renge/forgejo: Migrate from gitea

This commit is contained in:
Simon Bruder 2023-12-10 15:36:11 +01:00
parent 496f0debf6
commit 8e1b76e663
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC
4 changed files with 19 additions and 16 deletions

View file

@ -9,7 +9,7 @@
./services/buchborgen.nix ./services/buchborgen.nix
./services/coturn.nix ./services/coturn.nix
./services/element-web.nix ./services/element-web.nix
./services/gitea.nix ./services/forgejo.nix
./services/grafana.nix ./services/grafana.nix
./services/hedgedoc.nix ./services/hedgedoc.nix
./services/invidious ./services/invidious

View file

@ -1,4 +1,4 @@
gitea-mail: ENC[AES256_GCM,data:593Ks8r3W6i7oTsTu7d9NUQpeX64l2bU9/fo6jYHkPU=,iv:NLPh2B85CWmr9n8mbB/XrprG8kfu9AR3v8PqjgEsIjQ=,tag:q2fPoOtuFrEmXIe7Rvfj2Q==,type:str] forgejo-mail: ENC[AES256_GCM,data:ZKVLM8moaNrp+S01EQFmaA/kXTP1lVOZp6u/NlkKCs8=,iv:s0rQPvFc9WoSI0XvmNFHDk48TvoCyug6ghKSWbtn2AM=,tag:Ym7PurXLFshGhW79ZLthRA==,type:str]
go-neb-overrides: ENC[AES256_GCM,data:nogN8wqu5U1BXIAZwgKpTFbOvt18lVu/slJiimz0eJXi2UODokkHhCePGmiqaf+O7YUF7TQBriAas0MtwsDpE8MJIM2Y6rI4padW82WUjbUfiYNkqX04w7PO0uLPqApSjKVg6EoVi9Bta/03qBKQovvOnY/nDfuk81rQ3BgNnsuQn7vuNMx0UlsrN+sOryufz5214decJuAbTreMEWE1+9KBPgu2bxtaPrE4Wns5pSDYK6EjmFabe4xufIBxO5F36KzVmUojx2ZBiybYJr+LAy6xhMFE/SLqOClYn4bo7B8yt5v6zamrVTsyliqgs7m8NkJ3v3IkfCXStXgf+niWodKOfpOjEXNEOmV7FeNQurBvGX7cNeRz6wIw/gly/v2VRVz0trZ+A1pFXfmUYyj/yjfQRB7YSt694rgzo3IoDzqEuz28X7hrqdxERSUwnwh8ZdAClnjz3C6gcPHky4iZeLmB59xq/7FZN3wrpBwjNR3VCVFQh4KE3beqKJYEbNquA+NX7JJ1rlmBciIsBtFg4T4ItHr5HsY=,iv:ivOY92kz7Ibtog1drbWYZmcimYJYdCwzxFh2bWSmQx4=,tag:aaz7Kjv2YQqvdm6WGWvuRg==,type:str] go-neb-overrides: ENC[AES256_GCM,data:nogN8wqu5U1BXIAZwgKpTFbOvt18lVu/slJiimz0eJXi2UODokkHhCePGmiqaf+O7YUF7TQBriAas0MtwsDpE8MJIM2Y6rI4padW82WUjbUfiYNkqX04w7PO0uLPqApSjKVg6EoVi9Bta/03qBKQovvOnY/nDfuk81rQ3BgNnsuQn7vuNMx0UlsrN+sOryufz5214decJuAbTreMEWE1+9KBPgu2bxtaPrE4Wns5pSDYK6EjmFabe4xufIBxO5F36KzVmUojx2ZBiybYJr+LAy6xhMFE/SLqOClYn4bo7B8yt5v6zamrVTsyliqgs7m8NkJ3v3IkfCXStXgf+niWodKOfpOjEXNEOmV7FeNQurBvGX7cNeRz6wIw/gly/v2VRVz0trZ+A1pFXfmUYyj/yjfQRB7YSt694rgzo3IoDzqEuz28X7hrqdxERSUwnwh8ZdAClnjz3C6gcPHky4iZeLmB59xq/7FZN3wrpBwjNR3VCVFQh4KE3beqKJYEbNquA+NX7JJ1rlmBciIsBtFg4T4ItHr5HsY=,iv:ivOY92kz7Ibtog1drbWYZmcimYJYdCwzxFh2bWSmQx4=,tag:aaz7Kjv2YQqvdm6WGWvuRg==,type:str]
hcloud_exporter-environment: ENC[AES256_GCM,data:EtGDTr7bnQeHAx1TjzmMSGFaiuZM7AzGIyDiXhfd2V9mVF7ebuaWnMw3ioN4gbvXT5rrxkFr2xNj6IoVl/oPgjdWxg32zwT862zWMwvbLTRGMYDUUovF,iv:+u9vx4A4IoPLIbwzagm4R31aQ9bJzMWFOc4ui62dgcs=,tag:oh9bOyLGOCBgujZvMJNmQg==,type:str] hcloud_exporter-environment: ENC[AES256_GCM,data:EtGDTr7bnQeHAx1TjzmMSGFaiuZM7AzGIyDiXhfd2V9mVF7ebuaWnMw3ioN4gbvXT5rrxkFr2xNj6IoVl/oPgjdWxg32zwT862zWMwvbLTRGMYDUUovF,iv:+u9vx4A4IoPLIbwzagm4R31aQ9bJzMWFOc4ui62dgcs=,tag:oh9bOyLGOCBgujZvMJNmQg==,type:str]
invidious-extra-settings: ENC[AES256_GCM,data:EdQ6Kivp1FwGqcSm3lT/phJ5NfP1WiV8lugvhEaQFZU/Fa/e9LP70F0H1GB0wy68qCjr2gMPaeE+B96Nmsy6Twuyp+CqrHw2suMuUw5sKW1E+sbomw==,iv:87TB5i9fz+0TYtV2ElNmFohsxStxcnM3V/Kuv7pbcT0=,tag:5MQNWdknw5IiYsrJv3HoJA==,type:str] invidious-extra-settings: ENC[AES256_GCM,data:EdQ6Kivp1FwGqcSm3lT/phJ5NfP1WiV8lugvhEaQFZU/Fa/e9LP70F0H1GB0wy68qCjr2gMPaeE+B96Nmsy6Twuyp+CqrHw2suMuUw5sKW1E+sbomw==,iv:87TB5i9fz+0TYtV2ElNmFohsxStxcnM3V/Kuv7pbcT0=,tag:5MQNWdknw5IiYsrJv3HoJA==,type:str]
@ -15,8 +15,8 @@ sops:
azure_kv: [] azure_kv: []
hc_vault: [] hc_vault: []
age: [] age: []
lastmodified: "2023-08-18T10:01:41Z" lastmodified: "2023-12-10T14:03:24Z"
mac: ENC[AES256_GCM,data:EDvu6s1YSg9nQ/3ANPGIeTKp5Q0KxWx0ui5NKd7XTmO7Uf7T5D7Nb1Zz2uLcLwgYMQbNPBd+H2AQrDTy7ULaG7pIkBqSF7xcWqXYAuOJMVaJfsVJbqFFEeV/7zuJX0p8W7iLZWJM+6FMJsmkOY8VSelIMx3jTLwmuw0Mr2hbisg=,iv:9X2Wd/eVOZJKpfLjYM8jjvyumXrew/U0AChiUVhJ8TI=,tag:hofRvvjajNSibrzdxze0Fw==,type:str] mac: ENC[AES256_GCM,data:OKFeBx9aNrqZL4zRxwMWB7VgHjtjATwtl5qb4XHhV3Zjr2DBJHOeGWcCBU9AhnHy92D1EmYYCEc1YUgYhTjj/eJTCqduZOJWvQpsbSxviZP1Fzan0typqlSvhtneDwjeZnFO4Dl7rNpmV50rkBtuVn281TEGIwqGhNl46Is+iys=,iv:YpxDzjWR6O72QZoGnO3qOCeXoI3i6C0DeEqKxtHiE14=,tag:bouLuX2JlDqIl2eTamsBdw==,type:str]
pgp: pgp:
- created_at: "2022-03-23T13:59:53Z" - created_at: "2022-03-23T13:59:53Z"
enc: | enc: |
@ -57,4 +57,4 @@ sops:
-----END PGP MESSAGE----- -----END PGP MESSAGE-----
fp: FD4E1FB15DD0F36A77790229826C04C0BE319FA2 fp: FD4E1FB15DD0F36A77790229826C04C0BE319FA2
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.7.3 version: 3.8.1

