From 9c80f178f711911bbbbbdf0a9909301891921d10 Mon Sep 17 00:00:00 2001 From: javalsai Date: Sat, 2 May 2026 23:40:07 +0200 Subject: [PATCH] nixos/services: add gitea server --- docs/GETTING_STARTED.md | 8 +++++++- nixos/common.nix | 2 +- nixos/modules/default.nix | 3 ++- nixos/modules/gitea.nix | 27 +++++++++++++++++++++++++++ nixos/modules/nginx.nix | 4 ++++ 5 files changed, 41 insertions(+), 3 deletions(-) create mode 100644 nixos/modules/gitea.nix diff --git a/docs/GETTING_STARTED.md b/docs/GETTING_STARTED.md index 98f97a6..d6173ca 100644 --- a/docs/GETTING_STARTED.md +++ b/docs/GETTING_STARTED.md @@ -16,13 +16,19 @@ To test the environment, you can launch a virtualized NixOS system derived from nix run '.#nixosConfigurations..config.system.build.vm' ``` -Here, `` refers to the hostname of the system you want to test (e.g., tuxcord-ca). +Here, `` refers to the hostname of the system you want to test (e.g., tuxcord-test). Note that this will create a `qcow2` image file in the current directory. Nix will automatically manage changes to the configuration and update the image file accordingly while keeping part of its mutable state (e.g., root bash history). > [!WARNING] > Not all changes are applied automatically. Updates such as user passwords changes or modifications to the filesystem layout will require deleting the image file so that Nix can re-create it from scratch. +# Host + +The initial password for the `root` account is `tuxcord`. + +SSH login is enabled for the configured user keys through the bridged IP. + # Tooling Tooling used to aid in development. diff --git a/nixos/common.nix b/nixos/common.nix index b8c91c2..0fc7e03 100644 --- a/nixos/common.nix +++ b/nixos/common.nix @@ -95,7 +95,7 @@ in extraHosts = let - subdomains = [ "" ]; + subdomains = [ "" ".git" ]; in builtins.foldl' ( hosts-acc: domain-prefix: diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix index 309d42d..e8b7049 100644 --- a/nixos/modules/default.nix +++ b/nixos/modules/default.nix @@ -1,10 +1,11 @@ { imports = [ ./fail2ban.nix - ./sysctl.nix + ./gitea.nix ./host.nix ./nginx.nix ./snapper.nix ./substituters.nix + ./sysctl.nix ]; } diff --git a/nixos/modules/gitea.nix b/nixos/modules/gitea.nix new file mode 100644 index 0000000..7d33da8 --- /dev/null +++ b/nixos/modules/gitea.nix @@ -0,0 +1,27 @@ +{ config, lib, ... }: +{ + services.gitea = { + enable = true; + + appName = "Tuxcord's Gitea"; + database.type = "mysql"; + + lfs.enable = true; + + settings.server.DOMAIN = config.networking.fqdn; + # settings.server.ROOT_URL = "https://git.tuxcord.net/"; ? would also depend on ssl status + settings.server.HTTP_PORT = 3000; + + settings.service.DISABLE_REGISTRATION = true; + settings.service.REQUIRE_SIGNIN_VIEW = false; + + settings.repository.ENABLE_PUSH_CREATE_USER = true; + settings.repository.ENABLE_PUSH_CREATE_ORG = true; + settings.repository.DEFAULT_BRANCH = "main"; + + # settings.ui.DEFAULT_THEME = "..."; + + # TODO: once we have email setup this would be nice + settings.mailer.ENABLED = true; + }; +} diff --git a/nixos/modules/nginx.nix b/nixos/modules/nginx.nix index 38ff082..3cb816a 100644 --- a/nixos/modules/nginx.nix +++ b/nixos/modules/nginx.nix @@ -28,5 +28,9 @@ in # root = "/var/www/myhost.org"; # default = true; # }; + + virtualHosts."git.${fqdn}" = mkVhost { + locations."/" = mkProxy config.services.gitea.settings.server.HTTP_PORT; + }; }; }