From 815e095f4ff2aa82c491c037be6c525bc722f012 Mon Sep 17 00:00:00 2001 From: DuN0z Date: Thu, 16 Oct 2025 10:27:01 +0200 Subject: [PATCH 1/2] Fix: back to forgejo original config --- config/globals.nix | 3 ++- modules/services/forgejo.nix | 34 ++++++++-------------------------- 2 files changed, 10 insertions(+), 27 deletions(-) diff --git a/config/globals.nix b/config/globals.nix index 6977146..7c64ec5 100644 --- a/config/globals.nix +++ b/config/globals.nix @@ -23,8 +23,9 @@ services = { forgejo = { - home = "/var/lib/services/forgejo"; + home = "/var/lib/forgejo"; url = "govel.porzh.me"; + user = "git"; port = 3000; }; goaccess = { diff --git a/modules/services/forgejo.nix b/modules/services/forgejo.nix index ad0fb13..0cee315 100644 --- a/modules/services/forgejo.nix +++ b/modules/services/forgejo.nix @@ -3,23 +3,23 @@ let globals = import ../../config/globals.nix; in { # --- Utilisateur dédié --- - users.users.git = { + users.users.${globals.services.forgejo.user} = { isSystemUser = true; - home = "/var/lib/forgejo"; + home = globals.services.forgejo.home; shell = pkgs.bash; - group = "git"; + group = globals.services.forgejo.user; }; - users.groups.git = {}; + users.groups.${globals.services.forgejo.user} = {}; # --- Forgejo --- services = { forgejo = { enable = true; - user = "git"; - group = "git"; + user = globals.services.forgejo.user; + group = globals.services.forgejo.user; database = { type = "sqlite3"; - path = "/var/lib/forgejo/data/gitea.db"; + path = "${globals.services.forgejo.home}/data/gitea.db"; }; settings = { server = { @@ -27,7 +27,6 @@ in { ROOT_URL = "https://${globals.services.forgejo.url}/"; SSH_DOMAIN = globals.services.forgejo.url; HTTP_PORT = globals.services.forgejo.port; - SSH_PORT = 22; START_SSH_SERVER = false; }; service = { @@ -49,22 +48,5 @@ in { }; }; }; - - # --- Ouvrir les ports nécessaires --- - networking.firewall = { - allowedTCPPorts = [80 443 2222]; - interfaces."eth0".allowedTCPPorts = [22]; - }; - # --- Pour que Forgejo génère les bonnes URLs Git --- - # networking.hostName = "git"; # non strictement obligatoire - - # --- Optionnel : config DNS --- - # git.lomig.me -> ton IP publique (ou IP locale si LAN) - - # --- Pour te cloner un dépôt : --- - # git clone git@git.lomig.me:lomig/nom-du-repo.git - - # --- Astuce : génère une paire de clés pour l’accès SSH Git --- - # ssh-keygen -t ed25519 -f ~/.ssh/id_git_forgejo - # puis ajoute la clé publique dans ton compte Forgejo + networking.firewall.allowedTCPPorts = [80 443 22 ]; } From fd12d647e4c44cbd75a0e7932427b76a9545ed03 Mon Sep 17 00:00:00 2001 From: DuN0z Date: Thu, 16 Oct 2025 10:27:26 +0200 Subject: [PATCH 2/2] Fix: remove local adress from stats --- modules/services/goaccess.nix | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/modules/services/goaccess.nix b/modules/services/goaccess.nix index 7391f20..2cc069c 100644 --- a/modules/services/goaccess.nix +++ b/modules/services/goaccess.nix @@ -6,11 +6,23 @@ in { goaccess ]; - # Service pour générer le rapport statique GoAccess + environment.etc."local/bin/generate-goaccess.sh".text = '' + #!/bin/sh + set -eu + + RAW_LOG="/var/log/caddy/access-${globals.services.levr.url}.log" + CLEAN_LOG="/tmp/goaccess-clean.log" + REPORT="${globals.services.goaccess.home}/index.html" + + ${pkgs.gnugrep}/bin/grep -v '192.168.' "$RAW_LOG" > "$CLEAN_LOG" + ${pkgs.goaccess}/bin/goaccess "$CLEAN_LOG" --log-format=CADDY -o "$REPORT"; + ''; + environment.etc."local/bin/generate-goaccess.sh".mode = "0755"; + systemd.services.goaccess-report = { description = "Generate GoAccess HTML report"; serviceConfig = { - ExecStart = "${pkgs.goaccess}/bin/goaccess /var/log/caddy/access-${globals.services.levr.url}.log --log-format=CADDY -o ${globals.services.goaccess.home}/index.html"; + ExecStart = "/etc/local/bin/generate-goaccess.sh"; }; }; @@ -35,4 +47,8 @@ in { }; }; }; + + systemd.tmpfiles.rules = [ + "d ${globals.services.goaccess.home} 0755 root root -" + ]; }