jan-leila/nix-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

fixed forgejo ssh

Browse source
This commit is contained in:
Leyla Becker 2025-03-14 19:49:11 -05:00
parent 34dce8d9d1
commit 44d6b4827d
2 changed files with 41 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
modules/nixos-modules/server/forgejo.nix
View file

@ -33,31 +33,32 @@ in {
}; };
}; };
services.forgejo = { services = {
enable = true; forgejo = {
database = { enable = true;
type = "postgres";
socket = "/run/postgresql";
};
lfs.enable = true;
settings = {
server = {
DOMAIN = "${config.host.forgejo.subdomain}.${config.host.reverse_proxy.hostname}";
HTTP_PORT = forgejoPort;
START_SSH_SERVER = true;
SSH_LISTEN_PORT = sshPort;
SSH_PORT = 22;
# TODO: we need to create this user, and then store their authorized keys somewhere and have both ssh server allow login in as that user based on those authorized keys
BUILTIN_SSH_SERVER_USER = "git";
ROOT_URL = "https://git.jan-leila.com:";
};
service = {
DISABLE_REGISTRATION = true;
};
database = { database = {
DB_TYPE = "postgres"; type = "postgres";
NAME = db_user; socket = "/run/postgresql";
USER = db_user; };
lfs.enable = true;
settings = {
server = {
DOMAIN = "${config.host.forgejo.subdomain}.${config.host.reverse_proxy.hostname}";
HTTP_PORT = forgejoPort;
START_SSH_SERVER = true;
SSH_LISTEN_PORT = sshPort;
SSH_PORT = 22;
BUILTIN_SSH_SERVER_USER = config.users.users.git.name;
ROOT_URL = "https://git.jan-leila.com";
};
service = {
DISABLE_REGISTRATION = true;
};
database = {
DB_TYPE = "postgres";
NAME = db_user;
USER = db_user;
};
}; };
}; };
}; };

32
modules/nixos-modules/users.nix
View file

@ -20,9 +20,9 @@
adguardhome = 2003; adguardhome = 2003;
hass = 2004; hass = 2004;
headscale = 2005; headscale = 2005;
nextcloud = 2006;
syncthing = 2007; syncthing = 2007;
ollama = 2008; ollama = 2008;
git = 2009;
}; };
gids = { gids = {
@ -35,9 +35,9 @@
adguardhome = 2003; adguardhome = 2003;
hass = 2004; hass = 2004;
headscale = 2005; headscale = 2005;
nextcloud = 2006;
syncthing = 2007; syncthing = 2007;
ollama = 2008; ollama = 2008;
git = 2009;
}; };
users = config.users.users; users = config.users.users;
@ -141,12 +141,6 @@ in {
group = config.users.users.headscale.name; group = config.users.users.headscale.name;
}; };
nextcloud = {
uid = lib.mkForce uids.nextcloud;
isSystemUser = true;
group = config.users.users.nextcloud.name;
};
syncthing = { syncthing = {
uid = lib.mkForce uids.syncthing; uid = lib.mkForce uids.syncthing;
isSystemUser = true; isSystemUser = true;
@ -158,6 +152,13 @@ in {
isSystemUser = true; isSystemUser = true;
group = config.users.users.ollama.name; group = config.users.users.ollama.name;
}; };
git = {
uid = lib.mkForce uids.git;
isSystemUser = !config.services.forgejo.enable;
isNormalUser = config.services.forgejo.enable;
group = config.users.users.git.name;
};
}; };
groups = { groups = {
@ -232,14 +233,6 @@ in {
]; ];
}; };
nextcloud = {
gid = lib.mkForce gids.nextcloud;
members = [
users.nextcloud.name
# leyla
];
};
syncthing = { syncthing = {
gid = lib.mkForce gids.syncthing; gid = lib.mkForce gids.syncthing;
members = [ members = [
@ -255,6 +248,13 @@ in {
users.ollama.name users.ollama.name
]; ];
}; };
git = {
gid = lib.mkForce gids.git;
members = [
users.git.name
];
};
}; };
}; };
} }