From be4584aa08a82adf1ea4438510eb15c2be665f1e Mon Sep 17 00:00:00 2001
From: Giulio De Pasquale <depasquale+git@giugl.io>
Date: Thu, 22 Dec 2022 15:11:23 +0100
Subject: [PATCH] gitea: Open gitea to public

---
 hosts/architect/gitea.nix | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/hosts/architect/gitea.nix b/hosts/architect/gitea.nix
index 90ebe2a..bab2587 100644
--- a/hosts/architect/gitea.nix
+++ b/hosts/architect/gitea.nix
@@ -3,6 +3,7 @@
 let
   domain = "git.giugl.io";
   network = import ./network.nix;
+  auth_block = (import ./openid.nix { inherit lib; }).openresty_oidc_block;
 in
 {
   services.gitea = {
@@ -25,13 +26,8 @@ in
     enableACME = true;
     locations."/" = {
       proxyPass = "http://127.0.0.1:3000";
-      extraConfig = ''
-        allow 127.0.0.1;
-        allow 10.0.0.0/24;
-        ${lib.concatMapStrings (x: "allow ${x};") network.gdevices-wg}
-        allow 10.4.0.0/24;
-        deny all;
-      '';
+    # it does not work, it breaks gitea's web portal
+    #  extraConfig = auth_block { access_role = "git"; };
     };
   };