Merge pull request #173669 from SuperSandro2000/gitea
This commit is contained in:
commit
df97735064
|
@ -10,6 +10,7 @@ let
|
||||||
useMysql = cfg.database.type == "mysql";
|
useMysql = cfg.database.type == "mysql";
|
||||||
usePostgresql = cfg.database.type == "postgres";
|
usePostgresql = cfg.database.type == "postgres";
|
||||||
useSqlite = cfg.database.type == "sqlite3";
|
useSqlite = cfg.database.type == "sqlite3";
|
||||||
|
format = pkgs.formats.ini { };
|
||||||
configFile = pkgs.writeText "app.ini" ''
|
configFile = pkgs.writeText "app.ini" ''
|
||||||
APP_NAME = ${cfg.appName}
|
APP_NAME = ${cfg.appName}
|
||||||
RUN_USER = ${cfg.user}
|
RUN_USER = ${cfg.user}
|
||||||
|
@ -22,6 +23,16 @@ let
|
||||||
in
|
in
|
||||||
|
|
||||||
{
|
{
|
||||||
|
imports = [
|
||||||
|
(mkRenamedOptionModule [ "services" "gitea" "cookieSecure" ] [ "services" "gitea" "settings" "session" "COOKIE_SECURE" ])
|
||||||
|
(mkRenamedOptionModule [ "services" "gitea" "disableRegistration" ] [ "services" "gitea" "settings" "service" "DISABLE_REGISTRATION" ])
|
||||||
|
(mkRenamedOptionModule [ "services" "gitea" "log" "level" ] [ "services" "gitea" "settings" "log" "LEVEL" ])
|
||||||
|
(mkRenamedOptionModule [ "services" "gitea" "log" "rootPath" ] [ "services" "gitea" "settings" "log" "ROOT_PATH" ])
|
||||||
|
(mkRenamedOptionModule [ "services" "gitea" "ssh" "clonePort" ] [ "services" "gitea" "settings" "server" "SSH_PORT" ])
|
||||||
|
|
||||||
|
(mkRemovedOptionModule [ "services" "gitea" "ssh" "enable" ] "services.gitea.ssh.enable has been migrated into freeform setting services.gitea.settings.server.DISABLE_SSH. Keep in mind that the setting is inverted")
|
||||||
|
];
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
services.gitea = {
|
services.gitea = {
|
||||||
enable = mkOption {
|
enable = mkOption {
|
||||||
|
@ -49,20 +60,6 @@ in
|
||||||
description = lib.mdDoc "gitea data directory.";
|
description = lib.mdDoc "gitea data directory.";
|
||||||
};
|
};
|
||||||
|
|
||||||
log = {
|
|
||||||
rootPath = mkOption {
|
|
||||||
default = "${cfg.stateDir}/log";
|
|
||||||
defaultText = literalExpression ''"''${config.${opt.stateDir}}/log"'';
|
|
||||||
type = types.str;
|
|
||||||
description = lib.mdDoc "Root path for log files.";
|
|
||||||
};
|
|
||||||
level = mkOption {
|
|
||||||
default = "Info";
|
|
||||||
type = types.enum [ "Trace" "Debug" "Info" "Warn" "Error" "Critical" ];
|
|
||||||
description = lib.mdDoc "General log level.";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
user = mkOption {
|
user = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "gitea";
|
default = "gitea";
|
||||||
|
@ -85,7 +82,7 @@ in
|
||||||
|
|
||||||
port = mkOption {
|
port = mkOption {
|
||||||
type = types.port;
|
type = types.port;
|
||||||
default = (if !usePostgresql then 3306 else pg.port);
|
default = if !usePostgresql then 3306 else pg.port;
|
||||||
defaultText = literalExpression ''
|
defaultText = literalExpression ''
|
||||||
if config.${opt.database.type} != "postgresql"
|
if config.${opt.database.type} != "postgresql"
|
||||||
then 3306
|
then 3306
|
||||||
|
@ -192,25 +189,6 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
ssh = {
|
|
||||||
enable = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = true;
|
|
||||||
description = lib.mdDoc "Enable external SSH feature.";
|
|
||||||
};
|
|
||||||
|
|
||||||
clonePort = mkOption {
|
|
||||||
type = types.int;
|
|
||||||
default = 22;
|
|
||||||
example = 2222;
|
|
||||||
description = lib.mdDoc ''
|
|
||||||
SSH port displayed in clone URL.
