feat(modules/nixos): W.I.P add forgejo service

feat(modules/nixos): add admin module for system wide admin data
2025-10-31 13:50:04 +00:00 · 2024-12-27 20:37:00 +01:00 · 2024-12-27 20:37:00 +01:00 · 84bfdec3f2
commit 84bfdec3f2
parent 636d384150
7 changed files with 168 additions and 4 deletions
--- a/modules/nixos/admin/default.nix
+++ b/modules/nixos/admin/default.nix
@ -0,0 +1,16 @@
+{
+  lib,
+  namespace,
+  ...
+}:
+let
+  inherit (lib) types;
+  inherit (lib.${namespace}) mkOpt;
+in
+{
+  options.${namespace}.admin = with types; {
+    name = mkOpt str "Jo" "The short name of the system admin.";
+    full-name = mkOpt str "Johannes Reckers" "The full name of the system admin.";
+    email = mkOpt str "system@thevoid.cafe" "The E-Mail of the system admin. (Used for system services by default)";
+  };
+}
--- a/modules/nixos/services/forgejo/default.nix
+++ b/modules/nixos/services/forgejo/default.nix
@ -0,0 +1,56 @@
+{
+  lib,
+  config,
+  namespace,
+  ...
+}:
+let
+  inherit (lib) mkEnableOption mkIf;
+  cfg = config.${namespace}.services.forgejo;
+in
+{
+  options.${namespace}.services.forgejo = {
+    enable = mkEnableOption "Whether to enable the forgejo git service.";
+  };
+
+  config = mkIf cfg.enable {
+    services.forgejo = {
+      enable = true;
+
+      database = {
+        type = "postgres";
+      };
+      lfs.enable = true;
+      settings = {
+        server = {
+          DOMAIN = "git.thevoid.cafe";
+          ROOT_URL = "https://git.thevoid.cafe/";
+          HTTP_PORT = "3030";
+        };
+        service.DISABLE_REGISTRATION = true;
+        actions = {
+          ENABLED = true;
+          DEFAULT_ACTIONS_URL = "github";
+        };
+      };
+    };
+
+    # TODO: finish this configuration
+
+    services.traefik = {
+      dynamicConfigOptions = {
+        http = {
+          routers.forgejo = {
+            entryPoints = ["websecure"];
+            rule = "Host(`git.thevoid.cafe`)";
+            service = "forgejo";
+          };
+
+          services.forgejo.loadbalancer.server = {
+            url = "http://localhost:3030";
+          };
+        };
+      };
+    };
+  };
+}
--- a/modules/nixos/services/traefik/default.nix
+++ b/modules/nixos/services/traefik/default.nix
@ -11,7 +11,7 @@ in {
    enable = mkEnableOption "Enable the Traefik service.";
    cloudflareEmail = mkOption {
      type = types.str;
-      default = "system@thevoid.cafe";
+      default = config.${namespace}.admin.email;
      example = "system@thevoid.cafe";
      description = "Specify the E-Mail associated with your Cloudflare account for ACME.";
    };