ptr.pet / ark
nix machine / user configurations
fork atom

wolumonde: add gitea

ptr.pet 4e2c04dd 2e52ede5

options
unified split
Changed files
+40 -11
flake.lock
hosts
wolumonde
default.nix
+6 -6
flake.lock 
···

       
9

       
9

       
 

       
        ]


     

       
10

       
10

       
 

       
      },


     

       
11

       
11

       
 

       
      "locked": {


     

       
12

       

       
-

       
        "lastModified": 1659152758,


     

       
13

       

       
-

       
        "narHash": "sha256-nbCRaXMAXfNvrqtWT2WtcYsf2Rym0Zv2WFJDmXk5sgY=",


     

       

       
12

       
+

       
        "lastModified": 1659159653,


     

       

       
13

       
+

       
        "narHash": "sha256-zWjN3LqgMMaVBM8g0KcDwdpiwbShWHRKWR0XcSVfBBA=",


     

       
14

       
14

       
 

       
        "owner": "yusdacra",


     

       
15

       
15

       
 

       
        "repo": "yusdacra.gitlab.io",


     

       
16

       

       
-

       
        "rev": "420e525b8b8210e997748e500f55690fd89a8fca",


     

       

       
16

       
+

       
        "rev": "3f0caa133aa557acc008fc3819203db813092cf2",


     

       
17

       
17

       
 

       
        "type": "gitlab"


     

       
18

       
18

       
 

       
      },


     

       
19

       
19

       
 

       
      "original": {


     
···

       
219

       
219

       
 

       
        ]


     

       
220

       
220

       
 

       
      },


     

       
221

       
221

       
 

       
      "locked": {


     

       
222

       

       
-

       
        "lastModified": 1645050947,


     

       
223

       

       
-

       
        "narHash": "sha256-BHPdruYD+6VAyfgsZ33jn00okHQZuxY6Veg4EUei85o=",


     

       

       
222

       
+

       
        "lastModified": 1659159625,


     

       

       
223

       
+

       
        "narHash": "sha256-TElL1iaIY/xrIX+JYsppKWa510R8aJDXWQJxjpyCVxo=",


     

       
224

       
224

       
 

       
        "owner": "yusdacra",


     

       
225

       
225

       
 

       
        "repo": "html.nix",


     

       
226

       

       
-

       
        "rev": "18fa28319f4cdca933da8f413a3e3bcfb36d37b0",


     

       

       
226

       
+

       
        "rev": "5bca7064e4de141f85b14a2c5262f204ac5f56bd",


     

       
227

       
227

       
 

       
        "type": "github"


     

       
228

       
228

       
 

       
      },


     

       
229

       
229

       
 

       
      "original": {
+34 -5
hosts/wolumonde/default.nix 
···

       
1

       
1

       
 

       
{


     

       
2

       
2

       
 

       
  inputs,


     

       
3

       
3

       
 

       
  pkgs,


     

       

       
4

       
+

       
  config,


     

       

       
5

       
+

       
  lib,


     

       
4

       
6

       
 

       
  ...


     

       
5

       

       
-

       
}: {


     

       

       
7

       
+

       
}: let


     

       

       
8

       
+

       
  personal = import "${inputs.self}/personal.nix";


     

       

       
9

       
+

       
  email = personal.emails.short;


     

       

       
10

       
+

       
in {


     

       
6

       
11

       
 

       
  imports = [


     

       
7

       
12

       
 

       
    ./hardware-configuration.nix


     

       
8

       
13

       
 

       
  ];


     
···

       
31

       
36

       
 

       
      enableACME = true;


     

       
32

       
37

       
 

       
      forceSSL = true;


     

       
33

       
38

       
 

       
      root = "${inputs.blog.packages.${pkgs.system}.website}";


     

       

       
39

       
+

       
      locations."/".extraConfig = ''


     

       

       
40

       
+

       
        add_header cache-control max-age=1800;


     

       

       
41

       
+

       
      '';


     

       

       
42

       
+

       
    };


     

       

       
43

       
+

       
    virtualHosts."git.gaze.systems" = {


     

       

       
44

       
+

       
      enableACME = true;


     

       

       
45

       
+

       
      forceSSL = true;


     

       

       
46

       
+

       
      locations."/".proxyPass = "http://localhost:3001";


     

       
34

       
47

       
 

       
    };


     

       
35

       
48

       
 

       
  };


     

       
36

       
49

       
 

       
  security.acme = {


     

       
37

       
50

       
 

       
    acceptTerms = true;


     

       
38

       
51

       
 

       
    certs = {


     

       
39

       

       
-

       
      "gaze.systems".email = "y.bera003.06@pm.me";


     

       

       
52

       
+

       
      "gaze.systems".email = email;


     

       

       
53

       
+

       
      "git.gaze.systems".email = email;


     

       
40

       
54

       
 

       
    };


     

       
41

       
55

       
 

       
  };


     

       
42

       
56

       
 

       



     

       
43

       

       
-

       
  # sourcehut


     

       

       
57

       
+

       
  # gitea


     

       

       
58

       
+

       
  services.gitea = {


     

       

       
59

       
+

       
    enable = true;


     

       

       
60

       
+

       
    cookieSecure = true;


     

       

       
61

       
+

       
    disableRegistration = true;


     

       

       
62

       
+

       
    domain = "git.gaze.systems";


     

       

       
63

       
+

       
    rootUrl = "https://git.gaze.systems/";


     

       

       
64

       
+

       
    httpPort = 3001;


     

       

       
65

       
+

       
  };


     

       
44

       
66

       
 

       



     

       
45

       
67

       
 

       
  # firewall stuffs


     

       
46

       
68

       
 

       
  networking.firewall = {


     

       
47

       
69

       
 

       
    enable = true;


     

       
48

       

       
-

       
    allowedTCPPorts = [ 22 80 443 ];


     

       
49

       

       
-

       
    allowedUDPPortRanges = [ ];


     

       

       
70

       
+

       
    allowedTCPPorts = lib.flatten [


     

       

       
71

       
+

       
      [22 80 443]


     

       

       
72

       
+

       
      (


     

       

       
73

       
+

       
        lib.optional


     

       

       
74

       
+

       
        config.services.gitea.enable


     

       

       
75

       
+

       
        config.services.gitea.httpPort


     

       

       
76

       
+

       
      )


     

       

       
77

       
+

       
    ];


     

       

       
78

       
+

       
    allowedUDPPortRanges = [];


     

       
50

       
79

       
 

       
  };


     

       
51

       
80

       
 

       



     

       
52

       
81

       
 

       
  # nixinate for deployment