Add and configure new Git server using Forgejo

2024-01-14 23:19:41 +01:00 · 2024-01-14 23:19:41 +01:00 · ec5430ee34
commit ec5430ee34
parent 26132b1526
7 changed files with 182 additions and 0 deletions
--- a/config/hosts/git/nginx.nix
+++ b/config/hosts/git/nginx.nix
@ -0,0 +1,41 @@
+# Sources for this configuration:
+# - https://forgejo.org/docs/latest/admin/reverse-proxy/
+
+{ config, pkgs, ... }:
+
+{
+  services.nginx = {
+    enable = true;
+
+    virtualHosts."git.hamburg.ccc.de" = {
+      default = true;
+      forceSSL = true;
+      enableACME = true;
+
+      listen = [
+        {
+          addr = "0.0.0.0";
+          port = 80;
+        }
+        {
+          addr = "0.0.0.0";
+          port = 443;
+          ssl = true;
+        }
+      ];
+
+      locations."/" = {
+        proxyPass = "${config.services.forgejo.settings.server.PROTOCOL}://${config.services.forgejo.settings.server.HTTP_ADDR}:${builtins.toString config.services.forgejo.settings.server.HTTP_PORT}";
+      };
+
+      # Disallow crawling archives to save disk space.
+      # See: https://forgejo.org/docs/latest/admin/search-engines-indexation/
+      locations."/robots.txt" = {
+        return = "200 \"User-agent: *\\nDisallow: /*/*/archive/\\n\"";
+      };
+    };
+  };
+
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  networking.firewall.allowedUDPPorts = [ 443 ];
+}