peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

gitea: vhost

Browse Source
This commit is contained in:
Giulio De Pasquale 2023-06-05 04:41:10 +02:00
parent 1df031965a
commit 2c387448ba
1 changed files with 8 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
hosts/architect/gitea.nix
View File

@ -2,12 +2,15 @@
let let
domain = "git.giugl.io"; domain = "git.giugl.io";
utilities = import ./utilities.nix { inherit lib config; };
inherit (utilities) architectInterfaceAddress;
in in
{ {
architect.firewall.openTCP = [ config.services.gitea.settings.server.SSH_PORT ]; architect = {
firewall.openTCP = [ config.services.gitea.settings.server.SSH_PORT ];
vhost.${domain} = {
dnsInterfaces = [ "lan" "tailscale" "wireguard" ];
locations."/".port = config.services.gitea.settings.server.HTTP_PORT;
};
};
services.gitea = { services.gitea = {
enable = true; enable = true;
@ -20,24 +23,9 @@ in
DOMAIN = domain; DOMAIN = domain;
ROOT_URL = "https://${domain}"; ROOT_URL = "https://${domain}";
SSH_PORT = 22; SSH_PORT = 22;
HTTP_PORT = 3001;
}; };
openid.enable_openid_signin = true; openid.enable_openid_signin = true;
}; };
}; };
services.nginx.virtualHosts.${domain} = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:3000";
# it does not work, it breaks gitea's web portal
# extraConfig = auth_block { access_role = "git"; };
};
};
networking.extraHosts = ''
${architectInterfaceAddress "lan"} ${domain}
${architectInterfaceAddress "wireguard"} ${domain}
${architectInterfaceAddress "tailscale"} ${domain}
'';
} }