gitea: Open gitea to public

hosts/architect/gitea.nix

@@ -3,6 +3,7 @@
 let
   domain = "git.giugl.io";
   network = import ./network.nix;
+  auth_block = (import ./openid.nix { inherit lib; }).openresty_oidc_block;
 in
 {
   services.gitea = {
@@ -25,13 +26,8 @@ in
     enableACME = true;
     locations."/" = {
       proxyPass = "http://127.0.0.1:3000";
-      extraConfig = ''
-        allow 127.0.0.1;
-        allow 10.0.0.0/24;
-        ${lib.concatMapStrings (x: "allow ${x};") network.gdevices-wg}
-        allow 10.4.0.0/24;
-        deny all;
-      '';
+    # it does not work, it breaks gitea's web portal
+    #  extraConfig = auth_block { access_role = "git"; };
     };
   };