diff --git a/hosts/git/configuration.nix b/hosts/git/configuration.nix index bf70f33..c74e726 100644 --- a/hosts/git/configuration.nix +++ b/hosts/git/configuration.nix @@ -7,7 +7,7 @@ }: let - giteaSshPort = 22; + sshPort = 22; in { imports = [ @@ -109,14 +109,13 @@ in # Git services = { - gitea = { + forgejo = { enable = true; appName = "git.rs.ht"; - package = pkgs.gitea; database.type = "sqlite3"; - repositoryRoot = "/var/lib/gitea/repositories"; + repositoryRoot = "/var/lib/forgejo/repositories"; lfs.enable = true; @@ -124,7 +123,7 @@ in # Is a nice feature once we have a dedicated backup storage. # For now it is disabled, since it delays `nixos-rebuild switch`. enable = false; - backupDir = "/var/lib/gitea/dump"; + backupDir = "/var/lib/forgejo/dump"; }; settings = { @@ -132,7 +131,7 @@ in ENABLED = true; }; cors = { - ALLOW_DOMAIN = config.services.gitea.settings.server.DOMAIN; + ALLOW_DOMAIN = config.services.forgejo.settings.server.DOMAIN; ENABLED = true; SCHEME = "https"; }; @@ -173,8 +172,8 @@ in ENABLE_GZIP = true; SSH_AUTHORIZED_KEYS_BACKUP = false; SSH_DOMAIN = DOMAIN; - START_SSH_SERVER = giteaSshPort != 22; - SSH_PORT = giteaSshPort; + START_SSH_SERVER = sshPort != 22; + SSH_PORT = sshPort; ROOT_URL = "https://${DOMAIN}/"; HTTP_PORT = 3003; }; @@ -205,10 +204,14 @@ in nginx = { enable = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; virtualHosts."git.rs.ht" = { forceSSL = true; enableACME = true; - locations."/".proxyPass = "http://localhost:${toString config.services.gitea.settings.server.HTTP_PORT}"; + locations."/".proxyPass = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}"; }; }; @@ -219,7 +222,7 @@ in PasswordAuthentication = false; }; extraConfig = '' - Match User gitea + Match User forgejo AllowAgentForwarding no AllowTcpForwarding no PermitTTY no