bryan/nixos
0
0
Fork 0
mirror of https://github.com/itme-brain/nixos.git synced 2026-03-23 16:29:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

updates to server modules

Browse source
This commit is contained in:
Bryan Ramos 2025-07-05 19:57:46 -04:00
parent de564231e7
commit 9cb8467224
Signed by: bryan
GPG key ID: 6ABDCD144D6643C8
2 changed files with 17 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/system/modules/forgejo/default.nix
View file

@ -10,24 +10,24 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users = { users = {
users = { users = {
"git" = { "${config.services.forgejo.user}" = {
description = "Git server system user"; description = "Git server system user";
isSystemUser = true; isSystemUser = true;
group = "git"; group = "${config.services.forgejo.user}";
extraGroups = mkIf nginx.enable [ extraGroups = mkIf nginx.enable [
"web" "web"
]; ];
}; };
"nginx" = { "${config.services.nginx.user}" = {
extraGroups = mkIf nginx.enable [ extraGroups = mkIf nginx.enable [
"git" "${config.services.forgejo.group}"
]; ];
}; };
}; };
groups = { groups = {
"git" = { "${config.services.forgejo.group}" = {
members = [ members = [
"git" "${config.services.forgejo.user}"
]; ];
}; };
}; };
@ -36,7 +36,7 @@ in
services.forgejo = rec { services.forgejo = rec {
enable = true; enable = true;
user = "git"; user = "git";
group = "git"; group = user;
stateDir = "/var/lib/forgejo"; stateDir = "/var/lib/forgejo";
settings = { settings = {

18
src/system/modules/nginx/default.nix
View file

@ -10,26 +10,26 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users = { users = {
users = { users = {
"nginx" = { "${config.services.nginx.user}" = {
description = "Web server system user"; description = "Web server system user";
isSystemUser = true; isSystemUser = true;
group = mkForce "web"; group = mkForce "${config.services.nginx.group}";
}; };
"btc" = { "btc" = {
extraGroups = mkIf module.bitcoin.enable [ extraGroups = mkIf module.bitcoin.enable [
"web" "${config.services.nginx.group}"
]; ];
}; };
"git" = { "${config.services.forgejo.user}" = {
extraGroups = mkIf module.forgejo.enable [ extraGroups = mkIf module.forgejo.enable [
"web" "${config.services.nginx.group}"
]; ];
}; };
}; };
groups = { groups = {
"web" = { "${config.services.nginx.group}" = {
members = [ members = [
"nginx" "${config.services.nginx.user}"
]; ];
}; };
}; };
@ -56,6 +56,9 @@ in
services.nginx = { services.nginx = {
enable = true; enable = true;
user = "nginx";
group = "web";
virtualHosts = virtualHosts =
let let
certPath = config.security.acme.certs."ramos.codes".directory; certPath = config.security.acme.certs."ramos.codes".directory;
@ -66,7 +69,6 @@ in
inherit sslCertificate sslCertificateKey; inherit sslCertificate sslCertificateKey;
forceSSL = true; forceSSL = true;
}) hosts; }) hosts;
in withSSL in withSSL
{ {
"git.ramos.codes" = mkIf module.forgejo.enable { "git.ramos.codes" = mkIf module.forgejo.enable {