2023-05-11 11:54:42 +01:00
|
|
|
{ ... }:
|
|
|
|
|
{
|
2023-05-16 11:04:48 +01:00
|
|
|
imports = [ ./traefik.nix ./fail2ban.nix ];
|
|
|
|
|
services.gitea = {
|
|
|
|
|
enable = true;
|
2023-05-16 12:06:49 +01:00
|
|
|
settings.server = { DOMAIN = "git.xenia.me.uk"; SSH_PORT = 2222; };
|
2023-05-16 11:04:48 +01:00
|
|
|
appName = "Gitea";
|
|
|
|
|
};
|
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 2222 ];
|
2023-05-11 11:54:42 +01:00
|
|
|
services.traefik.dynamicConfigOptions.http = {
|
2023-05-15 07:51:06 +01:00
|
|
|
routers.gitea = { rule = "Host(`git.xenia.me.uk`)"; service = "gitea-websecure"; tls = { certResolver = "default"; }; };
|
2023-05-11 11:54:42 +01:00
|
|
|
services.gitea-websecure.loadBalancer.servers = [{ url = "http://localhost:3000"; }];
|
|
|
|
|
};
|
2023-05-16 11:31:36 +01:00
|
|
|
services.fail2ban.jails.gitea = ''
|
|
|
|
|
enabled = true
|
|
|
|
|
filter = sshd
|
|
|
|
|
ports = 2222
|
|
|
|
|
backend = systemd
|
|
|
|
|
'';
|
2023-05-11 11:54:42 +01:00
|
|
|
}
|