View file

@ -1,29 +1,32 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
cfg = config.services.gitea; cfg = config.services.forgejo;
in in
{ {
sops.secrets.gitea-mail = { sops.secrets.forgejo-mail = {
owner = cfg.user; owner = cfg.user;
sopsFile = ../secrets.yaml; sopsFile = ../secrets.yaml;
}; };
systemd.services.gitea.serviceConfig.SupplementaryGroups = lib.singleton "keys"; systemd.services.forgejo.serviceConfig.SupplementaryGroups = lib.singleton "keys";
services.gitea = { services.forgejo = {
enable = true; enable = true;
appName = "sbrudergit";
lfs = { lfs = {
enable = true; enable = true;
}; };
database.type = "postgres"; database.type = "postgres";
mailerPasswordFile = config.sops.secrets.gitea-mail.path; mailerPasswordFile = config.sops.secrets.forgejo-mail.path;
settings = { settings = {
DEFAULT = {
APP_NAME = "sbrudergit";
};
mailer = { mailer = {
ENABLED = true; ENABLED = true;
HOST = "vueko.sbruder.de:587"; PROTOCOL = "smtps";
FROM = "gitea@sbruder.de"; SMTP_ADDR = "vueko.sbruder.de";
USER = "gitea@sbruder.de"; FROM = "forgejo@sbruder.de";
USER = "forgejo@sbruder.de";
}; };
avatar = { avatar = {
DISABLE_GRAVATAR = true; DISABLE_GRAVATAR = true;
@ -42,7 +45,7 @@ in
BUILTIN_SSH_SERVER_USER = "git"; BUILTIN_SSH_SERVER_USER = "git";
START_SSH_SERVER = true; START_SSH_SERVER = true;
SSH_PORT = 2022; SSH_PORT = 2022;
SSH_SERVER_HOST_KEYS = "ssh/gitea.ed25519,ssh/gitea.rsa"; SSH_SERVER_HOST_KEYS = "ssh/forgejo.ed25519,ssh/forgejo.rsa";
}; };
service = { service = {
DEFAULT_ALLOW_CREATE_ORGANIZATION = false; DEFAULT_ALLOW_CREATE_ORGANIZATION = false;
@ -68,7 +71,7 @@ in
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://unix:/run/gitea/gitea.sock"; proxyPass = "http://unix:/run/forgejo/forgejo.sock";
}; };
extraConfig = '' extraConfig = ''