A collection of example NixOS files that be included into configuration.nix on NixOS.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

gitea_for_NixOps.nix 2.2KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667
  1. # Example NixOps configuration for the hosts running Gitea
  2. #
  3. # Will need to be used with an appropriate sercets file. See: ../secrets.nix
  4. { config, pkgs, lib, ... }:
  5. {
  6. services.gitea = {
  7. enable = true; # Enable Gitea
  8. appName = "MyDomain: Gitea Service"; # Give the site a name
  9. database = {
  10. type = "postgres"; # Database type
  11. passwordFile = "/run/keys/gitea-dbpass"; # Where to find the password
  12. };
  13. domain = "source.mydomain.tld"; # Domain name
  14. rootUrl = "https://source.mydomaain.tld/"; # Root web URL
  15. httpPort = 3001; # Provided unique port
  16. extraConfig = let
  17. docutils =
  18. pkgs.python37.withPackages (ps: with ps; [
  19. docutils # Provides rendering of ReStructured Text files
  20. pygments # Provides syntax highlighting
  21. ]);
  22. in ''
  23. [mailer]
  24. ENABLED = true
  25. FROM = "gitea@mydomain.tld"
  26. [service]
  27. REGISTER_EMAIL_CONFIRM = true
  28. [markup.restructuredtext]
  29. ENABLED = true
  30. FILE_EXTENSIONS = .rst
  31. RENDER_COMMAND = ${docutils}/bin/rst2html.py
  32. IS_INPUT_FILE = false
  33. '';
  34. };
  35. services.postgresql = {
  36. enable = true; # Ensure postgresql is enabled
  37. authentication = ''
  38. local gitea all ident map=gitea-users
  39. '';
  40. identMap = # Map the gitea user to postgresql
  41. ''
  42. gitea-users gitea gitea
  43. '';
  44. };
  45. services.nginx = {
  46. enable = true; # Enable Nginx
  47. recommendedGzipSettings = true;
  48. recommendedOptimisation = true;
  49. recommendedProxySettings = true;
  50. recommendedTlsSettings = true;
  51. virtualHosts."source.MyDomain.tld" = { # Gitea hostname
  52. enableACME = true; # Use ACME certs
  53. forceSSL = true; # Force SSL
  54. locations."/".proxyPass = "http://localhost:3001/"; # Proxy Gitea
  55. };
  56. };
  57. security.acme.certs = {
  58. "source.mydomain".email = "anEmail@mydomain.tld";
  59. };
  60. }