pyrox.dev
1# Sourcehut {#module-services-sourcehut}
2
3[Sourcehut](https://sr.ht.com/) is an open-source,
4self-hostable software development platform. The server setup can be automated using
5[services.sourcehut](#opt-services.sourcehut.enable).
6
7## Basic usage {#module-services-sourcehut-basic-usage}
8
9Sourcehut is a Python and Go based set of applications.
10This NixOS module also provides basic configuration integrating Sourcehut into locally running
11`services.nginx`, `services.redis.servers.sourcehut`, `services.postfix`
12and `services.postgresql` services.
13
14A very basic configuration may look like this:
15```nix
16{ pkgs, ... }:
17let
18 fqdn =
19 let
20 join = hostName: domain: hostName + optionalString (domain != null) ".${domain}";
21 in join config.networking.hostName config.networking.domain;
22in {
23
24 networking = {
25 hostName = "srht";
26 domain = "tld";
27 firewall.allowedTCPPorts = [ 22 80 443 ];
28 };
29
30 services.sourcehut = {
31 enable = true;
32 git.enable = true;
33 man.enable = true;
34 meta.enable = true;
35 nginx.enable = true;
36 postfix.enable = true;
37 postgresql.enable = true;
38 redis.enable = true;
39 settings = {
40 "sr.ht" = {
41 environment = "production";
42 global-domain = fqdn;
43 origin = "https://${fqdn}";
44 # Produce keys with srht-keygen from sourcehut.coresrht.
45 network-key = "/run/keys/path/to/network-key";
46 service-key = "/run/keys/path/to/service-key";
47 };
48 webhooks.private-key= "/run/keys/path/to/webhook-key";
49 };
50 };
51
52 security.acme.certs."${fqdn}".extraDomainNames = [
53 "meta.${fqdn}"
54 "man.${fqdn}"
55 "git.${fqdn}"
56 ];
57
58 services.nginx = {
59 enable = true;
60 # only recommendedProxySettings are strictly required, but the rest make sense as well.
61 recommendedTlsSettings = true;
62 recommendedOptimisation = true;
63 recommendedGzipSettings = true;
64 recommendedProxySettings = true;
65
66 # Settings to setup what certificates are used for which endpoint.
67 virtualHosts = {
68 "${fqdn}".enableACME = true;
69 "meta.${fqdn}".useACMEHost = fqdn;
70 "man.${fqdn}".useACMEHost = fqdn;
71 "git.${fqdn}".useACMEHost = fqdn;
72 };
73 };
74}
75```
76
77 The `hostName` option is used internally to configure the nginx
78reverse-proxy. The `settings` attribute set is
79used by the configuration generator and the result is placed in `/etc/sr.ht/config.ini`.
80
81## Configuration {#module-services-sourcehut-configuration}
82
83All configuration parameters are also stored in
84`/etc/sr.ht/config.ini` which is generated by
85the module and linked from the store to ensure that all values from `config.ini`
86can be modified by the module.
87
88## Using an alternative webserver as reverse-proxy (e.g. `httpd`) {#module-services-sourcehut-httpd}
89
90By default, `nginx` is used as reverse-proxy for `sourcehut`.
91However, it's possible to use e.g. `httpd` by explicitly disabling
92`nginx` using [](#opt-services.nginx.enable) and fixing the
93`settings`.