diff --git a/hosts/butterfly/services/default.nix b/hosts/butterfly/services/default.nix index d6f75e1..b7d96af 100644 --- a/hosts/butterfly/services/default.nix +++ b/hosts/butterfly/services/default.nix @@ -1,5 +1,7 @@ {...}: { imports = [ ./nginx.nix + ./forgejo.nix + ./vaultwarden.nix ]; } diff --git a/hosts/butterfly/services/forgejo.nix b/hosts/butterfly/services/forgejo.nix index d5d680d..d1dec7e 100644 --- a/hosts/butterfly/services/forgejo.nix +++ b/hosts/butterfly/services/forgejo.nix @@ -1,10 +1,39 @@ -{...}: { +{ + config, + lib, + ... +}: let + cfg = config.services.forgejo; +in { + # REF: https://github.com/NixOS/nixpkgs/blob/nixos-25.11/nixos/modules/services/misc/forgejo.nix + # REF: forgejo doesn't create the user/group by default if its name isn't "forgejo" + users.users = lib.mkIf (cfg.user != "forgejo") { + ${cfg.user} = { + home = cfg.stateDir; + useDefaultShell = true; + group = cfg.group; + isSystemUser = true; + }; + }; + users.groups = lib.mkIf (cfg.group != "forgejo") { + ${cfg.group} = {}; + }; + # more options here: https://mynixos.com/nixpkgs/options/services.forgejo # TODO: set a favicon https://forgejo.org/docs/next/contributor/customization/#changing-the-logo # (might need me to override settings in the nixpkg) # TODO: create a custom theme for forgejo (modify the source files most likely) services.forgejo = { enable = true; + + # XXX: WARNING: XXX: WARNING: XXX: TODO: set user="git" and settings.server.SSH_PORT=22 + # XXX: WARNING: XXX: WARNING: XXX: TODO: (currently both cause errors) + # XXX: WARNING: XXX: WARNING: XXX: TODO: THE USER FAILS I THINK CAUSE THE DIRECTORY DOESNT CHANGE THE USER PERMISSIONS + + user = "git"; # user forgejo runs as + # group = "forgejo"; # group forgejo runs as + # stateDir = "/var/lib/forgejo"; + # enable support for Git Large File Storage lfs.enable = true; database = { @@ -17,9 +46,9 @@ settings = { server = { # ENABLE_ACME = true; - # ACME_EMAIL = "eclarkboman@gmail.com"; # change this to "me@imbored.dev" - DOMAIN = "dobutterfliescry.net"; # should this be "imbored.dev"? - ROOT_URL = "https://forge.dobutterfliescry.net"; # full public URL of the Forgejo server + # ACME_EMAIL = "them@dobutterfliescry.net"; + DOMAIN = "tearforge.net"; + ROOT_URL = "https://tearforge.net"; # address and port to listen on HTTP_ADDR = "127.0.0.1"; HTTP_PORT = 3000; @@ -40,7 +69,7 @@ DEFAULT_PRIVATE = "private"; # last, private, public # repo/org created on push to non-existent ENABLE_PUSH_CREATE_USER = true; - ENABLE_PUSH_CREATE_ORG = false; + ENABLE_PUSH_CREATE_ORG = true; DEFAULT_PUSH_CREATE_PRIVATE = true; MAX_CREATION_LIMIT = -1; }; @@ -67,7 +96,7 @@ "ui.meta" = { AUTHOR = "Emile Clark-Boman - emileclarkb"; DESCRIPTION = "This is my personal self-hosted git forge, where I keep and maintain personal projects! PS do butterflies cry when they're sad?"; - KEYWORDS = "emile,clark,boman,clarkboman,emileclarkb,git,forge,forgejo,self-hosted,dobutterfliescry,butterfly,butterflies"; + KEYWORDS = "emile,clark,boman,clarkboman,emileclarkb,git,forge,forgejo,self-hosted,dobutterfliescry,butterfly,butterflies,cry,tearforge"; }; markdown = { @@ -119,12 +148,11 @@ # email.incoming = { ... }; # optional - # TODO: fill this in once my mail server is configured mailer = { ENABLED = false; - SMTP_ADDR = "mail.dobutterfliescry.net"; - FROM = "iforgor@dobutterfliescry.net"; - USER = "iforgor@dobutterfliescry.net"; + SMTP_ADDR = "mail.tearforge.net"; + FROM = "noreply@tearforge.net"; + USER = "noreply@tearforge.net"; }; log = { diff --git a/hosts/butterfly/services/nginx.nix b/hosts/butterfly/services/nginx.nix index 5dcb5c6..9d5bc08 100644 --- a/hosts/butterfly/services/nginx.nix +++ b/hosts/butterfly/services/nginx.nix @@ -43,16 +43,15 @@ locations."/".proxyPass = "${localhost}:8222"; } // std; - # "tearforge.net" = - # { - # forceSSL = true; - # extraConfig = '' - # client_max_body_size 512M; - # ''; - # locations."/".proxyPass = "${localhost}:3000"; - # } - # // std; - # "tearforge.net" = forge; + "tearforge.net" = + { + forceSSL = true; + extraConfig = '' + client_max_body_size 512M; + ''; + locations."/".proxyPass = "${localhost}:3000"; + } + // std; }; }; }