Initial commit

2024-07-21 01:44:38 -04:00 · 2024-07-21 01:44:38 -04:00 · 41d546e21d
commit 41d546e21d
10 changed files with 241 additions and 0 deletions
--- a/modules/acme.nix
+++ b/modules/acme.nix
@ -0,0 +1,9 @@
+{ ... }:
+{
+  security.acme.acceptTerms = true;
+  security.acme.defaults = {
+    email = "kiana.a.sheibani@gmail.com";
+    dnsProvider = "namecheap";
+    environmentFile = "/root/.namecheap_api";
+  };
+}
--- a/modules/default.nix
+++ b/modules/default.nix
@ -0,0 +1,9 @@
+{ ... }:
+{
+  imports = [
+    ./acme.nix
+    ./fail2ban.nix
+    ./forgejo.nix
+    ./nginx.nix
+  ];
+}
--- a/modules/fail2ban.nix
+++ b/modules/fail2ban.nix
@ -0,0 +1,4 @@
+{ ... }:
+{
+  services.fail2ban.enable = true;
+}
--- a/modules/forgejo.nix
+++ b/modules/forgejo.nix
@ -0,0 +1,47 @@
+{ config, ... }:
+let
+  cfg = config.services.forgejo;
+  srv = cfg.settings.server;
+in {
+  services.nginx.virtualHosts.${srv.DOMAIN} = {
+    forceSSL = true;
+    enableACME = true;
+    extraConfig = ''
+      client_max_body_size 512M;
+    '';
+    locations."/".proxyPass = "http://localhost:${builtins.toString srv.HTTP_PORT}";
+  };
+
+  services.forgejo = {
+    enable = true;
+    
+    settings = {
+      server = {
+        DOMAIN = "git.tokinanpa.dev";
+        ROOT_URL = "https://${srv.DOMAIN}/";
+      };
+
+      service = {
+        DISABLE_REGISTRATION = true;
+      };
+
+      repository = {
+        DEFAULT_REPO_UNITS = "repo.code,repo.releases,repo.issues";
+        DISABLE_STARS = true;
+
+        ENABLE_PUSH_CREATE_USER = true;
+        DEFAULT_PUSH_CREATE_PRIVATE = false;
+
+        PREFERRED_LICENSES = "MIT";
+      };
+
+      ui = {
+        DEFAULT_THEME = "forgejo-dark";
+        DEFAULT_SHOW_FULL_NAME = true;
+        
+      };
+
+      mirror.DEFAULT_INTERVAL = "1h";
+    };
+  };
+}
--- a/modules/nginx.nix
+++ b/modules/nginx.nix
@ -0,0 +1,4 @@
+{ ... }:
+{
+  services.nginx.enable = true;
+}