DuN0z/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: DuN0z:fd12d647e4c44cbd75a0e7932427b76a9545ed03
Branches Tags
DuN0z:master
DuN0z:refactor
DuN0z:main
..
compare: DuN0z:98cd87c47dba8bb11c14a2820bbf1ca198ac5734
Branches Tags
DuN0z:master
DuN0z:refactor
DuN0z:main

No commits in common. "fd12d647e4c44cbd75a0e7932427b76a9545ed03" and "98cd87c47dba8bb11c14a2820bbf1ca198ac5734" have entirely different histories.
fd12d647e4 ... 98cd87c47d

3 changed files with 29 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

3
config/globals.nix
View file

@ -23,9 +23,8 @@
services = {
forgejo = {
home = "/var/lib/forgejo";
home = "/var/lib/services/forgejo";
url = "govel.porzh.me";
user = "git";
port = 3000;
};
goaccess = {

34
modules/services/forgejo.nix
View file

@ -3,23 +3,23 @@ let
globals = import ../../config/globals.nix;
in {
# --- Utilisateur dédié ---
users.users.${globals.services.forgejo.user} = {
users.users.git = {
isSystemUser = true;
home = globals.services.forgejo.home;
home = "/var/lib/forgejo";
shell = pkgs.bash;
group = globals.services.forgejo.user;
group = "git";
};
users.groups.${globals.services.forgejo.user} = {};
users.groups.git = {};
# --- Forgejo ---
services = {
forgejo = {
enable = true;
user = globals.services.forgejo.user;
group = globals.services.forgejo.user;
user = "git";
group = "git";
database = {
type = "sqlite3";
path = "${globals.services.forgejo.home}/data/gitea.db";
path = "/var/lib/forgejo/data/gitea.db";
};
settings = {
server = {
@ -27,6 +27,7 @@ in {
ROOT_URL = "https://${globals.services.forgejo.url}/";
SSH_DOMAIN = globals.services.forgejo.url;
HTTP_PORT = globals.services.forgejo.port;
SSH_PORT = 22;
START_SSH_SERVER = false;
};
service = {
@ -48,5 +49,22 @@ in {
};
};
};
networking.firewall.allowedTCPPorts = [80 443 22 ];
# --- Ouvrir les ports nécessaires ---
networking.firewall = {
allowedTCPPorts = [80 443 2222];
interfaces."eth0".allowedTCPPorts = [22];
};
# --- Pour que Forgejo génère les bonnes URLs Git ---
# networking.hostName = "git"; # non strictement obligatoire
# --- Optionnel : config DNS ---
# git.lomig.me -> ton IP publique (ou IP locale si LAN)
# --- Pour te cloner un dépôt : ---
# git clone git@git.lomig.me:lomig/nom-du-repo.git
# --- Astuce : génère une paire de clés pour laccès SSH Git ---
# ssh-keygen -t ed25519 -f ~/.ssh/id_git_forgejo
# puis ajoute la clé publique dans ton compte Forgejo
}

20
modules/services/goaccess.nix
View file

@ -6,23 +6,11 @@ in {
goaccess
];
environment.etc."local/bin/generate-goaccess.sh".text = ''
#!/bin/sh
set -eu
RAW_LOG="/var/log/caddy/access-${globals.services.levr.url}.log"
CLEAN_LOG="/tmp/goaccess-clean.log"
REPORT="${globals.services.goaccess.home}/index.html"
${pkgs.gnugrep}/bin/grep -v '192.168.' "$RAW_LOG" > "$CLEAN_LOG"
${pkgs.goaccess}/bin/goaccess "$CLEAN_LOG" --log-format=CADDY -o "$REPORT";
'';
environment.etc."local/bin/generate-goaccess.sh".mode = "0755";
# Service pour générer le rapport statique GoAccess
systemd.services.goaccess-report = {
description = "Generate GoAccess HTML report";
serviceConfig = {
ExecStart = "/etc/local/bin/generate-goaccess.sh";
ExecStart = "${pkgs.goaccess}/bin/goaccess /var/log/caddy/access-${globals.services.levr.url}.log --log-format=CADDY -o ${globals.services.goaccess.home}/index.html";
};
};
@ -47,8 +35,4 @@ in {
};
};
};
systemd.tmpfiles.rules = [
"d ${globals.services.goaccess.home} 0755 root root -"
];
}