23 lines
454 B
Nix
23 lines
454 B
Nix
{ config, lib, ... }:
|
|
let
|
|
cfg = config.profile.services.forgejo;
|
|
inherit (lib) mkIf;
|
|
in
|
|
{
|
|
config = mkIf cfg.enable {
|
|
sops.secrets."forgejo" = {
|
|
sopsFile = ../../secrets/caddy_reverse_proxy.yaml;
|
|
path = "/etc/caddy/sites-enabled/forgejo";
|
|
mode = "0440";
|
|
};
|
|
|
|
services.forgejo = {
|
|
enable = true;
|
|
settings = {
|
|
server.PROTOCOL = "http+unix";
|
|
session.COOKIE_SECURE = true;
|
|
};
|
|
};
|
|
};
|
|
}
|