common.nix +++ b/nixos/common.nix @@ -95,7 +95,7 @@ in extraHosts = let - subdomains = [ "" ]; + subdomains = [ "" ".git" ]; in builtins.foldl' ( hosts-acc: domain-prefix: diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix index 309d42d..e8b7049 100644 --- a/nixos/modules/default.nix +++ b/nixos/modules/default.nix @@ -1,10 +1,11 @@ { imports = [ ./fail2ban.nix - ./sysctl.nix + ./gitea.nix ./host.nix ./nginx.nix ./snapper.nix ./substituters.nix + ./sysctl.nix ]; } diff --git a/nixos/modules/gitea.nix b/nixos/modules/gitea.nix new file mode 100644 index 0000000..7d33da8 --- /dev/null +++ b/nixos/modules/gitea.nix @@ -0,0 +1,27 @@ +{ config, lib, ... }: +{ + services.gitea = { + enable = true; + + appName = "Tuxcord's Gitea"; + database.type = "mysql"; + + lfs.enable = true; + + settings.server.DOMAIN = config.networking.fqdn; + # settings.server.ROOT_URL = "https://git.tuxcord.net/"; ? would also depend on ssl status + settings.server.HTTP_PORT = 3000; + + settings.service.DISABLE_REGISTRATION = true; + settings.service.REQUIRE_SIGNIN_VIEW = false; + + settings.repository.ENABLE_PUSH_CREATE_USER = true; + settings.repository.ENABLE_PUSH_CREATE_ORG = true; + settings.repository.DEFAULT_BRANCH = "main"; + + # settings.ui.DEFAULT_THEME = "..."; + + # TODO: once we have email setup this would be nice + settings.mailer.ENABLED = true; + }; +} diff --git a/nixos/modules/nginx.nix b/nixos/modules/nginx.nix index 38ff082..3cb816a 100644 --- a/nixos/modules/nginx.nix +++ b/nixos/modules/nginx.nix @@ -28,5 +28,9 @@ in # root = "/var/www/myhost.org"; # default = true; # }; + + virtualHosts."git.${fqdn}" = mkVhost { + locations."/" = mkProxy config.services.gitea.settings.server.HTTP_PORT; + }; }; }