erwin/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Wiki Activity Actions

Tweak gitea config

Browse source
This commit is contained in:
Erwin Boskma 2022-10-26 17:12:39 +02:00
parent c0707a50e7
commit 8ee11574f6
Signed by: erwin
GPG key ID: 270B20D17394F7E5
3 changed files with 7 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
machines/gitea/configuration.nix
View file

@ -41,6 +41,9 @@
environment.noXlibs = true; environment.noXlibs = true;
security.sudo.execWheelOnly = true;
security.pam.enableSSHAgentAuth = true;
# services.openssh.enable = true; # services.openssh.enable = true;
sops.defaultSopsFile = ./secrets.yaml; sops.defaultSopsFile = ./secrets.yaml;

6
modules/gitea/default.nix
View file

@ -36,9 +36,7 @@ in
}; };
log.LEVEL = "Warn"; log.LEVEL = "Warn";
DISABLE_REGISTRATION = true;
COOKIE_SECURE = true;
database = { database = {
LOG_SQL = false; LOG_SQL = false;
}; };
@ -50,6 +48,7 @@ in
service = { service = {
DEFAULT_KEEP_EMAIL_PRIVATE = true; DEFAULT_KEEP_EMAIL_PRIVATE = true;
DISABLE_REGISTRATION = true;
}; };
picture = { picture = {
@ -59,6 +58,7 @@ in
session = { session = {
PROVIDER = "db"; PROVIDER = "db";
SAME_SITE = "strict"; SAME_SITE = "strict";
COOKIE_SECURE = true;
}; };
webhook = { webhook = {

2
modules/nix-common/default.nix
View file

@ -47,7 +47,7 @@ in
settings = { settings = {
auto-optimise-store = true; auto-optimise-store = true;
allowed-users = [ "root" ]; allowed-users = [ "root" ];
trusted-users = [ "root" ]; trusted-users = [ "root" "@wheel" ];
substituters = [ substituters = [
"https://nix-community.cachix.org" "https://nix-community.cachix.org"
"https://marcus7070.cachix.org" "https://marcus7070.cachix.org"