gitea :)
This commit is contained in:
parent
b81084b65c
commit
4e5cef130c
3
host.nix
3
host.nix
|
@ -11,8 +11,6 @@ let hostVolumeDir = "/var/lib/container-storage/";
|
|||
(attrNames (readDir ./services)));
|
||||
in genList (i: elemAt services_no_ip i // { ip = "10.10.0.${toString (i+2)}"; }) (length services_no_ip);
|
||||
|
||||
secrets = import ./secrets/secrets.nix;
|
||||
|
||||
hostIp = "10.10.0.1";
|
||||
in
|
||||
|
||||
|
@ -145,6 +143,7 @@ lib.flatMap ({ name, config, ip, ports, volumes, ... }:
|
|||
settings = {
|
||||
experimental-features = [ "nix-command" "flakes" ];
|
||||
auto-optimise-store = true;
|
||||
trusted-users = [ "@wheel" ];
|
||||
};
|
||||
gc = {
|
||||
automatic = true;
|
||||
|
|
BIN
resources/gitea-custom/public/assets/img/favicon.png
Normal file
BIN
resources/gitea-custom/public/assets/img/favicon.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 32 KiB |
6659
resources/gitea-custom/public/assets/img/favicon.svg
Normal file
6659
resources/gitea-custom/public/assets/img/favicon.svg
Normal file
File diff suppressed because it is too large
Load Diff
After Width: | Height: | Size: 557 KiB |
BIN
resources/gitea-custom/public/assets/img/logo.png
Normal file
BIN
resources/gitea-custom/public/assets/img/logo.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 32 KiB |
6659
resources/gitea-custom/public/assets/img/logo.svg
Normal file
6659
resources/gitea-custom/public/assets/img/logo.svg
Normal file
File diff suppressed because it is too large
Load Diff
After Width: | Height: | Size: 557 KiB |
10
resources/gitea-custom/templates/custom/footer.tmpl
Normal file
10
resources/gitea-custom/templates/custom/footer.tmpl
Normal file
|
@ -0,0 +1,10 @@
|
|||
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/katex@0.16.2/dist/katex.min.css" integrity="sha384-bYdxxUwYipFNohQlHt0bjN/LCpueqWz13HufFEV1SUatKs1cm4L6fFgCi1jT643X" crossorigin="anonymous">
|
||||
<script defer src="https://cdn.jsdelivr.net/npm/katex@0.16.2/dist/katex.min.js" integrity="sha384-Qsn9KnoKISj6dI8g7p1HBlNpVx0I8p1SvlwOldgi3IorMle61nQy4zEahWYtljaz" crossorigin="anonymous"></script>
|
||||
<script>
|
||||
document.addEventListener("DOMContentLoaded", function() {
|
||||
document.querySelectorAll(".math").forEach(function(elem) {
|
||||
katex.render(elem.textContent, elem)
|
||||
})
|
||||
});
|
||||
</script>
|
||||
<a hidden rel="me" href="https://types.pl/@rachelrosen">Mastodon</a>
|
17
resources/gitea-custom/templates/home.tmpl
Normal file
17
resources/gitea-custom/templates/home.tmpl
Normal file
|
@ -0,0 +1,17 @@
|
|||
{{template "base/head" .}}
|
||||
<div class="page-content home">
|
||||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="sixteen wide center aligned centered column">
|
||||
<div>
|
||||
<img class="logo" width="220" height="220" src="{{AssetUrlPrefix}}/img/logo.svg"/>
|
||||
</div>
|
||||
<div class="hero">
|
||||
<h1 class="ui icon header title">
|
||||
{{AppName}}
|
||||
</h1>
|
||||
<h2>git with a hug</h2>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{{template "base/footer" .}}
|
Binary file not shown.
Binary file not shown.
BIN
secrets/gitea_mariadb_pass
Normal file
BIN
secrets/gitea_mariadb_pass
Normal file
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -4,24 +4,33 @@
|
|||
config = {
|
||||
services.gitea = {
|
||||
enable = true;
|
||||
appName = "My awesome Gitea server"; # Give the site a name
|
||||
lfs.enable = true;
|
||||
appName = "githug"; # Give the site a name
|
||||
user = "git";
|
||||
database = {
|
||||
type = "postgres";
|
||||
host = "postgres.containers";
|
||||
port = 5432;
|
||||
type = "mysql";
|
||||
host = "mariadb.containers";
|
||||
port = 3306;
|
||||
name = "gitea";
|
||||
user = "gitea";
|
||||
createDatabase = false;
|
||||
passwordFile = ../secrets/gitea_postgres_pass;
|
||||
passwordFile = ../secrets/gitea_mariadb_pass;
|
||||
};
|
||||
settings.server = {
|
||||
DOMAIN = "localhost";
|
||||
ROOT_URL = "http://localhost/";
|
||||
settings = {
|
||||
server = {
|
||||
# DOMAIN = "githug.xyz";
|
||||
# ROOT_URL = "https://githug.xyz/";
|
||||
# COOKIE_SECURE = true;
|
||||
HTTP_PORT = 3001;
|
||||
OFFLINE_MODE = true;
|
||||
};
|
||||
repository.ENABLE_PUSH_CREATE_USER = true;
|
||||
mailer.ENABLED = false;
|
||||
service = {
|
||||
REGISTER_EMAIL_CONFIRM = false;
|
||||
ENABLE_NOTIFY_EMAIL = false;
|
||||
