ashie/nixos-vps
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Forgejo self-hosted Git service with Nginx, PostgreSQL, and Restic backups

Browse source
This commit is contained in:
ashisgreat22 2026-03-18 23:32:01 +01:00
parent c51c7183c1
commit 6e9de4c189
3 changed files with 93 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

85
modules/forgejo.nix Normal file
View file

@ -0,0 +1,85 @@
# Forgejo Module
# Provides: Self-hosted Git service (Fork of Gitea)
#
# Usage:
# myModules.forgejo = {
# enable = true;
# domain = "git.example.com";
# };
{
config,
lib,
pkgs,
...
}:
let
cfg = config.myModules.forgejo;
in
{
options.myModules.forgejo = {
enable = lib.mkEnableOption "Forgejo Git service";
port = lib.mkOption {
type = lib.types.port;
default = 3002;
description = "Internal port to run Forgejo on";
};
domain = lib.mkOption {
type = lib.types.str;
example = "git.example.com";
description = "Public domain name for Forgejo";
};
disableRegistration = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Disable public user registration";
};
};
config = lib.mkIf cfg.enable {
services.forgejo = {
enable = true;
database.type = "postgres";
settings = {
server = {
DOMAIN = cfg.domain;
ROOT_URL = "https://${cfg.domain}/";
HTTP_ADDR = "127.0.0.1";
HTTP_PORT = cfg.port;
SSH_PORT = 2222;
};
service = {
DISABLE_REGISTRATION = cfg.disableRegistration;
};
session = {
COOKIE_SECURE = true;
};
security = {
PASSWORD_COMPLEXITY = "lower,upper,digit,spec";
MIN_PASSWORD_LENGTH = 12;
};
};
};
# Nginx Reverse Proxy
myModules.nginx.domains."${cfg.domain}" = {
port = cfg.port;
extraConfig = ''
client_max_body_size 512M;
'';
};
# Open SSH port for Git
networking.firewall.allowedTCPPorts = [ 2222 ];
# Backups (Add Forgejo data to restic if backup module is enabled)
myModules.backup.paths = [
config.services.forgejo.stateDir
];
};
}