AtaraxiaDev/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add gitea

Browse Source
This commit is contained in:
Dmitriy Kholkin 2022-03-10 19:12:07 +03:00
parent 47a19a007d
commit 537c46caf6
4 changed files with 48 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
machines/NixOS-CT/default.nix
View File

@ -3,10 +3,10 @@
./hardware-configuration.nix ./hardware-configuration.nix
inputs.self.nixosRoles.container inputs.self.nixosRoles.container
nginx
coturn
fail2ban fail2ban
gitea
mailserver mailserver
nginx
vaultwarden vaultwarden
]; ];

33
profiles/servers/gitea.nix Normal file
View File

@ -0,0 +1,33 @@
{ pkgs, config, lib, ... }:
{
secrets.gitea = {
owner = "gitea";
};
services.gitea = {
enable = true;
appName = "AtaraxiaDev's Gitea Instance";
cookieSecure = true;
database = {
type = "postgres";
passwordFile = config.secrets.gitea.decrypted;
};
disableRegistration = true;
domain = "code.ataraxiadev.com";
httpPort = 6000;
lfs.enable = true;
rootUrl = "https://code.ataraxiadev.com";
stateDir = "/gitea/data";
# ssh = {
# enable = true;
# clonePort = 2222;
# };
# settings = {
# server = {
# START_SSH_SERVER = true;
# SSH_LISTEN_HOST = "0.0.0.0";
# SSH_LISTEN_PORT = 2222;
# };
# };
};
}

18
profiles/servers/nginx.nix
View File

@ -1,7 +1,7 @@
{ config, lib, pkgs, ... }: { { config, lib, pkgs, ... }: {
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
email = "ataraxiadev@ataraxiadev.com"; defaults.email = "ataraxiadev@ataraxiadev.com";
certs = { certs = {
"ataraxiadev.com" = { "ataraxiadev.com" = {
webroot = "/var/lib/acme/acme-challenge"; webroot = "/var/lib/acme/acme-challenge";
@ -15,6 +15,7 @@
"stats.ataraxiadev.com" "stats.ataraxiadev.com"
"startpage.ataraxiadev.com" "startpage.ataraxiadev.com"
"vw.ataraxiadev.com" "vw.ataraxiadev.com"
"code.ataraxiadev.com"
]; ];
}; };
}; };
@ -57,7 +58,7 @@
extraConfig = '' extraConfig = ''
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
''; '';
} // hardened; };
} // default; } // default;
"matrix:443" = { "matrix:443" = {
serverAliases = [ serverAliases = [
@ -75,8 +76,8 @@
ssl = true; ssl = true;
}]; }];
locations."/" = { locations."/" = {
proxyPass = "http://matrix-ct:81"; proxyPass = "http://matrix.pve:81";
} // proxySettings // hardened; } // proxySettings;
} // default; } // default;
"matrix:8448" = { "matrix:8448" = {
serverAliases = [ "matrix.ataraxiadev.com" ]; serverAliases = [ "matrix.ataraxiadev.com" ];
@ -86,8 +87,8 @@
ssl = true; ssl = true;
}]; }];
locations."/" = { locations."/" = {
proxyPass = "http://matrix-ct:8449"; proxyPass = "http://matrix.pve:8449";
} // proxySettings // hardened; } // proxySettings;
} // default; } // default;
"startpage.ataraxiadev.com" = { "startpage.ataraxiadev.com" = {
locations."/" = { locations."/" = {
@ -112,6 +113,11 @@
proxyPass = "http://localhost:8812"; proxyPass = "http://localhost:8812";
} // proxySettings // hardened; } // proxySettings // hardened;
} // default; } // default;
"code.ataraxiadev.com" = {
locations."/" = {
proxyPass = "http://localhost:6000";
} // proxySettings // hardened;
} // default;
}; };
}; };

2
profiles/servers/vaultwarden.nix
View File

@ -6,7 +6,7 @@
services.vaultwarden = { services.vaultwarden = {
enable = true; enable = true;
backupDir = "/backups/vaultwarden"; # backupDir = "/backups/vaultwarden";
config = { config = {
domain = "https://vw.ataraxiadev.com"; domain = "https://vw.ataraxiadev.com";
extendedLogging = true; extendedLogging = true;