init: Add crossbox's configurations

2026-01-10 10:55:18 -08:00 · 2026-01-10 10:55:18 -08:00 · cbac6cd532
commit cbac6cd532
parent 9339a28783
8 changed files with 632 additions and 0 deletions
--- a/forgejo.nix
+++ b/forgejo.nix
@ -0,0 +1,49 @@
+{ config, pkgs, lib, ... }:
+
+{
+  services.forgejo = {
+    enable = true;
+    
+    # Set data directory
+    stateDir = "/srv/forgejo";
+    
+    # Database configuration
+    database = {
+      type = "sqlite3";
+      path = "/srv/forgejo/data/forgejo.db";
+    };
+    
+    # Server settings
+    settings = {
+      server = {
+        DOMAIN = "forgejo.binning.net";
+        ROOT_URL = "https://forgejo.binning.net/";
+        HTTP_ADDR = "127.0.0.1";
+        HTTP_PORT = 3000;
+      };
+      
+      # Repository settings - uses default: /srv/forgejo/repositories
+      # No need to override repository.ROOT as the default location is good
+      
+      service = {
+        DISABLE_REGISTRATION = true;  # Set to true to disable new user registration
+      };
+      
+      # Session and security
+      session = {
+        COOKIE_SECURE = true;  # Since we're using HTTPS
+      };
+      
+      # Recommended security settings
+      security = {
+        INSTALL_LOCK = true;
+      };
+    };
+  };
+  
+  # Ensure the data directory exists with proper permissions
+  systemd.tmpfiles.rules = [
+    "d /srv/forgejo 0750 forgejo forgejo -"
+    "d /srv/forgejo/data 0750 forgejo forgejo -"
+  ];
+}