pub-solar/infra
6
1
Fork 3
Code Issues 16 Pull requests 7 Actions Packages Projects 1 Releases Wiki Activity

forgejo: allow webhooks to all pub.solar subdomains
Some checks failed
Flake checks / Check (pull_request) Failing after 1m54s
Details

Browse source 
This should fix the following error that was occuring while trying to post
notices to matrix channels:

```
Delivery: Put "https://matrix.pub.solar/_matrix/client/r0/rooms/[...]": dial tcp [::1]:443: webhook can only call allowed HTTP servers (check your webhook.ALLOWED_HOST_LIST setting), deny 'matrix.pub.solar([::1]:443)'
```
This commit is contained in:
Benjamin Bädorf 2023-12-08 17:09:32 +01:00
parent a3ce107c73
commit 97a592a53e
No known key found for this signature in database
GPG key ID: 1B7BF5B77A521346
1 changed files with 22 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
hosts/nachtigall/apps/forgejo.nix
View file

@ -51,7 +51,9 @@
HTTP_ADDR = "127.0.0.1";
HTTP_PORT = 3000;
};
log.LEVEL = "Warn";
mailer = {
ENABLED = true;
PROTOCOL = "smtps";
@ -60,14 +62,17 @@
FROM = ''"pub.solar git server" <forgejo@pub.solar>'';
USER = "admins@pub.solar";
};
"repository.signing" = {
SIGNING_KEY = "default";
MERGES = "always";
};
openid = {
ENABLE_OPENID_SIGNIN = true;
ENABLE_OPENID_SIGNUP = true;
};
service = {
# uncomment after initial deployment, first user is admin user
# required to setup SSO (oauth openid-connect, keycloak auth provider)
@ -75,15 +80,28 @@
ENABLE_NOTIFY_MAIL = true;
DEFAULT_KEEP_EMAIL_PRIVATE = true;
};
session = {
PROVIDER = "db";
COOKIE_SECURE = lib.mkForce true;
};
# https://forgejo.org/docs/latest/admin/config-cheat-sheet/#webhook-webhook
webhook = {
ALLOWED_HOST_LIST = [
"loopback"
"external"
"*.pub.solar"
];
};
# See https://forgejo.org/docs/latest/admin/actions/
actions.ENABLED = true;
# In an actions workflow, when uses: does not specify an absolute URL,
# the value of DEFAULT_ACTIONS_URL is prepended to it.
actions.DEFAULT_ACTIONS_URL = "https://code.forgejo.org";
actions = {
ENABLED = true;
# In an actions workflow, when uses: does not specify an absolute URL,
# the value of DEFAULT_ACTIONS_URL is prepended to it.
DEFAULT_ACTIONS_URL = "https://code.forgejo.org";
};
};
};