|
|
||||||
The option is required to configure a service when the external visible port
|
|
||||||
differs from the local listening port i.e. if port forwarding is used.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
lfs = {
|
lfs = {
|
||||||
enable = mkOption {
|
enable = mkOption {
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
|
@ -269,15 +247,6 @@ in
|
||||||
description = lib.mdDoc "Configure Gitea to listen on a unix socket instead of the default TCP port.";
|
description = lib.mdDoc "Configure Gitea to listen on a unix socket instead of the default TCP port.";
|
||||||
};
|
};
|
||||||
|
|
||||||
cookieSecure = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = false;
|
|
||||||
description = lib.mdDoc ''
|
|
||||||
Marks session cookies as "secure" as a hint for browsers to only send
|
|
||||||
them via HTTPS. This option is recommend, if gitea is being served over HTTPS.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
staticRootPath = mkOption {
|
staticRootPath = mkOption {
|
||||||
type = types.either types.str types.path;
|
type = types.either types.str types.path;
|
||||||
default = gitea.data;
|
default = gitea.data;
|
||||||
|
@ -293,20 +262,7 @@ in
|
||||||
description = lib.mdDoc "Path to a file containing the SMTP password.";
|
description = lib.mdDoc "Path to a file containing the SMTP password.";
|
||||||
};
|
};
|
||||||
|
|
||||||
disableRegistration = mkEnableOption "the registration lock" // {
|
|
||||||
description = ''
|
|
||||||
By default any user can create an account on this <literal>gitea</literal> instance.
|
|
||||||
This can be disabled by using this option.
|
|
||||||
|
|
||||||
<emphasis>Note:</emphasis> please keep in mind that this should be added after the initial
|
|
||||||
deploy unless <link linkend="opt-services.gitea.useWizard">services.gitea.useWizard</link>
|
|
||||||
is <literal>true</literal> as the first registered user will be the administrator if
|
|
||||||
no install wizard is used.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
settings = mkOption {
|
settings = mkOption {
|
||||||
type = with types; attrsOf (attrsOf (oneOf [ bool int str ]));
|
|
||||||
default = {};
|
default = {};
|
||||||
description = lib.mdDoc ''
|
description = lib.mdDoc ''
|
||||||
Gitea configuration. Refer to <https://docs.gitea.io/en-us/config-cheat-sheet/>
|
Gitea configuration. Refer to <https://docs.gitea.io/en-us/config-cheat-sheet/>
|
||||||
|
@ -330,6 +286,68 @@ in
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
|
type = with types; submodule {
|
||||||
|
freeformType = format.type;
|
||||||
|
options = {
|
||||||
|
log = {
|
||||||
|
ROOT_PATH = mkOption {
|
||||||
|
default = "${cfg.stateDir}/log";
|
||||||
|
defaultText = literalExpression ''"''${config.${opt.stateDir}}/log"'';
|
||||||
|
type = types.str;
|
||||||
|
description = "Root path for log files.";
|
||||||
|
};
|
||||||
|
LEVEL = mkOption {
|
||||||
|
default = "Info";
|
||||||
|
type = types.enum [ "Trace" "Debug" "Info" "Warn" "Error" "Critical" ];
|
||||||
|
description = "General log level.";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
server = {
|
||||||
|
DISABLE_SSH = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
description = "Disable external SSH feature.";
|
||||||
|
};
|
||||||
|
|
||||||
|
SSH_PORT = mkOption {
|
||||||
|
type = types.int;
|
||||||
|
default = 22;
|
||||||
|
example = 2222;
|
||||||
|
description = ''
|
||||||
|
SSH port displayed in clone URL.
|
||||||
|
The option is required to configure a service when the external visible port
|
||||||
|
differs from the local listening port i.e. if port forwarding is used.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
service = {
|
||||||
|
DISABLE_REGISTRATION = mkEnableOption "the registration lock" // {
|
||||||
|
description = ''
|
||||||
|
By default any user can create an account on this <literal>gitea</literal> instance.
|
||||||
|
This can be disabled by using this option.
