{ config, pkgs, lib, ... }: let theme = pkgs.fetchzip { url = "https://github.com/catppuccin/gitea/releases/download/v1.0.1/catppuccin-gitea.tar.gz"; hash = "sha256-et5luA3SI7iOcEIQ3CVIu0+eiLs8C/8mOitYlWQa/uI="; stripRoot = false; }; in { systemd.services = { forgejo = { preStart = let inherit (config.services.forgejo) stateDir; in lib.mkAfter '' rm -rf ${stateDir}/custom/public/assets mkdir -p ${stateDir}/custom/public/assets ln -sf ${theme} ${stateDir}/custom/public/assets/css ''; }; }; services.forgejo = { # TODO migrate to Postgres enable = true; package = pkgs.forgejo; settings = { DEFAULT = { RUN_MODE = "prod"; # set to prod for better logs (worse performance) APP_NAME = "git.aciceri.dev"; }; service.ENABLE_NOTIFY_MAIL = true; session.COOKIE_SECURE = true; service.DISABLE_REGISTRATION = true; server = { HTTP_PORT = 3002; ROOT_URL = "https://git.aciceri.dev"; }; federation.ENABLED = true; mailer = { ENABLED = true; PROTOCOL = "smtp+starttls"; SMTP_ADDR = "smtp.autistici.org"; SMTP_PORT = 587; FROM = "andrea.ciceri@autistici.org"; USER = "andrea.ciceri@autistici.org"; }; other = { SHOW_FOOTER_VERSION = false; }; ui = { DEFAULT_THEME = "catppuccin-mocha-blue"; THEMES = builtins.concatStringsSep "," ( [ "auto,forgejo-auto,forgejo-dark,forgejo-light,arc-gree,gitea" ] ++ (map (name: lib.removePrefix "theme-" (lib.removeSuffix ".css" name)) ( builtins.attrNames (builtins.readDir theme) )) ); }; "ui.meta" = { AUTHOR = "Andrea Ciceri"; DESCRIPTION = "My personal git forge"; KEYWORDS = "git,self-hosted,forgejo,open-source,nix,nixos"; }; }; secrets.mailer.PASSWD = config.age.secrets.autistici-password.path; dump.enable = true; }; environment.persistence."/persist".directories = [ config.services.forgejo.stateDir ]; imports = [ ../nginx-base ]; services.nginx.virtualHosts = { "git.aciceri.dev" = { enableACME = true; forceSSL = true; locations."/".proxyPass = "http://127.0.0.1:${builtins.toString config.services.forgejo.settings.server.HTTP_PORT}"; }; }; }