From a971ca1f8fb6ad909b2a574b6c771cdceb11964a Mon Sep 17 00:00:00 2001
From: "Gustavo L de Mello (Guz)" <contact@guz.one>
Date: Fri, 4 Apr 2025 20:16:16 -0300
Subject: [PATCH] feat: anubis bot protection to forgejo

---
 capytal/default.nix |  2 +-
 capytal/network.nix | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/capytal/default.nix b/capytal/default.nix
index fcaa00f..75ad17c 100644
--- a/capytal/default.nix
+++ b/capytal/default.nix
@@ -1,4 +1,4 @@
-{inputs, ...}: {
+{...}: {
   imports = [
     ./analytics.nix
     ./network.nix
diff --git a/capytal/network.nix b/capytal/network.nix
index c73011e..39d7fd0 100644
--- a/capytal/network.nix
+++ b/capytal/network.nix
@@ -17,6 +17,19 @@
       '';
     };
   };
+
+  services.anubis.enable = true;
+  services.anubis.instances = {
+    "forgejo" = let
+      forgejo-port = config.services.forgejo.settings.server.HTTP_PORT;
+    in {
+      bind = ":${toString (forgejo-port + 20)}";
+      metricsBind = ":${toString (forgejo-port + 30)}";
+      serveRobotsTxt = true;
+      target = "http://localhost:${toString forgejo-port}";
+    };
+  };
+
   virtualisation.oci-containers.containers.cloudflare-funnel = let
     secrets = config.spacestation-secrets.lesser;
   in {