44 lines
919 B
Nix
44 lines
919 B
Nix
{ pkgs, ... }:
|
|
let gitea = {
|
|
host = "10.10.0.1";
|
|
local = "10.10.0.2";
|
|
};
|
|
secrets = import ./secrets/secrets.nix;
|
|
in
|
|
{
|
|
# [CONTAINERS]
|
|
containers.gitea = {
|
|
autoStart = true;
|
|
ephemeral = true;
|
|
privateNetwork = true;
|
|
hostAddress = gitea.host;
|
|
localAddress = gitea.local;
|
|
config = ./guests/gitea.nix;
|
|
};
|
|
|
|
# [NGINX]
|
|
services.nginx = {
|
|
enable = true;
|
|
recommendedProxySettings = true;
|
|
virtualHosts = {
|
|
"localhost" = {
|
|
locations."/".proxyPass = "http://${gitea.local}:3001";
|
|
};
|
|
};
|
|
};
|
|
|
|
# [NETWORK]
|
|
networking.firewall.allowedTCPPorts = [ 80 ];
|
|
networking.firewall.allowedUDPPorts = [ ];
|
|
|
|
# VM test user
|
|
users.users.admin.isSystemUser = true ;
|
|
users.users.admin.hashedPassword = builtins.readFile ./secrets/admin_password;
|
|
users.users.admin.group = "admin";
|
|
users.groups.admin = {};
|
|
|
|
|
|
system.stateVersion = "23.11";
|
|
|
|
}
|