Add gitea, fix emacs warning and build error in obs-gstreamer
This commit is contained in:
parent
3d75ec7818
commit
7551396a58
8 changed files with 185 additions and 4 deletions
|
@ -13,3 +13,7 @@ creation_rules:
|
|||
- pgp:
|
||||
- *erwin
|
||||
- *drone
|
||||
- path_regex: machines/gitea/[^/]+\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
- *erwin
|
|
@ -111,7 +111,7 @@
|
|||
defContainer = system: baseConfig:
|
||||
nixos-generators.nixosGenerate {
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
format = "lxc";
|
||||
format = "proxmox-lxc";
|
||||
modules = [
|
||||
{_module.args.inputs = inputs;}
|
||||
{_module.args.self-overlay = self.overlay;}
|
||||
|
@ -199,6 +199,12 @@
|
|||
(import ./machines/proxy/configuration.nix {inherit self;})
|
||||
];
|
||||
};
|
||||
|
||||
gitea = defContainer "x86_64-linux" {
|
||||
imports = [
|
||||
(import ./machines/gitea/configuration.nix {inherit self;})
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
// (flake-utils.lib.eachSystem ["aarch64-linux" "x86_64-linux"])
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
}:
|
||||
with lib; let
|
||||
cfg = config.eboskma.programs.emacs;
|
||||
emacs = with pkgs; ((emacsPackagesFor emacsPgtkGcc).emacsWithPackages (epkgs: [epkgs.emacsql epkgs.emacsql-sqlite]));
|
||||
emacs = with pkgs; ((emacsPackagesFor emacsPgtkNativeComp).emacsWithPackages (epkgs: [epkgs.emacsql epkgs.emacsql-sqlite]));
|
||||
|
||||
orgProtocolDesktop = pkgs.makeDesktopItem {
|
||||
name = "org-protocol";
|
||||
|
@ -34,7 +34,7 @@ in {
|
|||
config = mkIf (cfg.enable) {
|
||||
programs.emacs = {
|
||||
enable = true;
|
||||
package = pkgs.emacsPgtkGcc;
|
||||
package = emacs;
|
||||
};
|
||||
|
||||
services.emacs = mkIf (cfg.daemon) {
|
||||
|
|
|
@ -14,7 +14,7 @@ in {
|
|||
enable = true;
|
||||
plugins = [
|
||||
pkgs.obs-studio-plugins.wlrobs
|
||||
pkgs.obs-studio-plugins.obs-gstreamer
|
||||
# pkgs.obs-studio-plugins.obs-gstreamer
|
||||
pkgs.obs-backgroundremoval
|
||||
];
|
||||
};
|
||||
|
|
48
machines/gitea/configuration.nix
Normal file
48
machines/gitea/configuration.nix
Normal file
|
@ -0,0 +1,48 @@
|
|||
{ self, ... }@inputs: {
|
||||
imports = [
|
||||
../../users/root
|
||||
../../users/erwin
|
||||
];
|
||||
|
||||
eboskma = {
|
||||
gitea.enable = true;
|
||||
nix-common.enable = true;
|
||||
};
|
||||
|
||||
# boot.isContainer = true;
|
||||
|
||||
time.timeZone = "Europe/Amsterdam";
|
||||
|
||||
system.configurationRevision = self.inputs.nixpkgs.lib.mkIf (self ? rev) self.rev;
|
||||
|
||||
networking = {
|
||||
hostName = "gitea";
|
||||
useDHCP = false;
|
||||
|
||||
interfaces = {
|
||||
eth0 = {
|
||||
ipv4.addresses = [
|
||||
{ address = "10.0.0.203";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
defaultGateway = "10.0.0.1";
|
||||
nameservers = ["10.0.0.254"];
|
||||
};
|
||||
|
||||
environment.noXlibs = true;
|
||||
|
||||
# services.openssh.enable = true;
|
||||
|
||||
sops.defaultSopsFile = ./secrets.yaml;
|
||||
sops.secrets = {
|
||||
gitea_db_password = {
|
||||
owner = "git";
|
||||
};
|
||||
};
|
||||
|
||||
system.stateVersion = "22.05";
|
||||
}
|
32
machines/gitea/secrets.yaml
Normal file
32
machines/gitea/secrets.yaml
Normal file
|
@ -0,0 +1,32 @@
|
|||
gitea_db_password: ENC[AES256_GCM,data:DhTDb2LuzEnkdSztIsSoICIz1qIpqNQYp2Z69NDNqPib3u/fzjnt6EyI5k9+0c2s0+AZBKPzItCm61WKquoIV80MsDgROANP2LP63j+id4KHMtIvvT7TBZelN8vaZnM422MutUzOFYB0+SA2LcSDtTHL9WKtqTnF4AjK3UpKjYk=,iv:zK65d01tXoSPYIu2JxRy2O8wURD73AqM7r+80H2nzAs=,tag:qc63u9c9/NaMT/OI5IsuLQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2022-04-25T15:50:15Z"
|
||||
