# Sources for this configuration: # - https://forgejo.org/ # - https://forgejo.org/docs/latest/ # - https://forgejo.org/docs/latest/admin/database-preparation/ # - https://forgejo.org/docs/latest/admin/config-cheat-sheet/ # - https://forgejo.org/docs/latest/admin/recommendations/ # - https://codeberg.org/forgejo/forgejo/src/branch/forgejo/docs/content/administration/reverse-proxies.en-us.md # - https://forgejo.org/docs/latest/admin/email-setup/ { ... }: { services.forgejo = { enable = true; database.type = "postgres"; mailerPasswordFile = "/secrets/forgejo-git-smtp-password.secret"; settings = { DEFAULT = { APP_NAME = "CCCHH Git"; }; server = { DOMAIN = "git.hamburg.ccc.de"; PROTOCOL = "http"; HTTP_ADDR = "127.0.0.1"; HTTP_PORT = 3000; ROOT_URL = "https://git.hamburg.ccc.de/"; # LOCAL_ROOT_URL is apparently what Forgejo uses to access itself. # Doesn't need to be set. }; admin = { DISABLE_REGULAR_ORG_CREATION = false; }; session = { COOKIE_SECURE = true; }; "ui.meta" = { AUTHOR = "CCCHH Git"; DESCRIPTION = "Git instance of the CCCHH."; KEYWORDS = "git,forge,forgejo,ccchh"; }; service = { ALLOW_ONLY_EXTERNAL_REGISTRATION = true; DEFAULT_USER_VISIBILITY = "limited"; DEFAULT_KEEP_EMAIL_PRIVATE = true; }; mailer = { ENABLED = true; FROM = "no-reply@git.hamburg.ccc.de"; PROTOCOL = "smtps"; SMTP_ADDR = "cow.hamburg.ccc.de"; SMTP_PORT = 465; USER = "no-reply@git.hamburg.ccc.de"; }; cache = { ENABLED = true; ADAPTER = "redis"; HOST = "redis+socket:///run/redis-forgejo/redis.sock"; }; }; }; deployment.keys = { "forgejo-git-smtp-password.secret" = { keyCommand = [ "pass" "noc/vm-secrets/chaosknoten/git/smtp_password" ]; destDir = "/secrets"; user = "forgejo"; group = "forgejo"; permissions = "0640"; uploadAt = "pre-activation"; }; }; }