diff --git a/hosts/homex/configuration.nix b/hosts/homex/configuration.nix index e5ca509..8a7e58b 100644 --- a/hosts/homex/configuration.nix +++ b/hosts/homex/configuration.nix @@ -37,12 +37,14 @@ forgejo = { enable = true; + settings.server.url = "https://${config.homelab.forgejo.settings.server.domain}"; settings.users."user1" = { name = /. + config.sops.secrets."forgejo/user1/name".path; email = /. + config.sops.secrets."forgejo/user1/email".path; password = /. + config.sops.secrets."forgejo/user1/password".path; admin = true; }; + settings.ui.themes = [ "forgejo-dark" "arc-green" ]; }; }; diff --git a/modules/nixos/homelab/forgejo.nix b/modules/nixos/homelab/forgejo.nix index 5b59f8d..7a16886 100644 --- a/modules/nixos/homelab/forgejo.nix +++ b/modules/nixos/homelab/forgejo.nix @@ -40,11 +40,27 @@ in type = path; default = config.homelab.storage + /forgejo; }; + repositories = mkOption { + type = path; + default = /home + cfg.user + /repositories; + }; }; handleUndeclaredUsers = mkOption { type = bool; default = false; }; + /* + See comment at the bottom of the file + + linkUserReposDir = mkOption { + type = bool; + default = false; + description = '' + Links ${cfg.data.repositories} to /home/${cfg.user} to fix repositories + not being found when accssing via SSH. + ''; + }; + */ settings = { users = mkOption { type = attrsOf (submodule ({ config, lib, ... }: with lib; with lib.types; { @@ -105,6 +121,10 @@ in ]); default = [ ]; }; + repo.pushCreate = mkOption { + type = bool; + default = false; + }; cors.enable = mkOption { type = bool; default = false; @@ -177,6 +197,7 @@ in user = cfg.user; group = cfg.user; stateDir = toString cfg.data.root; + repositoryRoot = toString cfg.data.repositories; useWizard = false; database = { user = cfg.user; @@ -190,6 +211,8 @@ in repository = { DISABLED_REPO_UNITS = concatStringsSep "," cfg.settings.repo.disabledUnits; DEFAULT_REPO_UNITS = concatStringsSep "," cfg.settings.repo.defaultUnits; + ENABLE_PUSH_CREATE_USER = cfg.settings.repo.pushCreate; + ENABLE_PUSH_CREATE_ORG = cfg.settings.repo.pushCreate; }; cors = { ENABLED = cfg.settings.cors.enable; @@ -270,6 +293,52 @@ in Group = cfg.user; }; }; + + /* + Removed for now because handling deleted user/files, without touching the + user's files, would be too much of a hassle. + + systemd.services."homelab-forgejo-repos-link-watcher" = lib.mkIf cfg.linkUserReposDir { + script = '' + ${pkgs.systemctl}/bin/systemctl start homelab-forgejo-repos-link.service; + ''; + wantedBy = [ "multi-user.target" ]; + before = [ "forgejo.service" ]; + serviceConfig = { + Type = "oneshot"; + }; + }; + systemd.paths."homelab-forgejo-repos-link-watcher" = lib.mkIf cfg.linkUserReposDir { + wantedBy = [ "multi-user.target" ]; + pathConfig = { + PathModified = toString cfg.data.repositories; + }; + }; + systemd.services."homelab-forgejo-repos-link" = lib.mkIf cfg.linkUserReposDir { + script = '' + userDir="/home/${cfg.user}"; + + mkdir -p "$userDir"; + + for dir in ${toString cfg.data.repositories}/*; do + basename="$(basename $dir)" + linkname="$userDir/$basename" + + if [ -f "$f" ]; then + echo "Link $dir to $linkname already exists"; + else + echo "Linking $dir to $linkname"; + ln -sf $dir -T $linkname; + fi + done + ''; + wantedBy = [ "multi-user.target" ]; + before = [ "forgejo.service" ]; + serviceConfig = { + Type = "oneshot"; + }; + }; + */ }; } @@ -280,3 +349,4 @@ in +