109 lines
No EOL
2.9 KiB
Nix
109 lines
No EOL
2.9 KiB
Nix
{ inputs, ... }:
|
|
{
|
|
flake.modules.nixos.forgejo =
|
|
{ lib, config, pkgs, ... }:
|
|
{
|
|
|
|
imports = with inputs.self.modules.nixos; [
|
|
podman
|
|
];
|
|
|
|
age.secrets = {
|
|
forgejo.file = ../../../secrets/forgejo.age;
|
|
forgejodb.file = ../../../secrets/forgejodb.age;
|
|
};
|
|
|
|
|
|
virtualisation.oci-containers.containers =
|
|
{
|
|
"forgejo" = {
|
|
image = "codeberg.org/forgejo/forgejo:13";
|
|
ports = [
|
|
"2424:22" #SSH
|
|
"4000:3000" #WebUI
|
|
];
|
|
labels = {
|
|
"io.containers.autoupdate" = "registry";
|
|
};
|
|
volumes = [
|
|
"/DockerData/configs/forgejo/data:/data"
|
|
"/etc/timezone:/etc/timezone:ro"
|
|
"/etc/localtime:/etc/localtime:ro"
|
|
];
|
|
environmentFiles = [
|
|
"${config.age.secrets.forgejo.path}"
|
|
];
|
|
dependsOn = [
|
|
"db"
|
|
];
|
|
log-driver = "journald";
|
|
networks = [
|
|
"forgejo-internal"
|
|
];
|
|
};
|
|
|
|
"db" = {
|
|
image = "docker.io/library/postgres:14";
|
|
volumes = [
|
|
"/DockerData/configs/forgejo/db:/var/lib/postgresql/data"
|
|
];
|
|
labels = {
|
|
"io.containers.autoupdate" = "registry";
|
|
};
|
|
environmentFiles = [
|
|
"${config.age.secrets.forgejodb.path}"
|
|
];
|
|
log-driver = "journald";
|
|
networks = [
|
|
"forgejo-internal"
|
|
];
|
|
};
|
|
};
|
|
|
|
|
|
systemd = {
|
|
services = {
|
|
"podman-network-forgejo-internal" = {
|
|
path = [ pkgs.podman ];
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
RemainAfterExit = true;
|
|
ExecStop = "podman network rm -f forgejo-internal";
|
|
};
|
|
script = ''
|
|
podman network inspect forgejo-internal || podman network create forgejo-internal
|
|
'';
|
|
partOf = [ "podman-compose-forgejo-root.target" ];
|
|
wantedBy = [ "podman-compose-forgejo-root.target" ];
|
|
};
|
|
|
|
"podman-db" = {
|
|
serviceConfig = {
|
|
Restart = lib.mkOverride 90 "always";
|
|
};
|
|
partOf = [ "podman-compose-forgejo-root.target" ];
|
|
wantedBy = [ "podman-compose-forgejo-root.target" ];
|
|
after = [ "podman-network-forgejo-internal.service" ];
|
|
wants = [ "podman-network-forgejo-internal.service" ];
|
|
};
|
|
|
|
"podman-forgejo" = {
|
|
serviceConfig = {
|
|
Restart = lib.mkOverride 90 "always";
|
|
};
|
|
partOf = [ "podman-compose-forgejo-root.target" ];
|
|
wantedBy = [ "podman-compose-forgejo-root.target" ];
|
|
after = [ "podman-network-forgejo-internal.service" ];
|
|
wants = [ "podman-network-forgejo-internal.service" ];
|
|
};
|
|
};
|
|
|
|
targets = {
|
|
"podman-compose-forgejo-root" = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
};
|
|
};
|
|
};
|
|
|
|
};
|
|
} |