chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

working on grafana oidc and introduced new domain for hosting
Some checks are pending
Test action / Print hello world (push) Waiting to run
Details

Browse source
This commit is contained in:
Chris Kruining 2025-08-20 15:15:03 +02:00
parent 6511e513a3
commit 995fdaeb1d
No known key found for this signature in database
GPG key ID: EB894A3560CCCAD2
4 changed files with 129 additions and 81 deletions
Download patch file Download diff file Expand all files Collapse all files

16
modules/nixos/services/development/forgejo/default.nix
View file

@ -3,7 +3,7 @@ let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.services.development.forgejo;
domain = "git.kruining.eu";
domain = "git.amarth.cloud";
in
{
options.${namespace}.services.development.forgejo = {
@ -35,7 +35,7 @@ in
cors = {
ENABLED = true;
ALLOW_DOMAIN = "https://*.kruining.eu";
ALLOW_DOMAIN = "https://*.amarth.cloud";
};
security = {
@ -63,8 +63,9 @@ in
service = {
# Auth
ENABLE_BASIC_AUTHENTICATION = false;
DISABLE_REGISTRATION = true;
DISABLE_REGISTRATION = false;
ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
SHOW_REGISTRATION_BUTTON = false;
# Privacy
DEFAULT_KEEP_EMAIL_PRIVATE = true;
@ -78,12 +79,13 @@ in
openid = {
ENABLE_OPENID_SIGNIN = true;
ENABLE_OPENID_SIGNUP = true;
WHITELISTED_URIS = "https://auth-z.kruining.eu";
WHITELISTED_URIS = "https://auth.amarth.cloud";
};
oauth2_client = {
ENABLE_AUTO_REGISTRATION = true;
UPDATE_AVATAR = true;
ACCOUNT_LINKING = "auto";
};
actions = {
@ -111,8 +113,8 @@ in
mailer = {
ENABLED = true;
SMTP_ADDR = "smpts://smtp.black-mail.nl";
FROM = "noreply@kruining.eu";
USER = "noreply@kruining.eu";
FROM = "info@amarth.cloud";
USER = "amarth";
PASSWD = "/var/lib/forgejo/custom/mail_password";
};
};
@ -125,7 +127,7 @@ in
instances.default = {
enable = true;
name = "default";
url = "https://git.kruining.eu";
url = "https://git.amarth.cloud";
# Obtaining the path to the runner token file may differ
# tokenFile should be in format TOKEN=<secret>, since it's EnvironmentFile for systemd
# tokenFile = config.age.secrets.forgejo-runner-token.path;