hosts/suwako: move gitea from marisa to suwako

Signed-off-by: Amneesh Singh <natto@weirdnatto.in>
2025-09-04 16:35:31 +05:30
parent c2a1654be8
commit 11a8dfebff
6 changed files with 49 additions and 31 deletions
--- a/hosts/suwako/services/default.nix
+++ b/hosts/suwako/services/default.nix
@@ -4,6 +4,7 @@
    ./nginx.nix
    ./pufferpanel.nix
    ./filehost.nix
+    ./gitea.nix
  ];

  virtualisation.docker = {
@@ -18,5 +19,15 @@
      settings.PermitRootLogin = "yes";
      ports = [ 22 ];
    };
+
+    postgresql = {
+      enable = true;
+      authentication = ''
+        local gitea all ident map=gitea-map
+      '';
+      identMap = ''
+        gitea-map gitea gitea
+      '';
+    };
  };
 }
--- a/hosts/suwako/services/gitea.nix
+++ b/hosts/suwako/services/gitea.nix
@@ -0,0 +1,44 @@
+{
+  config,
+  pkgs,
+  conf,
+  ...
+}:
+{
+  services = {
+    gitea = rec {
+      appName = "Natto Tea";
+      enable = true;
+      database = {
+        name = "gitea";
+        user = "gitea";
+        passwordFile = "/var/secrets/giteadb.pass";
+        type = "postgres";
+      };
+      mailerPasswordFile = "/var/secrets/giteamailer.pass";
+      settings =
+        let
+          domain = conf.network.addresses.domain.natto;
+        in
+        {
+          server = rec {
+            HTTP_PORT = 5001;
+            ROOT_URL = "https://git.${domain}";
+            SSH_DOMAIN = "git.${domain}";
+            SSH_PORT = 22;
+            SSH_LISTEN_PORT = SSH_PORT;
+          };
+          mailer = rec {
+            ENABLED = true;
+            FROM = "masti@${domain}";
+            SMTP_ADDR = "mail.${domain}";
+            PROTOCOL = "smtps";
+            USER = FROM;
+            REGISTER_MAIL_CONFIRM = true;
+          };
+          oauth2_client.REGISTER_MAIL_CONFIRM = true;
+          actions.ENABLED = false;
+        };
+    };
+  };
+}
--- a/hosts/suwako/services/nginx.nix
+++ b/hosts/suwako/services/nginx.nix
@@ -52,6 +52,12 @@ in
          '';
        };

+        # Gitea
+        "git.${domain}" = genericHttpRProxy {
+          addr = "http://${suwako}:5001";
+          conf = "client_max_body_size 64M;";
+        };
+
        # Personal filehost
        "f.${domain}" = genericHttpRProxy { addr = "http://${suwako}:8000"; };
      };