jan-leila/nix-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

fixed forgejo ssh

Browse source
This commit is contained in:
Leyla Becker 2025-03-14 19:49:11 -05:00
parent 34dce8d9d1
commit 44d6b4827d
2 changed files with 41 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
modules/nixos-modules/server/forgejo.nix
View file

@ -33,7 +33,8 @@ in {
}; };
}; };
services.forgejo = { services = {
forgejo = {
enable = true; enable = true;
database = { database = {
type = "postgres"; type = "postgres";
@ -47,9 +48,8 @@ in {
START_SSH_SERVER = true; START_SSH_SERVER = true;
SSH_LISTEN_PORT = sshPort; SSH_LISTEN_PORT = sshPort;
SSH_PORT = 22; SSH_PORT = 22;
# TODO: we need to create this user, and then store their authorized keys somewhere and have both ssh server allow login in as that user based on those authorized keys BUILTIN_SSH_SERVER_USER = config.users.users.git.name;
BUILTIN_SSH_SERVER_USER = "git"; ROOT_URL = "https://git.jan-leila.com";
ROOT_URL = "https://git.jan-leila.com:";
}; };
service = { service = {
DISABLE_REGISTRATION = true; DISABLE_REGISTRATION = true;
@ -61,6 +61,7 @@ in {
}; };
}; };
}; };
};
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
config.services.forgejo.settings.server.SSH_LISTEN_PORT config.services.forgejo.settings.server.SSH_LISTEN_PORT

32
modules/nixos-modules/users.nix
View file

@ -20,9 +20,9 @@
adguardhome = 2003; adguardhome = 2003;
hass = 2004; hass = 2004;
headscale = 2005; headscale = 2005;
nextcloud = 2006;
syncthing = 2007; syncthing = 2007;
ollama = 2008; ollama = 2008;
git = 2009;
}; };
gids = { gids = {
@ -35,9 +35,9 @@
adguardhome = 2003; adguardhome = 2003;
hass = 2004; hass = 2004;
headscale = 2005; headscale = 2005;
nextcloud = 2006;
syncthing = 2007; syncthing = 2007;
ollama = 2008; ollama = 2008;
git = 2009;
}; };
users = config.users.users; users = config.users.users;
@ -141,12 +141,6 @@ in {
group = config.users.users.headscale.name; group = config.users.users.headscale.name;
}; };
nextcloud = {
uid = lib.mkForce uids.nextcloud;
isSystemUser = true;
group = config.users.users.nextcloud.name;
};
syncthing = { syncthing = {
uid = lib.mkForce uids.syncthing; uid = lib.mkForce uids.syncthing;
isSystemUser = true; isSystemUser = true;
@ -158,6 +152,13 @@ in {
isSystemUser = true; isSystemUser = true;
group = config.users.users.ollama.name; group = config.users.users.ollama.name;
}; };
git = {
uid = lib.mkForce uids.git;
isSystemUser = !config.services.forgejo.enable;
isNormalUser = config.services.forgejo.enable;
group = config.users.users.git.name;
};
}; };
groups = { groups = {
@ -232,14 +233,6 @@ in {
]; ];
}; };
nextcloud = {
gid = lib.mkForce gids.nextcloud;
members = [
users.nextcloud.name
# leyla
];
};
syncthing = { syncthing = {
gid = lib.mkForce gids.syncthing; gid = lib.mkForce gids.syncthing;
members = [ members = [
@ -255,6 +248,13 @@ in {
users.ollama.name users.ollama.name
]; ];
}; };
git = {
gid = lib.mkForce gids.git;
members = [
users.git.name
];
};
}; };
}; };
} }