mx42/homelab
1
0
Fork 0
Code Issues 14 Packages Projects Releases Wiki Activity

feat: add gitea

Browse Source
This commit is contained in:
Xavier Morel
2025-11-14 20:12:17 +01:00
parent 6e05b7d50a
commit e87843f371
5 changed files with 83 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
config/git-gitea.nix Normal file
View File

@@ -0,0 +1,33 @@
{
pkgs,
config,
tools,
...
}:
{
services = {
gitea = {
enable = true;
database = {
type = "postgres";
user = "git";
name = "git";
password = config.my-lxc.git.db.password;
host = tools.build_ip "db";
createDatabase = false;
};
# TODO: dump ...
settings = {
server.HTTP_PORT = 3000;
};
# user = "git";
};
# gitea-actions-runner.instances.default = {
# enable = true;
# labels = [
# "test"
# "nixos"
# ];
# };
};
}

11
config/proxy-traefik.nix
View File

@@ -25,6 +25,17 @@ in
staticConfigOptions = { staticConfigOptions = {
api.insecure = true; api.insecure = true;
log.level = "INFO"; log.level = "INFO";
accessLog = {
filters.statusCodes = [
"200"
"400-404"
"500-503"
];
fields = {
names.ClientUsername = "drop";
headers.defaultMode = "drop";
};
};
entryPoints = { entryPoints = {
web.address = ":80"; web.address = ":80";
websecure.address = ":443"; websecure.address = ":443";

30
containers/git.nix Normal file
View File

@@ -0,0 +1,30 @@
{ ... }:
let
db_pass = import ../config/_passwords.nix;
in
{
my-lxc.git = {
container = {
cores = 1;
memory = 2048;
disk = "10G";
swap = 512;
};
db = {
enable = true;
password = db_pass.git;
};
system = {
port = 3000;
importConfig = [
../config/git-gitea.nix
];
};
logging = {
enable = true;
metricsEnable = true;
};
private = true; # available only on private lan
auth = false; # auth overlay
};
}

6
flake.nix
View File

@@ -101,7 +101,7 @@
languages.opentofu.enable = true; languages.opentofu.enable = true;
scripts.build-template.exec = '' scripts.build-template.exec = ''
nix build .#lxc-template -o nixos-template nix build .#lxc-template -o nixos-template --impure
echo 'Template should be available at nixos-template/tarball/*.tar.xz' echo 'Template should be available at nixos-template/tarball/*.tar.xz'
''; '';
@@ -110,7 +110,7 @@
''; '';
scripts.build-terraform-json.exec = '' scripts.build-terraform-json.exec = ''
nix build .#terraform-json -o config.tf.json nix build .#terraform-json -o config.tf.json --impure
echo 'Terraform build available as config.tf.json' echo 'Terraform build available as config.tf.json'
''; '';
@@ -142,7 +142,7 @@
IP_SUFFIX=$((CONTID - 1000)) IP_SUFFIX=$((CONTID - 1000))
# TODO Verify mapping exists... # TODO Verify mapping exists...
echo "Redeploying LXC on container '$1' ('$CONTID')" echo "Redeploying LXC on container '$1' ('$CONTID')"
nixos-rebuild switch --flake .#$1 --target-host root@${globals.ip_prefix}$IP_SUFFIX nixos-rebuild switch --impure --flake .#$1 --target-host root@${globals.ip_prefix}$IP_SUFFIX
echo "Done." echo "Done."
else else
echo "Error: Container definition 'containers/$1.nix' not found!" echo "Error: Container definition 'containers/$1.nix' not found!"

6
modules/lxc-template.nix
View File

@@ -6,6 +6,7 @@ let
lib = pkgs.lib; lib = pkgs.lib;
modulesPath = pkgs.path + "/nixos/modules"; modulesPath = pkgs.path + "/nixos/modules";
config = import ../config/_globals.nix { }; config = import ../config/_globals.nix { };
id = (import ../config/_ids.nix { }).id;
in in
{ {
imports = [ imports = [
@@ -37,6 +38,11 @@ in
dates = "weekly"; dates = "weekly";
options = "--delete-older-than 7d"; options = "--delete-older-than 7d";
}; };
networking.nameservers =
(
if (lib.hasAttr "dns" id) then [ "${config.globals.ip_prefix}${toString (id.dns - 1000)}" ] else [ ]
)
++ [ "9.9.9.9" ];
time.timeZone = config.globals.default_tz; time.timeZone = config.globals.default_tz;