DISABLE_REGISTRATION = true;
|
||||
};
|
||||
settings.actions = {
|
||||
ENABLED = true;
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -41,6 +50,7 @@
|
|||
};
|
||||
|
||||
users.groups.git = {};
|
||||
|
||||
};
|
||||
ports = {
|
||||
tcp = [ 3001 22 ];
|
||||
|
@ -53,4 +63,22 @@
|
|||
name = "gitea-statedir";
|
||||
mountPoint = "/var/lib/gitea";
|
||||
}];
|
||||
hostConfig = {
|
||||
system.activationScripts.gitea-custom-files =
|
||||
let customs = pkgs.stdenv.mkDerivation {
|
||||
name = "gitea-custom";
|
||||
src = ./..;
|
||||
phases = [ "installPhase" ];
|
||||
installPhase = ''
|
||||
cp -r $src/resources/gitea-custom $out
|
||||
'';
|
||||
};
|
||||
in ''
|
||||
mkdir -p ${lib.hostVolumeDir}/gitea-statedir/custom
|
||||
rm -rf ${lib.hostVolumeDir}/gitea-statedir/custom/public
|
||||
rm -rf ${lib.hostVolumeDir}/gitea-statedir/custom/templates
|
||||
cp -rf ${customs}/public ${lib.hostVolumeDir}/gitea-statedir/custom
|
||||
cp -rf ${customs}/templates ${lib.hostVolumeDir}/gitea-statedir/custom
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
58
services/mariadb.nix
Normal file
58
services/mariadb.nix
Normal file
|
@ -0,0 +1,58 @@
|
|||
{ pkgs, lib, ... }: {
|
||||
name = "mariadb";
|
||||
config = {
|
||||
services.mysql = {
|
||||
enable = true;
|
||||
package = pkgs.mariadb;
|
||||
settings = {
|
||||
mysqld = {
|
||||
port = 3306;
|
||||
};
|
||||
mysqldump = {
|
||||
quick = true;
|
||||
};
|
||||
};
|
||||
ensureDatabases = [ "gitea" ];
|
||||
initialScript = pkgs.writeScript "init.sql" ''
|
||||
CREATE USER 'gitea'@'%' IDENTIFIED BY '${pkgs.lib.removeSuffix "\n"
|
||||
(builtins.readFile ../secrets/gitea_mariadb_pass)}';
|
||||
GRANT ALL ON gitea.* to 'gitea'@'%' WITH GRANT OPTION;
|
||||
'';
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "root";
|
||||
ensurePermissions = {
|
||||
"*.*" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
{
|
||||
name = "mysqldump";
|
||||
ensurePermissions = {
|
||||
"*.*" = "SELECT, LOCK TABLES";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
services.mysqlBackup = {
|
||||
enable = true;
|
||||
singleTransaction = true;
|
||||
};
|
||||
};
|
||||
ports = {
|
||||
tcp = [ 3306 ];
|
||||
udp = [];
|
||||
http = null;
|
||||
forward = [];
|
||||
};
|
||||
hosts = [ ];
|
||||
volumes = [
|
||||
{
|
||||
name = "mariadb-storage";
|
||||
mountPoint = "/var/lib/mysql";
|
||||
}
|
||||
{
|
||||
name = "mariadb-backup";
|
||||
mountPoint = "/var/backup/mysql";
|
||||
}
|
||||
];
|
||||
}
|
|
@ -1,48 +0,0 @@
|
|||
{ pkgs, lib, ... }: {
|
||||
name = "postgres";
|
||||
config = {
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
enableTCPIP = true;
|
||||
port = 5432;
|
||||
ensureDatabases = [ "gitea" ];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "gitea";
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
{
|
||||
name = "root";
|
||||
ensureClauses.superuser = true;
|
||||
}
|
||||
];
|
||||
authentication = ''
|
||||
host all gitea 10.10.0.0/16 trust
|
||||
local all root trust
|
||||
'';
|
||||
};
|
||||
services.postgresqlBackup = {
|
||||
enable = true;
|
||||
backupAll = true;
|
||||
compression = "gzip";
|
||||
compressionLevel = 9;
|
||||
};
|
||||
};
|
||||
ports = {
|
||||
tcp = [ 5432 ];
|
||||
udp = [];
|
||||
http = null;
|
||||
forward = [];
|
||||
};
|
||||
hosts = [ ];
|
||||
volumes = [
|
||||
{
|
||||
name = "postgres-storage";
|
||||
mountPoint = "/var/lib/postgresql";
|
||||
}
|
||||
{
|
||||
name = "postgres-backup";
|
||||
mountPoint = "/var/backup/postgresql";
|
||||
}
|
||||
];
|
||||
}
|
|
@ -1,14 +1,7 @@
|
|||
{ pkgs, lib, ... }:
|
||||
{
|
||||
name = "gitea";
|
||||
name = "smb";
|
||||
config = {
|
||||
services.nfs.server = {
|
||||
enable = true;
|
||||
createMountPoints = true;
|
||||
exports = ''
|
||||
/srv/nfs/music 192.168.0.0/16(rw,sync,no_subtree_check) *(ro,sync,no_subtree_check)
|
||||
'';
|
||||
};
|
||||
};
|
||||
ports = {
|
||||
tcp = [ 111 2049 ];
|
||||
|
@ -23,8 +16,8 @@
|
|||
};
|
||||
hosts = [];
|
||||
volumes = [{
|
||||
name = "nfs";
|
||||
mountPoint = "/srv/nfs/";
|
||||
name = "smb";
|
||||
mountPoint = "/srv/smb/";
|
||||
readOnly = false;
|
||||
backup = false;
|
||||
}];
|
2
update-blog.sh
Normal file
2
update-blog.sh
Normal file
|
@ -0,0 +1,2 @@
|
|||
#!/bin/sh
|
||||
nix flake lock --update-input rachelcafe
|
Loading…
Reference in New Issue
Block a user