From 84e7e5ef09ef3e6372c9acff66b130f7fc777336 Mon Sep 17 00:00:00 2001 From: Avery Date: Wed, 3 Apr 2024 23:50:32 +0200 Subject: [PATCH] Configure Forgejo to use Postgres --- README.md | 31 ++++++++++++++++---------- flake.nix | 1 - hosts/greatyamada/nixos.nix | 6 +++++ hosts/greatyamada/services/default.nix | 1 + hosts/greatyamada/services/forgejo.nix | 5 +++++ 5 files changed, 31 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index df1763d..61e4436 100644 --- a/README.md +++ b/README.md @@ -6,18 +6,18 @@ Configuration files for my desktop ### Programs -Type | Name +Name | Type :-: | :-: -Wayland compositor | Hyprland -Screen locker | Hyprlock -Statusbar | Waybar -Notification daemon | dunst -Launcher | rofi -Wallpaper daemon | swww -Text editor | Neovim (Nixvim) -Web browser | Firefox -File browser | Dolphin -Torrent client | qBittorrent +Hyprland | Wayland compositor +Hyprlock | Screen locker +Waybar | Statusbar +dunst | Notification daemon +rofi | Launcher +swww | Wallpaper daemon +Neovim | Text editor +Firefox | Web browser +Dolphin | File browser +qBittorrent | Torrent client ## 🐳 Great Yamada @@ -26,4 +26,11 @@ Configuration for my home server ### Services -**WIP** +**Still a WIP** + +Name | Type | Public-facing +:-: | :-: | :-: +Nginx | Web server and reverse proxy | x +PostgreSQL | Database engine +Forgejo | Git repository | x + diff --git a/flake.nix b/flake.nix index 7677e27..4e27af9 100644 --- a/flake.nix +++ b/flake.nix @@ -24,7 +24,6 @@ modules = [ ./common/nixos.nix ./hosts/totsugeki/nixos.nix - ./hosts/greatyamada/services/forgejo.nix home-manager.nixosModules.home-manager sops-nix.nixosModules.sops { diff --git a/hosts/greatyamada/nixos.nix b/hosts/greatyamada/nixos.nix index f6ddc59..690e36c 100644 --- a/hosts/greatyamada/nixos.nix +++ b/hosts/greatyamada/nixos.nix @@ -40,5 +40,11 @@ useDHCP = lib.mkDefault false; }; + sops = { + defaultSopsFile = "/etc/nixos/secrets/greatyamada.yaml"; + # TODO: change key path + age.keyFile = "/home/avery/.config/sops/age/keys.txt"; + }; + time.timeZone = "UTC"; } diff --git a/hosts/greatyamada/services/default.nix b/hosts/greatyamada/services/default.nix index e69de29..9aaf87a 100644 --- a/hosts/greatyamada/services/default.nix +++ b/hosts/greatyamada/services/default.nix @@ -0,0 +1 @@ +{ ... }: { imports = [ ./nginx.nix ./forgejo.nix ]; } diff --git a/hosts/greatyamada/services/forgejo.nix b/hosts/greatyamada/services/forgejo.nix index 692145f..79ef926 100644 --- a/hosts/greatyamada/services/forgejo.nix +++ b/hosts/greatyamada/services/forgejo.nix @@ -23,6 +23,10 @@ in { LFS_JWT_SECRET = ""; LFS_JWT_SECRET_URI = "file://${forgejoConfigPath}/lfs_jwt_secret"; }; + database = { + type = "postgres"; + passwordFile = "${forgejoConfigPath}/database_password"; + }; security = { INSTALL_LOCK = true; INTERNAL_TOKEN = lib.mkForce ""; @@ -49,6 +53,7 @@ in { ${pkgs.forgejo}/bin/gitea migrate ''; sops.secrets = arrayToSecrets [ + "database_password" "internal_token" "lfs_jwt_secret" "oauth2_jwt_secret"