diff --git a/host.nix b/host.nix
index 88c306e..75a40e6 100644
--- a/host.nix
+++ b/host.nix
@@ -11,8 +11,6 @@ let hostVolumeDir = "/var/lib/container-storage/";
(attrNames (readDir ./services)));
in genList (i: elemAt services_no_ip i // { ip = "10.10.0.${toString (i+2)}"; }) (length services_no_ip);
- secrets = import ./secrets/secrets.nix;
-
hostIp = "10.10.0.1";
in
@@ -145,6 +143,7 @@ lib.flatMap ({ name, config, ip, ports, volumes, ... }:
settings = {
experimental-features = [ "nix-command" "flakes" ];
auto-optimise-store = true;
+ trusted-users = [ "@wheel" ];
};
gc = {
automatic = true;
diff --git a/resources/gitea-custom/public/assets/img/favicon.png b/resources/gitea-custom/public/assets/img/favicon.png
new file mode 100644
index 0000000..7dfab1f
Binary files /dev/null and b/resources/gitea-custom/public/assets/img/favicon.png differ
diff --git a/resources/gitea-custom/public/assets/img/favicon.svg b/resources/gitea-custom/public/assets/img/favicon.svg
new file mode 100644
index 0000000..c6efd56
--- /dev/null
+++ b/resources/gitea-custom/public/assets/img/favicon.svg
@@ -0,0 +1,6659 @@
+
+
+
diff --git a/resources/gitea-custom/public/assets/img/logo.png b/resources/gitea-custom/public/assets/img/logo.png
new file mode 100644
index 0000000..7dfab1f
Binary files /dev/null and b/resources/gitea-custom/public/assets/img/logo.png differ
diff --git a/resources/gitea-custom/public/assets/img/logo.svg b/resources/gitea-custom/public/assets/img/logo.svg
new file mode 100644
index 0000000..c6efd56
--- /dev/null
+++ b/resources/gitea-custom/public/assets/img/logo.svg
@@ -0,0 +1,6659 @@
+
+
+
diff --git a/resources/gitea-custom/templates/custom/footer.tmpl b/resources/gitea-custom/templates/custom/footer.tmpl
new file mode 100644
index 0000000..85a8e80
--- /dev/null
+++ b/resources/gitea-custom/templates/custom/footer.tmpl
@@ -0,0 +1,10 @@
+
+
+
+Mastodon
diff --git a/resources/gitea-custom/templates/home.tmpl b/resources/gitea-custom/templates/home.tmpl
new file mode 100644
index 0000000..937bef0
--- /dev/null
+++ b/resources/gitea-custom/templates/home.tmpl
@@ -0,0 +1,17 @@
+{{template "base/head" .}}
+
+
+
+
+
+
+
+
+
git with a hug
+
+
+
+
+{{template "base/footer" .}}
diff --git a/secrets/giteaForward b/secrets/giteaForward
deleted file mode 100644
index c669f87..0000000
Binary files a/secrets/giteaForward and /dev/null differ
diff --git a/secrets/giteaForward.pub b/secrets/giteaForward.pub
deleted file mode 100644
index 1da1a4e..0000000
Binary files a/secrets/giteaForward.pub and /dev/null differ
diff --git a/secrets/gitea_mariadb_pass b/secrets/gitea_mariadb_pass
new file mode 100644
index 0000000..dbee660
Binary files /dev/null and b/secrets/gitea_mariadb_pass differ
diff --git a/secrets/gitea_postgres_pass b/secrets/gitea_postgres_pass
deleted file mode 100644
index 4b267aa..0000000
Binary files a/secrets/gitea_postgres_pass and /dev/null differ
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
deleted file mode 100644
index 557dbc0..0000000
Binary files a/secrets/secrets.nix and /dev/null differ
diff --git a/services/gitea.nix b/services/gitea.nix
index 5bc3f06..698f0b0 100644
--- a/services/gitea.nix
+++ b/services/gitea.nix
@@ -4,24 +4,33 @@
config = {
services.gitea = {
enable = true;
- appName = "My awesome Gitea server"; # Give the site a name
+ lfs.enable = true;
+ appName = "githug"; # Give the site a name
user = "git";
database = {
- type = "postgres";
- host = "postgres.containers";
- port = 5432;
+ type = "mysql";
+ host = "mariadb.containers";
+ port = 3306;
name = "gitea";
user = "gitea";
createDatabase = false;
- passwordFile = ../secrets/gitea_postgres_pass;
+ passwordFile = ../secrets/gitea_mariadb_pass;
};
- settings.server = {
- DOMAIN = "localhost";
- ROOT_URL = "http://localhost/";
- HTTP_PORT = 3001;
- };
- settings.actions = {
- ENABLED = true;
+ settings = {
+ server = {
+ # DOMAIN = "githug.xyz";
+ # ROOT_URL = "https://githug.xyz/";
+ # COOKIE_SECURE = true;
+ HTTP_PORT = 3001;
