A collection of example NixOS files that be included into configuration.nix on NixOS.
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.

68 linhas
2.2KB

  1. # Example NixOps configuration for the hosts running Gitea
  2. #
  3. # Will need to be used with an appropriate sercets file. See: ../secrets.nix
  4. { config, pkgs, lib, ... }:
  5. {
  6. services.gitea = {
  7. enable = true; # Enable Gitea
  8. appName = "MyDomain: Gitea Service"; # Give the site a name
  9. database = {
  10. type = "postgres"; # Database type
  11. passwordFile = "/run/keys/gitea-dbpass"; # Where to find the password
  12. };
  13. domain = "source.mydomain.tld"; # Domain name
  14. rootUrl = "https://source.mydomaain.tld/"; # Root web URL
  15. httpPort = 3001; # Provided unique port
  16. extraConfig = let
  17. docutils =
  18. pkgs.python37.withPackages (ps: with ps; [
  19. docutils # Provides rendering of ReStructured Text files
  20. pygments # Provides syntax highlighting
  21. ]);
  22. in ''
  23. [mailer]
  24. ENABLED = true
  25. FROM = "gitea@mydomain.tld"
  26. [service]
  27. REGISTER_EMAIL_CONFIRM = true
  28. [markup.restructuredtext]
  29. ENABLED = true
  30. FILE_EXTENSIONS = .rst
  31. RENDER_COMMAND = ${docutils}/bin/rst2html.py
  32. IS_INPUT_FILE = false
  33. '';
  34. };
  35. services.postgresql = {
  36. enable = true; # Ensure postgresql is enabled
  37. authentication = ''
  38. local gitea all ident map=gitea-users
  39. '';
  40. identMap = # Map the gitea user to postgresql
  41. ''
  42. gitea-users gitea gitea
  43. '';
  44. };
  45. services.nginx = {
  46. enable = true; # Enable Nginx
  47. recommendedGzipSettings = true;
  48. recommendedOptimisation = true;
  49. recommendedProxySettings = true;
  50. recommendedTlsSettings = true;
  51. virtualHosts."source.MyDomain.tld" = { # Gitea hostname
  52. enableACME = true; # Use ACME certs
  53. forceSSL = true; # Force SSL
  54. locations."/".proxyPass = "http://localhost:3001/"; # Proxy Gitea
  55. };
  56. };
  57. security.acme.certs = {
  58. "source.mydomain".email = "anEmail@mydomain.tld";
  59. };
  60. }