feat: setup gitea database secret
This commit is contained in:
parent
310eb89618
commit
76e6a1d9cc
|
@ -22,7 +22,7 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = { nixpkgs, flake-utils, agenix, home-manager, webcord, ... }@inputs:
|
outputs = { nixpkgs, flake-utils, agenix, home-manager, webcord, ... }:
|
||||||
|
|
||||||
# Provide colmena
|
# Provide colmena
|
||||||
(flake-utils.lib.eachDefaultSystem (system:
|
(flake-utils.lib.eachDefaultSystem (system:
|
||||||
|
@ -33,7 +33,7 @@
|
||||||
pkgs.colmena
|
pkgs.colmena
|
||||||
pkgs.nixfmt
|
pkgs.nixfmt
|
||||||
pkgs.git
|
pkgs.git
|
||||||
inputs.agenix.packages.${system}.ragenix
|
agenix.packages.${system}.ragenix
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
})) // {
|
})) // {
|
||||||
|
|
|
@ -144,12 +144,22 @@
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [ htop ];
|
environment.systemPackages = with pkgs; [ htop ];
|
||||||
|
|
||||||
|
age.secrets.gitea = {
|
||||||
|
file = ../../secrets/gitea.age;
|
||||||
|
owner = "gitea";
|
||||||
|
group = "gitea";
|
||||||
|
};
|
||||||
|
age.identityPaths = [ "/root/.ssh/id_ed25519" ];
|
||||||
|
|
||||||
services.gitea = {
|
services.gitea = {
|
||||||
enable = true;
|
enable = true;
|
||||||
domain = "git.fainsin.bzh";
|
domain = "git.fainsin.bzh";
|
||||||
rootUrl = "https://git.fainsin.bzh";
|
rootUrl = "https://git.fainsin.bzh";
|
||||||
lfs.enable = true;
|
lfs.enable = true;
|
||||||
database.type = "postgres";
|
database = {
|
||||||
|
type = "postgres";
|
||||||
|
passwordFile = config.age.secrets.gitea.path;
|
||||||
|
};
|
||||||
settings = {
|
settings = {
|
||||||
service = {
|
service = {
|
||||||
"DEFAULT_KEEP_EMAIL_PRIVATE" = true;
|
"DEFAULT_KEEP_EMAIL_PRIVATE" = true;
|
||||||
|
|
Loading…
Reference in a new issue