|
||||||
|
|
||||||
|
<emphasis>Note:</emphasis> please keep in mind that this should be added after the initial
|
||||||
|
deploy unless <link linkend="opt-services.gitea.useWizard">services.gitea.useWizard</link>
|
||||||
|
is <literal>true</literal> as the first registered user will be the administrator if
|
||||||
|
no install wizard is used.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
session = {
|
||||||
|
COOKIE_SECURE = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
description = ''
|
||||||
|
Marks session cookies as "secure" as a hint for browsers to only send
|
||||||
|
them via HTTPS. This option is recommend, if gitea is being served over HTTPS.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
extraConfig = mkOption {
|
extraConfig = mkOption {
|
||||||
|
@ -385,13 +403,6 @@ in
|
||||||
HTTP_ADDR = cfg.httpAddress;
|
HTTP_ADDR = cfg.httpAddress;
|
||||||
HTTP_PORT = cfg.httpPort;
|
HTTP_PORT = cfg.httpPort;
|
||||||
})
|
})
|
||||||
(mkIf cfg.ssh.enable {
|
|
||||||
DISABLE_SSH = false;
|
|
||||||
SSH_PORT = cfg.ssh.clonePort;
|
|
||||||
})
|
|
||||||
(mkIf (!cfg.ssh.enable) {
|
|
||||||
DISABLE_SSH = true;
|
|
||||||
})
|
|
||||||
(mkIf cfg.lfs.enable {
|
(mkIf cfg.lfs.enable {
|
||||||
LFS_START_SERVER = true;
|
LFS_START_SERVER = true;
|
||||||
LFS_CONTENT_PATH = cfg.lfs.contentDir;
|
LFS_CONTENT_PATH = cfg.lfs.contentDir;
|
||||||
|
@ -400,8 +411,7 @@ in
|
||||||
];
|
];
|
||||||
|
|
||||||
session = {
|
session = {
|
||||||
COOKIE_NAME = "session";
|
COOKIE_NAME = lib.mkDefault "session";
|
||||||
COOKIE_SECURE = cfg.cookieSecure;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
security = {
|
security = {
|
||||||
|
@ -410,15 +420,6 @@ in
|
||||||
INSTALL_LOCK = true;
|
INSTALL_LOCK = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
log = {
|
|
||||||
ROOT_PATH = cfg.log.rootPath;
|
|
||||||
LEVEL = cfg.log.level;
|
|
||||||
};
|
|
||||||
|
|
||||||
service = {
|
|
||||||
DISABLE_REGISTRATION = cfg.disableRegistration;
|
|
||||||
};
|
|
||||||
|
|
||||||
mailer = mkIf (cfg.mailerPasswordFile != null) {
|
mailer = mkIf (cfg.mailerPasswordFile != null) {
|
||||||
PASSWD = "#mailerpass#";
|
PASSWD = "#mailerpass#";
|
||||||
};
|
};
|
||||||
|
@ -502,7 +503,7 @@ in
|
||||||
replaceSecretBin = "${pkgs.replace-secret}/bin/replace-secret";
|
replaceSecretBin = "${pkgs.replace-secret}/bin/replace-secret";
|
||||||
in ''
|
in ''
|
||||||
# copy custom configuration and generate a random secret key if needed
|
# copy custom configuration and generate a random secret key if needed
|
||||||
${optionalString (cfg.useWizard == false) ''
|
${optionalString (!cfg.useWizard) ''
|
||||||
function gitea_setup {
|
function gitea_setup {
|
||||||
cp -f ${configFile} ${runConfig}
|
cp -f ${configFile} ${runConfig}
|
||||||
|
|
||||||
|
@ -622,10 +623,10 @@ in
|
||||||
|
|
||||||
# Create database passwordFile default when password is configured.
|
# Create database passwordFile default when password is configured.
|
||||||
services.gitea.database.passwordFile =
|
services.gitea.database.passwordFile =
|
||||||
(mkDefault (toString (pkgs.writeTextFile {
|
mkDefault (toString (pkgs.writeTextFile {
|
||||||
name = "gitea-database-password";
|
name = "gitea-database-password";
|
||||||
text = cfg.database.password;
|
text = cfg.database.password;
|
||||||
})));
|
}));
|
||||||
|
|
||||||
systemd.services.gitea-dump = mkIf cfg.dump.enable {
|
systemd.services.gitea-dump = mkIf cfg.dump.enable {
|
||||||
description = "gitea dump";
|
description = "gitea dump";
|
||||||
|
|
Loading…
Reference in a new issue