{ config, pkgs, ... }: { services.gitea = rec { enable = true; stateDir = "/srv/git.gebner.org"; appName = "Gabriel Ebner's git server"; domain = "git.gebner.org"; rootUrl = "https://git.gebner.org/"; httpPort = 8001; cookieSecure = true; log.level = "Info"; disableRegistration = true; settings = { picture = { DISABLE_GRAVATAR = "false"; AVATAR_UPLOAD_PATH = "${stateDir}/data/avatars"; }; }; }; environment.systemPackages = [ (let cfg = config.services.gitea; in pkgs.writeScriptBin "gitea" '' exec ${pkgs.sudo}/bin/sudo -u ${cfg.user} \ env GITEA_WORK_DIR=${cfg.stateDir} ${pkgs.gitea}/bin/gitea "$@" '') ]; services.nginx = { recommendedProxySettings = true; virtualHosts."git.gebner.org" = { forceSSL = true; useACMEHost = "gebner.org"; locations."/" = { proxyPass = "http://127.0.0.1:${toString config.services.gitea.httpPort}"; extraConfig = '' proxy_buffering off; client_max_body_size 256M; ''; }; }; }; }