+ OFFLINE_MODE = true;
+ };
+ repository.ENABLE_PUSH_CREATE_USER = true;
+ mailer.ENABLED = false;
+ service = {
+ REGISTER_EMAIL_CONFIRM = false;
+ ENABLE_NOTIFY_EMAIL = false;
+ DISABLE_REGISTRATION = true;
+ };
};
};
@@ -41,6 +50,7 @@
};
users.groups.git = {};
+
};
ports = {
tcp = [ 3001 22 ];
@@ -53,4 +63,22 @@
name = "gitea-statedir";
mountPoint = "/var/lib/gitea";
}];
+ hostConfig = {
+ system.activationScripts.gitea-custom-files =
+ let customs = pkgs.stdenv.mkDerivation {
+ name = "gitea-custom";
+ src = ./..;
+ phases = [ "installPhase" ];
+ installPhase = ''
+ cp -r $src/resources/gitea-custom $out
+ '';
+ };
+ in ''
+ mkdir -p ${lib.hostVolumeDir}/gitea-statedir/custom
+ rm -rf ${lib.hostVolumeDir}/gitea-statedir/custom/public
+ rm -rf ${lib.hostVolumeDir}/gitea-statedir/custom/templates
+ cp -rf ${customs}/public ${lib.hostVolumeDir}/gitea-statedir/custom
+ cp -rf ${customs}/templates ${lib.hostVolumeDir}/gitea-statedir/custom
+ '';
+ };
}
diff --git a/services/mariadb.nix b/services/mariadb.nix
new file mode 100644
index 0000000..96e45f3
--- /dev/null
+++ b/services/mariadb.nix
@@ -0,0 +1,58 @@
+{ pkgs, lib, ... }: {
+ name = "mariadb";
+ config = {
+ services.mysql = {
+ enable = true;
+ package = pkgs.mariadb;
+ settings = {
+ mysqld = {
+ port = 3306;
+ };
+ mysqldump = {
+ quick = true;
+ };
+ };
+ ensureDatabases = [ "gitea" ];
+ initialScript = pkgs.writeScript "init.sql" ''
+ CREATE USER 'gitea'@'%' IDENTIFIED BY '${pkgs.lib.removeSuffix "\n"
+ (builtins.readFile ../secrets/gitea_mariadb_pass)}';
+ GRANT ALL ON gitea.* to 'gitea'@'%' WITH GRANT OPTION;
+ '';
+ ensureUsers = [
+ {
+ name = "root";
+ ensurePermissions = {
+ "*.*" = "ALL PRIVILEGES";
+ };
+ }
+ {
+ name = "mysqldump";
+ ensurePermissions = {
+ "*.*" = "SELECT, LOCK TABLES";
+ };
+ }
+ ];
+ };
+ services.mysqlBackup = {
+ enable = true;
+ singleTransaction = true;
+ };
+ };
+ ports = {
+ tcp = [ 3306 ];
+ udp = [];
+ http = null;
+ forward = [];
+ };
+ hosts = [ ];
+ volumes = [
+ {
+ name = "mariadb-storage";
+ mountPoint = "/var/lib/mysql";
+ }
+ {
+ name = "mariadb-backup";
+ mountPoint = "/var/backup/mysql";
+ }
+ ];
+}
diff --git a/services/postgres.nix b/services/postgres.nix
deleted file mode 100644
index 2dfa49a..0000000
--- a/services/postgres.nix
+++ /dev/null
@@ -1,48 +0,0 @@
-{ pkgs, lib, ... }: {
- name = "postgres";
- config = {
- services.postgresql = {
- enable = true;
- enableTCPIP = true;
- port = 5432;
- ensureDatabases = [ "gitea" ];
- ensureUsers = [
- {
- name = "gitea";
- ensureDBOwnership = true;
- }
- {
- name = "root";
- ensureClauses.superuser = true;
- }
- ];
- authentication = ''
- host all gitea 10.10.0.0/16 trust
- local all root trust
- '';
- };
- services.postgresqlBackup = {
- enable = true;
- backupAll = true;
- compression = "gzip";
- compressionLevel = 9;
- };
- };
- ports = {
- tcp = [ 5432 ];
- udp = [];
- http = null;
- forward = [];
- };
- hosts = [ ];
- volumes = [
- {
- name = "postgres-storage";
- mountPoint = "/var/lib/postgresql";
- }
- {
- name = "postgres-backup";
- mountPoint = "/var/backup/postgresql";
- }
- ];
-}
diff --git a/services/nfs.nix b/services/smb.nix
similarity index 62%
rename from services/nfs.nix
rename to services/smb.nix
index 874097c..d660185 100644
--- a/services/nfs.nix
+++ b/services/smb.nix
@@ -1,14 +1,7 @@
{ pkgs, lib, ... }:
{
- name = "gitea";
+ name = "smb";
config = {
- services.nfs.server = {
- enable = true;
- createMountPoints = true;
- exports = ''
- /srv/nfs/music 192.168.0.0/16(rw,sync,no_subtree_check) *(ro,sync,no_subtree_check)
- '';
- };
};
ports = {
tcp = [ 111 2049 ];
@@ -23,8 +16,8 @@
};
hosts = [];
volumes = [{
- name = "nfs";
- mountPoint = "/srv/nfs/";
+ name = "smb";
+ mountPoint = "/srv/smb/";
readOnly = false;
backup = false;
}];
diff --git a/update-blog.sh b/update-blog.sh
new file mode 100644
index 0000000..f46d2a7
--- /dev/null
+++ b/update-blog.sh
@@ -0,0 +1,2 @@
+#!/bin/sh
+nix flake lock --update-input rachelcafe