Initial setup for git (forgejo)

2025-01-16 23:20:37 -05:00 · 2025-01-16 23:20:37 -05:00 · 0a2c3d46e0
commit 0a2c3d46e0
parent 9f4b8a6e70
2 changed files with 97 additions and 15 deletions
--- a/host/komodo/default.nix
+++ b/host/komodo/default.nix
@ -17,26 +17,26 @@
    # Local Modules
    ./modules/frp
    ./modules/forgejo
    ./modules/komodo
  ];
  ## NETWORKING ##
  networking.firewall = {
    allowedTCPPorts = [
-      22
+      [REDACTED]
-      443
+      [REDACTED]
-      80
+      [REDACTED]
-      81
+      222 # GitTea SSH
-      9120
+      [REDACTED]
-      3001
+      [REDACTED]
-      4041
+      3003 # GitTea
-      5001
+      [REDACTED]
-      7475
+      [REDACTED]
-      8070
+      8080 # File Browser
-      8080
+      [REDACTED]
-      8086
+      [REDACTED]
-      8090
+      [REDACTED]
      9120
    ];
    # Game Server Ports
@ -48,7 +48,7 @@
    ];
    allowedUDPPorts = [
-      8089
+      8089 # Grafana
    ];
  };
--- a/host/komodo/modules/forgejo/default.nix
+++ b/host/komodo/modules/forgejo/default.nix
@ -0,0 +1,82 @@
 # Configuration for Gitea instance
 {
  config,
  pkgs,
  admin,
  ...
 }:
 {
  # Forgejo configuration
  services.forgejo = {
    enable = true;
    stateDir = "/pool/forgejo";
    # Settings
    dump = {
      # :D idk what this does
      enable = false;
      interval = "weekly";
    };
    settings = {
      DEFAULT = {
        # Configuration for Gitea
        APP_NAME = "Ryot Git";
        RUN_MODE = "dev";
      };
      server = {
        # Configuration for reverse proxy
        ROOT_URL = "https://git.ryot.foo/";
        HTTP_ADDR = "0.0.0.0";
        HTTP_PORT = 3003;
        DOMAIN = "localhost";
      };
      repository = {
        DEFAULT_PRIVATE = true;
      };
      ui = {
        DEFAULT_THEME = "forgejo-dark";
        SHOW_USER_EMAIL = false;
      };
      "ui.meta" = {
        AUTHOR = "Ryot";
        DESCRIPTION = "Ryot Gitea instance";
        KEYWORDS = "";
      };
      security = {
        INSTALL_LOCK = true;
      };
      session = {
        SESSION_LIFE_TIME = 86400 * 7; # 1 week
      };
      picture = {
        DISABLE_GRAVATAR = true;
      };
      "cron.sync_external_users".ENABLED = false;
      log.LEVEL = "Info";
      # Private server
      service.DISABLE_REGISTRATION = false;
      # Disable package manager functionality
      packages.ENABLED = false;
    };
  };
  users.users.forgejo.openssh.authorizedKeys.keys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIClZstYoT64zHnGfE7LMYNiQPN5/gmCt382lC+Ji8lrH PVE"
  ];
  # Give admin group access to forgejo config
  users.users.${admin}.extraGroups = [ "forgejo" ];
 }