{ config , pkgs , lib , ... }: let cfg = config.dadada.gitea; in { options.dadada.gitea = { enable = lib.mkEnableOption "Enable gitea"; }; config = lib.mkIf cfg.enable { services.gitea = { enable = true; appName = "dadada Gitea"; database = { type = "postgres"; }; settings = { service = { DISABLE_REGISTRATION = true; }; sessions = { COOKIE_SECURE = true; }; server = { ROOT_URL = "https://git.dadada.li/"; PROTOCOL = "http+unix"; LANDING_PAGE = "explore"; OFFLINE_MODE = true; DISABLE_SSH = false; DOMAIN = "git.dadada.li"; }; picture = { DISABLE_GRAVATAR = true; REPOSITORY_AVATAR_FALLBACK = "random"; ENABLE_FEDERATED_AVATAR = false; }; other = { SHOW_FOOTER_BRANDING = false; SHOW_FOOTER_VERSION = false; SHOW_FOOTER_TEMPLATE_LOAD_TIME = false; }; log = { DISABLE_ROUTER_LOG = true; LEVEL = "Error"; }; cache = { ENABLE = true; ADAPTER = "redis"; HOST = "network=unix,addr=${config.services.redis.servers.gitea.unixSocket},db=0,pool_size=100,idle_timeout=180"; }; }; }; services.redis = { servers.gitea = { enable = true; user = config.services.gitea.user; }; vmOverCommit = true; }; services.nginx.virtualHosts."git.${config.networking.domain}" = { enableACME = true; forceSSL = true; locations."/".extraConfig = '' proxy_pass http://unix:/run/gitea/gitea.sock:/; ''; }; }; }