SelfPrivacy/selfprivacy-nixos-config
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git synced 2024-11-25 12:31:27 +00:00
Code Issues Projects Releases Wiki Activity

feat: add more service options and change Gitea to Forgejo

Browse source
This commit is contained in:
Inex Code 2024-06-30 21:47:08 +04:00
parent 8ce34bdd8d
commit 2b2551e5ba
3 changed files with 61 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
sp-modules/bitwarden/module.nix
View file

@ -18,6 +18,18 @@ in
default = "password";
type = lib.types.strMatching "[A-Za-z0-9][A-Za-z0-9\-]{0,61}[A-Za-z0-9]";
};
signupsAllowed = lib.mkOption {
default = true;
type = lib.types.bool;
};
sendsAllowed = lib.mkOption {
default = true;
type = lib.types.bool;
};
emergencyAccessAllowed = lib.mkOption {
default = true;
type = lib.types.bool;
};
};
config = lib.mkIf config.selfprivacy.modules.bitwarden.enable {
@ -53,9 +65,11 @@ in
backupDir = backup-dir;
environmentFile = "${bitwarden-env}";
config = {
domain = "https://${cfg.subdomain}.${sp.domain}/";
signupsAllowed = true;
rocketPort = 8222;
DOMAIN = "https://${cfg.subdomain}.${sp.domain}/";
SIGNUPS_ALLOWED = cfg.signupsAllowed;
ROCKET_PORT = 8222;
SENDS_ALLOWED = cfg.sendsAllowed;
EMERGENCY_ACCESS_ALLOWED = cfg.emergencyAccessAllowed;
};
};
systemd.services.bitwarden-secrets = {

42
sp-modules/gitea/module.nix
View file

@ -1,4 +1,4 @@
{ config, lib, ... }:
{ config, lib, pkgs, ... }:
let
sp = config.selfprivacy;
stateDir =
@ -20,6 +20,29 @@ in
default = "git";
type = lib.types.strMatching "[A-Za-z0-9][A-Za-z0-9\-]{0,61}[A-Za-z0-9]";
};
appName = lib.mkOption {
default = "SelfPrivacy git Service";
type = lib.types.str;
};
enableLfs = lib.mkOption {
default = true;
type = lib.types.bool;
};
forcePrivate = lib.mkOption {
default = false;
type = lib.types.bool;
description = "Force all new repositories to be private";
};
disableRegistration = lib.mkOption {
default = false;
type = lib.types.bool;
description = "Disable registration of new users";
};
requireSigninView = lib.mkOption {
default = false;
type = lib.types.bool;
description = "Require signin to view any page";
};
};
config = lib.mkIf cfg.enable {
@ -31,11 +54,8 @@ in
};
services.gitea = {
enable = true;
package = pkgs.forgejo;
inherit stateDir;
# log = {
# rootPath = "/var/lib/gitea/log";
# level = "Warn";
# };
user = "gitea";
database = {
type = "sqlite3";
@ -50,13 +70,15 @@ in
# clonePort = 22;
# };
lfs = {
enable = true;
enable = cfg.enableLfs;
contentDir = "${stateDir}/lfs";
};
appName = "SelfPrivacy git Service";
repositoryRoot = "${stateDir}/repositories";
# cookieSecure = true;
settings = {
DEFAULT = {
APP_NAME = "${cfg.appName}";
};
server = {
DOMAIN = "${cfg.subdomain}.${sp.domain}";
ROOT_URL = "https://${cfg.subdomain}.${sp.domain}/";
@ -77,7 +99,7 @@ in
ENABLE_KANBAN_BOARD = true;
};
repository = {
FORCE_PRIVATE = false;
FORCE_PRIVATE = cfg.forcePrivate;
};
session = {
COOKIE_SECURE = true;
@ -86,6 +108,10 @@ in
ROOT_PATH = "${stateDir}/log";
LEVEL = "Warn";
};
service = {
DISABLE_REGISTRATION = cfg.disableRegistration;
REQUIRE_SIGNIN_VIEW = cfg.requireSigninView;
};
};
};
services.nginx.virtualHosts."${cfg.subdomain}.${sp.domain}" = {

10
sp-modules/jitsi-meet/module.nix
View file

@ -13,6 +13,10 @@ in
default = "meet";
type = lib.types.strMatching "[A-Za-z0-9][A-Za-z0-9\-]{0,61}[A-Za-z0-9]";
};
appName = lib.mkOption {
default = "Jitsi Meet";
type = lib.types.str;
};
};
config = lib.mkIf cfg.enable {
@ -23,6 +27,12 @@ in
interfaceConfig = {
SHOW_JITSI_WATERMARK = false;
SHOW_WATERMARK_FOR_GUESTS = false;
APP_NAME = cfg.appName;
};
config = {
prejoinConfig = {
enabled = true;
};
};
};
services.nginx.virtualHosts."${cfg.subdomain}.${domain}" = {