~abyxcos/nas.nix

479e46886abb30bf42fc261f9ab7499e525a27bd — abyxcos 6 months ago 6af511e
Jump to 23.11. Migrate gitea options to forgejo proper.
1 files changed, 30 insertions(+), 11 deletions(-)

M configuration.nix
M configuration.nix => configuration.nix +30 -11
@@ 59,6 59,18 @@ in {
		ipv6 = true;
	};

	services.qemuGuest.enable = true;
/*
	virtualisation.podman.enable = true;
	virtualisation.oci-containers = {
		backend = "podman";

		containers = {
			#invidious = import ./containers/invidious.nix;
		};
	};
*/

	# libvirtd now requires polkit to be enabled
	security.polkit.enable = true;



@@ 96,6 108,7 @@ in {
				443	# http/nginx
				3000	# forgejo
				4533	# Navidrome
				8300	# Invidious
				8096	# Jellyfin
			];
			allowedUDPPorts = [ ];


@@ 128,12 141,14 @@ in {
		unzip unar
		git ripgrep
		clang llvm gcc binutils file
		pkg-config libusb1 # router7
		go
		navidrome jellyfin
		# navidrome jellyfin
		beets-unstable unflac ffmpeg-full dos2unix
		nnn # CLI file manager
		step-ca step-cli
		headscale
		sqlite
	];

	# Some programs need SUID wrappers, can be configured further or are


@@ 171,7 186,7 @@ in {
	services.nginx.virtualHosts."navidrome.mnetic.ch" = nginxProxy 4533;
	services.nginx.virtualHosts."music.mnetic.ch" = nginxProxy 4533;

	services.jellyfin.enable = true;
	services.jellyfin.enable = false;
	services.nginx.virtualHosts."jellyfin.mnetic.ch" = nginxProxy 8096;
	services.nginx.virtualHosts."movies.mnetic.ch" = nginxProxy 8096;



@@ 217,16 232,15 @@ in {
		};
	};

	services.gitea.enable = true;
	services.gitea.package = pkgs.forgejo;
	services.gitea.stateDir = "/mnt/guava/services/foregejo";
	services.gitea.settings = {
	services.forgejo.enable = true;
	services.forgejo.stateDir = "/mnt/guava/services/foregejo";
	services.forgejo.settings = {
		server = {
			DOMAIN = "git.mnetic.ch";
			ROOT_URL = "http://git.mnetic.ch";
			ROOT_URL = "https://git.mnetic.ch";
		};
		service = {
			# DISABLE_REGISTRATION = true;
			DISABLE_REGISTRATION = false;
			REGISTER_MANUAL_CONFIRM = true;
		};
		security = {


@@ 247,12 261,12 @@ in {

	# https://forgejo.org/2023-02-27-forgejo-actions/
	# https://forgejo.org/docs/v1.20/admin/actions/
	services.gitea-actions-runner.package = pkgs.unstable.gitea-actions-runner;
	#services.gitea-actions-runner.package = pkgs.unstable.gitea-actions-runner;
	services.gitea-actions-runner.instances.nas = {
		enable = true;
		name = config.networking.hostName;
		url = "http://git.mnetic.ch";
		token = "mGULm6uyFKtMm84ExV2OrUfisaSUzoYf1pQOEDdI";
		token = "imsvZj4JWPtERBwOhGdiMo4ljmtfa5JXGVUH0Jby";
		labels = [];
	};



@@ 275,7 289,7 @@ in {
		];
	};

	services.keycloak.enable = true;
	services.keycloak.enable = false;
	services.keycloak = {
		settings = {
			hostname = "keycloak.mnetic.ch";


@@ 311,6 325,11 @@ in {
		'';
	};

	#services.invidious.enable = true;
	#services.invidious = {
	#	port = 8300;
	#};

	# Optimise the disk storage usage
	nix.settings.auto-optimise-store = true;
	nix.gc = {