mac: ENC[AES256_GCM,data:r+PbyDB1s0zBoczJVTaTnUvLw8Oqywul1zB7S8clXYtgWDSCIJ2igwupwmH2mYqEzTUutaKNjjAxbaerD8rrBgsJ1K1PSQwk6MawEskVwmdGbIdfCB8r0qHCNOE7pVRgTXyFxjEH6D9xxl/QJhVVTXXnZebR+r9q2SmJyazlFEg=,iv:lV6i7EKu6v0HORk1RhateMB9T0xMhROYKtd67M4fEJk=,tag:iTpNCUruB8Yd/5PlypdmQA==,type:str]
|
||||
pgp:
|
||||
- created_at: "2022-04-25T15:49:31Z"
|
||||
enc: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMA6BoiFpcAxNSAQ//cqGJB1/5LEEG9tmgwYoTAW3hhMaF3yDuMRQbYG8CKw8t
|
||||
ftrqUSltqoZi/9f7AHeQl82LnrdlHyHD3+uzcC1FYgYCU5OslD/IuvYBkVGXlvGh
|
||||
kk7yBNSEsxVo2sPkrUPJzxapFcf1j2gm83WZ4vTUQ8Mn5UYmGBNmVw4cLtO/R732
|
||||
ZhvvLePeF2Za79UxEKIkbh2CWNNA80PLZt8pLUsl+HXnWxNep6fDdwrC6GdU3C8o
|
||||
qcHN7+JGZdDYFqD0bsxpHFYcbg8OWajFJ4vbx9JHSNfjxXRqzaWr+3I93N/aMra/
|
||||
vXyqeRaqowXx9hL2lIAU2Pvpe79+YMeYm3WgEI0ytBz7o86majq3DQ3+XjESIpoy
|
||||
5hNC+cgFiuBUE6e1lBq3812ycsH+HPtha2ppsyr5CX1Fjc63hkszU0bH6UL1jUVk
|
||||
hUAEuLiKADnwPJK1NGrXHqyfEYhIAFkCvEgBK5zoCkcuQ/r2CsO8GfQdOPDwVKcC
|
||||
WLHQU9hq66iCLTd9IxVfOn5YcMjHk6Ie5Dam7cbF3pVAcXrKneYgNK4kdh7aBOqe
|
||||
dasqr/HNJ4Fi15lrVyx2g8c8mb68AbmTCydPX5tZ3RCIc0r8i4iEbYS0Ny8jVPZp
|
||||
6qzI3qo0LnrnMaqqKiJAGH2x3y4bJUlrlab3tV0Kou7e2oM4WhY3jVFXtdAV7+HS
|
||||
XgGGtcTnOE6cSrFRZCSCCzsRrvgDY3NNrrcVBayeCHG+OLqgiHngReG9CdbMzi9E
|
||||
8yIxWF3/8kbKqru6TSheHgOu1v0q/RnCAEqukRynw/Ze8t2/tzGkzETgRMcCoDU=
|
||||
=q/Xc
|
||||
-----END PGP MESSAGE-----
|
||||
fp: b785a9688947edabb9ec8933ee7adefe1d943c7b
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.2
|
|
@ -2,6 +2,7 @@
|
|||
with lib;
|
||||
let
|
||||
cfg = config.eboskma.gitea;
|
||||
giteaCfg = config.services.gitea;
|
||||
in
|
||||
{
|
||||
options.eboskma.gitea = { enable = mkEnableOption "gitea"; };
|
||||
|
@ -9,6 +10,81 @@ in
|
|||
config = mkIf (cfg.enable) {
|
||||
services.gitea = {
|
||||
enable = true;
|
||||
user = "git";
|
||||
domain = "git.datarift.nl";
|
||||
appName = "Gitea Datarift";
|
||||
rootUrl = "https://git.datarift.nl/";
|
||||
log.level = "Warn";
|
||||
lfs = {
|
||||
enable = true;
|
||||
};
|
||||
disableRegistration = true;
|
||||
cookieSecure = true;
|
||||
|
||||
database = {
|
||||
type = "postgres";
|
||||
socket = "/run/postgresql";
|
||||
passwordFile = "/run/secrets/gitea_db_password";
|
||||
createDatabase = false;
|
||||
};
|
||||
|
||||
settings = {
|
||||
security = {
|
||||
PASSWORD_HASH_ALGO = "argon2";
|
||||
DISABLE_GIT_HOOKS = false;
|
||||
};
|
||||
|
||||
database = {
|
||||
LOG_SQL = false;
|
||||
};
|
||||
|
||||
repository = {
|
||||
ENABLE_PUSH_CREATE_USER = true;
|
||||
ENABLE_PUSH_CREATE_ORG = true;
|
||||
};
|
||||
|
||||
service = {
|
||||
DEFAULT_KEEP_EMAIL_PRIVATE = true;
|
||||
};
|
||||
|
||||
picture = {
|
||||
ENABLE_FEDERATED_AVATAR = true;
|
||||
};
|
||||
|
||||
session = {
|
||||
PROVIDER = "db";
|
||||
SAME_SITE = "strict";
|
||||
};
|
||||
|
||||
webhook = {
|
||||
ALLOWED_HOST_LIST = "external,10.0.0.202/32,drone.datarift.nl";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
users.users.git = {
|
||||
description = "Gitea service user";
|
||||
home = giteaCfg.stateDir;
|
||||
useDefaultShell = true;
|
||||
group = "gitea";
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
# Explicitly specify version here, because upgrading is a manual process that involves dumping and restoring databases:
|
||||
# https://nixos.org/manual/nixos/unstable/index.html#module-services-postgres-upgrading
|
||||
package = pkgs.postgresql_14;
|
||||
|
||||
ensureDatabases = ["gitea"];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "gitea";
|
||||
ensurePermissions = {
|
||||
"DATABASE gitea" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
cfg = config.eboskma.desktop;
|
||||
in {
|
||||
options.eboskma.desktop = {enable = mkEnableOption "desktop configuration";};
|
||||
|
||||
config =
|
||||
mkIf (cfg.enable) {
|
||||
};
|
||||
}
|
Loading…
Add table
Reference in a new issue