A collection of example NixOS files that be included into configuration.nix on NixOS.
Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.

67 rader
2.2 KiB

# Example NixOps configuration for the hosts running Gitea
#
# Will need to be used with an appropriate sercets file. See: ../secrets.nix
{ config, pkgs, lib, ... }:
{
services.gitea = {
enable = true; # Enable Gitea
appName = "MyDomain: Gitea Service"; # Give the site a name
database = {
type = "postgres"; # Database type
passwordFile = "/run/keys/gitea-dbpass"; # Where to find the password
};
domain = "source.mydomain.tld"; # Domain name
rootUrl = "https://source.mydomaain.tld/"; # Root web URL
httpPort = 3001; # Provided unique port
extraConfig = let
docutils =
pkgs.python37.withPackages (ps: with ps; [
docutils # Provides rendering of ReStructured Text files
pygments # Provides syntax highlighting
]);
in ''
[mailer]
ENABLED = true
FROM = "gitea@mydomain.tld"
[service]
REGISTER_EMAIL_CONFIRM = true
[markup.restructuredtext]
ENABLED = true
FILE_EXTENSIONS = .rst
RENDER_COMMAND = ${docutils}/bin/rst2html.py
IS_INPUT_FILE = false
'';
};
services.postgresql = {
enable = true; # Ensure postgresql is enabled
authentication = ''
local gitea all ident map=gitea-users
'';
identMap = # Map the gitea user to postgresql
''
gitea-users gitea gitea
'';
};
services.nginx = {
enable = true; # Enable Nginx
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."source.MyDomain.tld" = { # Gitea hostname
enableACME = true; # Use ACME certs
forceSSL = true; # Force SSL
locations."/".proxyPass = "http://localhost:3001/"; # Proxy Gitea
};
};
security.acme.certs = {
"source.mydomain".email = "anEmail@mydomain.tld";
};
}