nix/modules/mugit.nix (view raw)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 |
{ config, ... }:
{
services.caddy.virtualHosts."git.olexsmir.xyz".extraConfig = ''
reverse_proxy localhost:8008
'';
age.secrets.github_token = {
file = ../secrets/github_token.age;
owner = "mugit";
group = "mugit";
};
age.secrets.mugit_host = {
file = ../secrets/mugit_host.age;
owner = "mugit";
group = "mugit";
};
services.mugit = {
enable = true;
openFirewall = true;
config = {
server.port = 8008;
repo.dir = "/var/lib/mugit/";
meta = {
description = "hey kid, come get your free software";
title = "git.olexsmir.xyz";
host = "git.olexsmir.xyz";
};
ssh = {
enable = true;
port = 22;
host_key = config.age.secrets.mugit_host.path;
keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLLJdkVYKZgsayw+sHanKPKZbI0RMS2CakqBCEi5Trz"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMPQ0Qz0DFB+rGrD8ScUqbUTZ1/O8FHrOBF5bIAGQgMj"
];
};
mirror = {
enable = true;
interval = "6h";
github_token = "$file:" + config.age.secrets.github_token.path;
};
};
};
}
|