forgejo: convert to nixos module

2024-07-24 17:29:26 +01:00 · 2024-07-24 17:29:26 +01:00 · 049e3ff091
parent f36cd49121
commit 049e3ff091
5 changed files with 83 additions and 51 deletions
--- a/hive.nix
+++ b/hive.nix
@ -25,6 +25,7 @@ in {
      (import "${sources.agenix}/modules/age.nix")
      ./pinning.nix
      ./common
+      ./services
    ];
  };

--- a/hosts/yevaud/configuration.nix
+++ b/hosts/yevaud/configuration.nix
@ -4,12 +4,27 @@
  imports = [
    ./hardware-configuration.nix
    ./home.nix
-    ./forgejo.nix
  ];

  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

+  qenya.services.forgejo = {
+    enable = true;
+    domain = "git.qenya.tel";
+    stateDir = "/data/forgejo";
+  };
+
+  services.nginx = {
+    enable = true;
+    virtualHosts = {
+      "git.katherina.rocks" = {
+        forceSSL = true;
+        enableACME = true;
+        locations."/".return = "301 https://git.qenya.tel$request_uri";
+      };
+    };
+  };
+
  system.stateVersion = "23.11";
 }
-
--- a/hosts/yevaud/forgejo.nix
+++ b/hosts/yevaud/forgejo.nix
@ -1,49 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-  # TODO: email out
-  # TODO: interface customisation
-
-  services = {
-    nginx = {
-      enable = true;
-      virtualHosts = {
-        "git.qenya.tel" = {
-          forceSSL = true;
-          enableACME = true;
-          locations."/".proxyPass = "http://[::1]:3000/";
-        };
-        "git.katherina.rocks" = {
-          forceSSL = true;
-          enableACME = true;
-          locations."/".return = "301 https://git.qenya.tel$request_uri";
-        };
-      };
-    };
-
-    forgejo = {
-      enable = true;
-      stateDir = "/data/forgejo";
-      settings = {
-        DEFAULT.APP_NAME = "git.qenya.tel";
-        cache = {
-          ADAPTER = "twoqueue";
-          HOST = ''{"size": 100, "recent_ratio": 0.25, "ghost_ratio": 0.5}'';
-        };
-        database = {
-          DB_TYPE = "sqlite3";
-          SQLITE_JOURNAL_MODE = "WAL";
-        };
-        security.LOGIN_REMEMBER_DAYS = 365;
-        server = {
-          DOMAIN = "git.qenya.tel";
-          HTTP_PORT = 3000;
-          ROOT_URL = "https://git.qenya.tel/";
-        };
-        service.DISABLE_REGISTRATION = true;
-      };
-    };
-  };
-
-  networking.firewall.allowedTCPPorts = [ 80 443 ];
-}
--- a/services/default.nix
+++ b/services/default.nix
@ -0,0 +1,5 @@
+{
+  imports = [
+    ./forgejo.nix
+  ];
+}
--- a/services/forgejo.nix
+++ b/services/forgejo.nix
@ -0,0 +1,60 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.qenya.services.forgejo;
+  inherit (lib) mkIf mkEnableOption mkOption types;
+in
+{
+  options.qenya.services.forgejo = {
+    enable = mkEnableOption "Forgejo";
+    domain = mkOption {
+      type = types.str;
+    };
+    stateDir = mkOption {
+      type = types.str;
+    };
+  };
+
+  config = mkIf cfg.enable {
+    # TODO: email out
+    # TODO: interface customisation
+
+    services = {
+      nginx = {
+        enable = true;
+        virtualHosts = {
+          ${cfg.domain} = {
+            forceSSL = true;
+            enableACME = true;
+            locations."/".proxyPass = "http://[::1]:3000/";
+          };
+        };
+      };
+
+      forgejo = {
+        enable = true;
+        stateDir = cfg.stateDir;
+        settings = {
+          DEFAULT.APP_NAME = cfg.domain;
+          cache = {
+            ADAPTER = "twoqueue";
+            HOST = ''{"size": 100, "recent_ratio": 0.25, "ghost_ratio": 0.5}'';
+          };
+          database = {
+            DB_TYPE = "sqlite3";
+            SQLITE_JOURNAL_MODE = "WAL";
+          };
+          security.LOGIN_REMEMBER_DAYS = 365;
+          server = {
+            DOMAIN = cfg.domain;
+            HTTP_PORT = 3000;
+            ROOT_URL = "https://${cfg.domain}/";
+          };
+          service.DISABLE_REGISTRATION = true;
+        };
+      };
+    };
+
+    networking.firewall.allowedTCPPorts = [ 80 443 ];
+  };
+}