From c052f9172a69346d4e49a7740b1a43463c6f491f Mon Sep 17 00:00:00 2001 From: Alexander Tomokhov Date: Mon, 4 Dec 2023 15:59:22 +0400 Subject: [PATCH] move gitea to SP module --- configuration.nix | 1 - git/gitea.nix | 71 ------------------- sp-modules/gitea/config-paths-needed.json | 5 ++ sp-modules/gitea/flake.nix | 9 +++ sp-modules/gitea/module.nix | 84 +++++++++++++++++++++++ userdata-variables.nix | 4 -- variables-module.nix | 10 --- 7 files changed, 98 insertions(+), 86 deletions(-) delete mode 100644 git/gitea.nix create mode 100644 sp-modules/gitea/config-paths-needed.json create mode 100644 sp-modules/gitea/flake.nix create mode 100644 sp-modules/gitea/module.nix diff --git a/configuration.nix b/configuration.nix index 525c4e6..c440357 100644 --- a/configuration.nix +++ b/configuration.nix @@ -9,7 +9,6 @@ ./webserver/nginx.nix ./webserver/memcached.nix # ./resources/limits.nix - ./git/gitea.nix ]; fileSystems."/".options = [ "noatime" ]; diff --git a/git/gitea.nix b/git/gitea.nix deleted file mode 100644 index ebdd8b1..0000000 --- a/git/gitea.nix +++ /dev/null @@ -1,71 +0,0 @@ -{ config, lib, pkgs, ... }: -let - cfg = config.selfprivacy; -in -{ - fileSystems = lib.mkIf cfg.useBinds { - "/var/lib/gitea" = { - device = "/volumes/${cfg.gitea.location}/gitea"; - options = [ "bind" ]; - }; - }; - services = { - gitea = { - enable = cfg.gitea.enable; - stateDir = "/var/lib/gitea"; -# log = { -# rootPath = "/var/lib/gitea/log"; -# level = "Warn"; -# }; - user = "gitea"; - database = { - type = "sqlite3"; - host = "127.0.0.1"; - name = "gitea"; - user = "gitea"; - path = "/var/lib/gitea/data/gitea.db"; - createDatabase = true; - }; - # ssh = { - # enable = true; - # clonePort = 22; - # }; - lfs = { - enable = true; - contentDir = "/var/lib/gitea/lfs"; - }; - appName = "SelfPrivacy git Service"; - repositoryRoot = "/var/lib/gitea/repositories"; - domain = "git.${cfg.domain}"; - rootUrl = "https://git.${cfg.domain}/"; - httpAddress = "0.0.0.0"; - httpPort = 3000; -# cookieSecure = true; - settings = { - mailer = { - ENABLED = false; - }; - ui = { - DEFAULT_THEME = "arc-green"; - SHOW_USER_EMAIL = false; - }; - picture = { - DISABLE_GRAVATAR = true; - }; - admin = { - ENABLE_KANBAN_BOARD = true; - }; - repository = { - FORCE_PRIVATE = false; - }; - session = { - COOKIE_SECURE = true; - }; - log = { - ROOT_PATH = "/var/lib/gitea/log"; - LEVEL = "Warn"; - }; - }; - }; - }; -} diff --git a/sp-modules/gitea/config-paths-needed.json b/sp-modules/gitea/config-paths-needed.json new file mode 100644 index 0000000..cdbf856 --- /dev/null +++ b/sp-modules/gitea/config-paths-needed.json @@ -0,0 +1,5 @@ +[ + [ "selfprivacy", "domain" ], + [ "selfprivacy", "useBinds" ], + [ "selfprivacy", "modules", "gitea" ] +] diff --git a/sp-modules/gitea/flake.nix b/sp-modules/gitea/flake.nix new file mode 100644 index 0000000..dd9857d --- /dev/null +++ b/sp-modules/gitea/flake.nix @@ -0,0 +1,9 @@ +{ + description = "PoC SP module for Gitea forge service"; + + outputs = { self }: { + nixosModules.default = import ./module.nix; + configPathsNeeded = + builtins.fromJSON (builtins.readFile ./config-paths-needed.json); + }; +} diff --git a/sp-modules/gitea/module.nix b/sp-modules/gitea/module.nix new file mode 100644 index 0000000..f5e24f5 --- /dev/null +++ b/sp-modules/gitea/module.nix @@ -0,0 +1,84 @@ +{ config, lib, ... }: +let + sp = config.selfprivacy; +in +{ + options.selfprivacy.modules.gitea = { + enable = lib.mkOption { + default = false; + type = with lib.types; nullOr bool; + }; + location = lib.mkOption { + default = "sda1"; + type = with lib.types; nullOr str; + }; + }; + + config = lib.mkIf config.selfprivacy.modules.gitea.enable { + fileSystems = lib.mkIf sp.useBinds { + "/var/lib/gitea" = { + device = "/volumes/${sp.modules.gitea.location}/gitea"; + options = [ "bind" ]; + }; + }; + services = { + gitea = { + enable = true; + stateDir = "/var/lib/gitea"; + # log = { + # rootPath = "/var/lib/gitea/log"; + # level = "Warn"; + # }; + user = "gitea"; + database = { + type = "sqlite3"; + host = "127.0.0.1"; + name = "gitea"; + user = "gitea"; + path = "/var/lib/gitea/data/gitea.db"; + createDatabase = true; + }; + # ssh = { + # enable = true; + # clonePort = 22; + # }; + lfs = { + enable = true; + contentDir = "/var/lib/gitea/lfs"; + }; + appName = "SelfPrivacy git Service"; + repositoryRoot = "/var/lib/gitea/repositories"; + domain = "git.${sp.domain}"; + rootUrl = "https://git.${sp.domain}/"; + httpAddress = "0.0.0.0"; + httpPort = 3000; + # cookieSecure = true; + settings = { + mailer = { + ENABLED = false; + }; + ui = { + DEFAULT_THEME = "arc-green"; + SHOW_USER_EMAIL = false; + }; + picture = { + DISABLE_GRAVATAR = true; + }; + admin = { + ENABLE_KANBAN_BOARD = true; + }; + repository = { + FORCE_PRIVATE = false; + }; + session = { + COOKIE_SECURE = true; + }; + log = { + ROOT_PATH = "/var/lib/gitea/log"; + LEVEL = "Warn"; + }; + }; + }; + }; + }; +} diff --git a/userdata-variables.nix b/userdata-variables.nix index baa23f8..f2d9775 100644 --- a/userdata-variables.nix +++ b/userdata-variables.nix @@ -18,10 +18,6 @@ jsonData: { lib, ... }: server = { provider = lib.attrsets.attrByPath [ "server" "provider" ] "HETZNER" jsonData; }; - gitea = { - enable = lib.attrsets.attrByPath [ "gitea" "enable" ] false jsonData; - location = lib.attrsets.attrByPath [ "gitea" "location" ] "sda1" jsonData; - }; ssh = { enable = lib.attrsets.attrByPath [ "ssh" "enable" ] true jsonData; rootKeys = lib.attrsets.attrByPath [ "ssh" "rootKeys" ] [ "" ] jsonData; diff --git a/variables-module.nix b/variables-module.nix index 92c6b5e..da509d0 100644 --- a/variables-module.nix +++ b/variables-module.nix @@ -115,16 +115,6 @@ with lib; type = types.nullOr types.str; }; }; - gitea = { - enable = mkOption { - default = false; - type = types.nullOr types.bool; - }; - location = mkOption { - default = "sda1"; - type = types.nullOr types.str; - }; - }; ######### # SSH # #########