wolumonde: add gitea
This commit is contained in:
parent
2e52ede5e7
commit
4e2c04ddcb
12
flake.lock
12
flake.lock
@ -9,11 +9,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1659152758,
|
||||
"narHash": "sha256-nbCRaXMAXfNvrqtWT2WtcYsf2Rym0Zv2WFJDmXk5sgY=",
|
||||
"lastModified": 1659159653,
|
||||
"narHash": "sha256-zWjN3LqgMMaVBM8g0KcDwdpiwbShWHRKWR0XcSVfBBA=",
|
||||
"owner": "yusdacra",
|
||||
"repo": "yusdacra.gitlab.io",
|
||||
"rev": "420e525b8b8210e997748e500f55690fd89a8fca",
|
||||
"rev": "3f0caa133aa557acc008fc3819203db813092cf2",
|
||||
"type": "gitlab"
|
||||
},
|
||||
"original": {
|
||||
@ -219,11 +219,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1645050947,
|
||||
"narHash": "sha256-BHPdruYD+6VAyfgsZ33jn00okHQZuxY6Veg4EUei85o=",
|
||||
"lastModified": 1659159625,
|
||||
"narHash": "sha256-TElL1iaIY/xrIX+JYsppKWa510R8aJDXWQJxjpyCVxo=",
|
||||
"owner": "yusdacra",
|
||||
"repo": "html.nix",
|
||||
"rev": "18fa28319f4cdca933da8f413a3e3bcfb36d37b0",
|
||||
"rev": "5bca7064e4de141f85b14a2c5262f204ac5f56bd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -1,8 +1,13 @@
|
||||
{
|
||||
inputs,
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
}: let
|
||||
personal = import "${inputs.self}/personal.nix";
|
||||
email = personal.emails.short;
|
||||
in {
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
@ -31,22 +36,46 @@
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
root = "${inputs.blog.packages.${pkgs.system}.website}";
|
||||
locations."/".extraConfig = ''
|
||||
add_header cache-control max-age=1800;
|
||||
'';
|
||||
};
|
||||
virtualHosts."git.gaze.systems" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/".proxyPass = "http://localhost:3001";
|
||||
};
|
||||
};
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
certs = {
|
||||
"gaze.systems".email = "y.bera003.06@pm.me";
|
||||
"gaze.systems".email = email;
|
||||
"git.gaze.systems".email = email;
|
||||
};
|
||||
};
|
||||
|
||||
# sourcehut
|
||||
# gitea
|
||||
services.gitea = {
|
||||
enable = true;
|
||||
cookieSecure = true;
|
||||
disableRegistration = true;
|
||||
domain = "git.gaze.systems";
|
||||
rootUrl = "https://git.gaze.systems/";
|
||||
httpPort = 3001;
|
||||
};
|
||||
|
||||
# firewall stuffs
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [ 22 80 443 ];
|
||||
allowedUDPPortRanges = [ ];
|
||||
allowedTCPPorts = lib.flatten [
|
||||
[22 80 443]
|
||||
(
|
||||
lib.optional
|
||||
config.services.gitea.enable
|
||||
config.services.gitea.httpPort
|
||||
)
|
||||
];
|
||||
allowedUDPPortRanges = [];
|
||||
};
|
||||
|
||||
# nixinate for deployment
|
||||
|
Loading…
Reference in New Issue
Block a user