test gitea docker

2026-04-26 11:14:46 -05:00
parent 82d8816052
commit a8b2621469
7 changed files with 46 additions and 56 deletions
--- a/flake.nix
+++ b/flake.nix
@@ -18,8 +18,8 @@

        nixos-hardware.url = "github:nixos/nixos-hardware/master";

-        #opi-zero2w.url = "github:virusdave/nixos-opi-zero2w";
-        opi-zero2w.url = "git+file:///home/nathan/Projects/tests/nixos-opi-zero2w";
+        opi-zero2w.url = "github:virusdave/nixos-opi-zero2w";
+        #opi-zero2w.url = "git+file:///home/nathan/Projects/tests/nixos-opi-zero2w";

        sops-nix = {
            url = "github:Mic92/sops-nix";
--- a/modules/features/gitea.nix
+++ b/modules/features/gitea.nix
@@ -80,6 +80,13 @@
                            repository = {
                                DEFAULT_BRANCH = "master";
                            };
+
+                            migrations = {
+                                ALLOWED_DOMAINS = "*";
+                                ALLOW_LOCALNETWORKS = true;
+                                SKIP_TLS_VERIFY = true;
+                                BLOCKED_DOMAINS = "";
+                            };
                        };

                        database = {
@@ -118,6 +125,25 @@

        config = {

+            sops.secrets = {
+                "gitea/dbpass" = {};
+            };
+
+            sops.templates."gitea.env".content = ''
+                USER_UID=1000
+                USER_GID=1000
+                GITEA__database__DB_TYPE=postgres
+                GITEA__database__HOST=db:5432
+                GITEA__database__NAME=gitea
+                GITEA__database__USER=gitea
+                GITEA__database__PASSWD=${config.sops.placeholder."gitea/dbpass"}
+            '';
+
+            sops.templates."gitea-db.env".content = ''
+                POSTGRES_USER=gitea
+                POSTGRES_DB=gitea
+                POSTGRES_PASSWORD=${config.sops.placeholder."gitea/dbpass"}
+            '';

            virtualisation.oci-containers.containers."${name}" = {
                image = "docker.gitea.com/gitea:1.25.4";
@@ -145,22 +171,27 @@
                    "traefik.tcp.routers.${name}-ssh.rule" = "HostSNI(`*`)";
                    "traefik.tcp.routers.${name}-ssh.service" = "${name}-ssh";

-                    "traefik.tcp.services.${name}-ssh.loadbalancer.server.port" = "22";
+                    "traefik.tcp.services.${name}-ssh.loadbalancer.server.port" = "2222";
                };

                ports = [
                ];

                extraOptions = [
-                    "--ip=192.168.101.20"
+                    "--ip=192.168.101.25"
                ];

                volumes = [
-                    "vol_gitea:/data"
+                    "/etc/gitea/data:/data"
                ];

-                environment = {
-                };
+                environmentFiles = [
+                    config.sops.templates."gitea.env".path
+                ];
+
+                dependsOn = [
+                    "${name}-db"
+                ];
            };

            virtualisation.oci-containers.containers."${name}-db" = {
@@ -182,15 +213,16 @@
                ];

                extraOptions = [
-                    "--ip=192.168.101.21"
+                    "--ip=192.168.101.26"
                ];

                volumes = [
                    "/etc/gitea/db:/var/lib/postgresql/data"
                ];

-                environment = {
-                };
+                environmentFiles = [
+                    config.sops.templates."gitea-db.env".path
+                ];
            };

            systemd.services."docker-gitea" = {
@@ -202,12 +234,10 @@
                };
                after = [
                    "docker-network-setup.service"
-                        "docker-volume-gitea.service" 
                        "docker-gitea-db.service" 
                ];
                requires = [
                    "docker-network-setup.service"
-                        "docker-volume-gitea.service" 
                        "docker-gitea-db.service" 
                ];
                partOf = [
@@ -238,21 +268,6 @@
                    "docker-compose-gitea-root.target"
                ];
            };
-
-            systemd.services."docker-volume-gitea" = {
-                path = [ pkgs.docker ];
-                serviceConfig = {
-                    Type = "oneshot";
-                    RemainAfterExit = true;
-                };
-                script = ''
-                    docker volume inspect vol_gitea || docker volume create vol_gitea --driver=local
-                    '';
-                partOf = [ "docker-compose-gitea-root.target" ];
-                wantedBy = [ "docker-compose-gitea-root.target" ];
-            };
-
        };
    };
-
 }
--- a/modules/features/traefik/config/routing.yml
+++ b/modules/features/traefik/config/routing.yml
@@ -20,15 +20,6 @@ http:
      tls:
        certResolver: "cloudflare"

-    gitea: 
-      entryPoints: 
-        - "localsecure"
-        - "websecure"
-      rule: "Host(`gitea.esotericbytes.com`)"
-      service: "gitea"
-      tls:
-        certResolver: "cloudflare"
-
    octoprint:
      entryPoints:
        - "localsecure"
@@ -49,27 +40,9 @@ http:
        servers: 
          - url: "http://192.168.100.31:4444"
    
-    gitea:
-      loadBalancer:
-        servers: 
-          - url: "http://192.168.100.20:3000"
-    
    octoprint:
      loadBalancer:
        servers:
          - url: "http://rpi-3dp.local"
        passHostHeader: true

-tcp:
-  routers:
-    gitea-ssh:
-      entryPoints:
-        - "gitea-ssh"
-      rule: "HostSNI(`*`)"
-      service: "gitea-ssh"
-
-  services:
-    gitea-ssh:
-      loadBalancer:
-        servers:
-          - address: "192.168.100.20:2222"
--- a/modules/hosts/homebox/configuration.nix
+++ b/modules/hosts/homebox/configuration.nix
@@ -25,6 +25,7 @@
                n8n
                code-server
                gitea
+                gitea-docker
                jellyfin
                nginx
                ollama-docker
--- a/modules/hosts/laptop/configuration.nix
+++ b/modules/hosts/laptop/configuration.nix
@@ -32,6 +32,7 @@
                    efi.canTouchEfiVariables = true;
                    timeout = null;
                };
+                binfmt.emulatedSystems = [ "aarch64-linux" ];
            };

            systemd.settings.Manager.DefaultLimitNOFILE = 2048;
--- a/modules/hosts/pi4/configuration.nix
+++ b/modules/hosts/pi4/configuration.nix
@@ -33,7 +33,7 @@

        imports = with self.nixosModules; [

-            pi4-core-disko
+            pi4-core

            netbird-sbc
            remoteBuilds
--- a/modules/hosts/pi4/default.nix
+++ b/modules/hosts/pi4/default.nix
@@ -11,7 +11,7 @@
        modules = [
            self.nixosModules.pi4
            self.nixosModules.pi4-hardware
-            self.diskoConfigurations.pi4
+            #self.diskoConfigurations.pi4
        ];
    };