Fix: remove local adress from stats

config/globals.nix

@@ -23,8 +23,9 @@
 
   services = {
     forgejo = {
-      home = "/var/lib/services/forgejo";
+      home = "/var/lib/forgejo";
       url = "govel.porzh.me";
+      user = "git";
       port = 3000;
     };
     goaccess = {

modules/services/forgejo.nix

@@ -3,23 +3,23 @@ let
   globals = import ../../config/globals.nix;
 in {
   # --- Utilisateur dédié ---
-  users.users.git = {
+  users.users.${globals.services.forgejo.user} = {
     isSystemUser = true;
-    home = "/var/lib/forgejo";
+    home = globals.services.forgejo.home;
     shell = pkgs.bash;
-    group = "git";
+    group = globals.services.forgejo.user;
   };
-  users.groups.git = {};
+  users.groups.${globals.services.forgejo.user} = {};
 
   # --- Forgejo ---
   services = {
     forgejo = {
       enable = true;
-      user = "git";
+      user = globals.services.forgejo.user;
-      group = "git";
+      group = globals.services.forgejo.user;
       database = {
         type = "sqlite3";
-        path = "/var/lib/forgejo/data/gitea.db";
+        path = "${globals.services.forgejo.home}/data/gitea.db";
       };
       settings = {
         server = {
@@ -27,7 +27,6 @@ in {
           ROOT_URL = "https://${globals.services.forgejo.url}/";
           SSH_DOMAIN = globals.services.forgejo.url;
           HTTP_PORT = globals.services.forgejo.port;
-          SSH_PORT = 22;
           START_SSH_SERVER = false;
         };
         service = {
@@ -49,22 +48,5 @@ in {
       };
     };
   };
-
+  networking.firewall.allowedTCPPorts = [80 443 22 ];
-  # --- Ouvrir les ports nécessaires ---
-  networking.firewall = {
-    allowedTCPPorts = [80 443 2222];
-    interfaces."eth0".allowedTCPPorts = [22];
-  };
-  # --- Pour que Forgejo génère les bonnes URLs Git ---
-  #  networking.hostName = "git"; # non strictement obligatoire
-
-  # --- Optionnel : config DNS ---
-  # git.lomig.me -> ton IP publique (ou IP locale si LAN)
-
-  # --- Pour te cloner un dépôt : ---
-  # git clone git@git.lomig.me:lomig/nom-du-repo.git
-
-  # --- Astuce : génère une paire de clés pour l’accès SSH Git ---
-  # ssh-keygen -t ed25519 -f ~/.ssh/id_git_forgejo
-  # puis ajoute la clé publique dans ton compte Forgejo
 }

modules/services/goaccess.nix

@@ -6,11 +6,23 @@ in {
     goaccess
   ];
 
-  # Service pour générer le rapport statique GoAccess
+  environment.etc."local/bin/generate-goaccess.sh".text = ''
+    #!/bin/sh 
+    set -eu
+
+    RAW_LOG="/var/log/caddy/access-${globals.services.levr.url}.log"
+    CLEAN_LOG="/tmp/goaccess-clean.log"
+    REPORT="${globals.services.goaccess.home}/index.html"
+
+    ${pkgs.gnugrep}/bin/grep -v '192.168.' "$RAW_LOG" > "$CLEAN_LOG"
+    ${pkgs.goaccess}/bin/goaccess "$CLEAN_LOG" --log-format=CADDY -o "$REPORT";
+  '';
+  environment.etc."local/bin/generate-goaccess.sh".mode = "0755";
+
   systemd.services.goaccess-report = {
     description = "Generate GoAccess HTML report";
     serviceConfig = {
-      ExecStart = "${pkgs.goaccess}/bin/goaccess /var/log/caddy/access-${globals.services.levr.url}.log --log-format=CADDY -o ${globals.services.goaccess.home}/index.html";
+      ExecStart = "/etc/local/bin/generate-goaccess.sh";
     };
   };
 
@@ -35,4 +47,8 @@ in {
       };
     };
   };
+
+  systemd.tmpfiles.rules = [
+    "d ${globals.services.goaccess.home} 0755 root root -"
+  ];
 }