craige
/
nixos-examples
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Activity
A collection of example NixOS files that be included into configuration.nix on NixOS.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
37 Commits
1 Branch
612KB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
nixos-examples/version-management/gitea_for_NixOps.nix

gitea_for_NixOps.nix 2.2KB
Raw Permalink Normal View History

Added a production NixOps deployment
9 months ago
 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 
  1. # Example NixOps configuration for the hosts running Gitea

  2. #

  3. # Will need to be used with an appropriate sercets file. See: ../secrets.nix

  4. 

  5. { config, pkgs, lib, ... }:

  6. 

  7. {

  8. 

  9.   services.gitea = {

  10.     enable = true;                               # Enable Gitea

  11.     appName = "MyDomain: Gitea Service";         # Give the site a name

  12.     database = {

  13.       type = "postgres";                         # Database type

  14.       passwordFile = "/run/keys/gitea-dbpass";   # Where to find the password

  15.     };

  16.     domain = "source.mydomain.tld";              # Domain name

  17.     rootUrl = "https://source.mydomaain.tld/";   # Root web URL

  18.     httpPort = 3001;                             # Provided unique port

  19.     extraConfig = let

  20.       docutils =

  21.         pkgs.python37.withPackages (ps: with ps; [

  22.           docutils                               # Provides rendering of ReStructured Text files

  23.           pygments                               # Provides syntax highlighting

  24.       ]);

  25.     in ''

  26.       [mailer]

  27.       ENABLED = true

  28.       FROM = "gitea@mydomain.tld"

  29.       [service]

  30.       REGISTER_EMAIL_CONFIRM = true

  31.       [markup.restructuredtext]

  32.       ENABLED = true

  33.       FILE_EXTENSIONS = .rst

  34.       RENDER_COMMAND = ${docutils}/bin/rst2html.py

  35.       IS_INPUT_FILE = false

  36.     '';

  37.   };

  38. 

  39.   services.postgresql = {

  40.     enable = true;                # Ensure postgresql is enabled

  41.     authentication = ''

  42.       local gitea all ident map=gitea-users

  43.     '';

  44.     identMap =                    # Map the gitea user to postgresql

  45.       ''

  46.         gitea-users gitea gitea

  47.       '';

  48.   };

  49. 

  50.   services.nginx = {

  51.     enable = true;                                          # Enable Nginx

  52.     recommendedGzipSettings = true;

  53.     recommendedOptimisation = true;

  54.     recommendedProxySettings = true;

  55.     recommendedTlsSettings = true;

  56.     virtualHosts."source.MyDomain.tld" = {                  # Gitea hostname

  57.       enableACME = true;                                    # Use ACME certs

  58.       forceSSL = true;                                      # Force SSL

  59.       locations."/".proxyPass = "http://localhost:3001/";   # Proxy Gitea

  60.     };

  61.   };

  62. 

  63.   security.acme.certs = {

  64.       "source.mydomain".email = "anEmail@mydomain.tld";

  65.   };

  66. 

  67. }