nixos/hosts/vps_fz/server_config.nix

{ pkgs, inputs, config, lib, ... }: {

  config = {

    # fail2ban
    services.fail2ban.enable = true;
    services.openssh.settings.LogLevel = "VERBOSE";


    # caddy
    services.caddy = {
      enable = true;
      configFile = ../../dotfiles/caddy/Caddyfile;
    };
    networking.firewall.allowedTCPPorts = [ 80 443 ];

    # gitea
    sops.secrets."gitea_dbpass" = {
      owner = "gitea";
      group = "gitea";
    };

    services.gitea = {
      enable = true;
      database = {
        type = "postgres";   
        passwordFile = config.sops.secrets."gitea_dbpass".path;
      }; 
      settings = {
       server = {
         DOMAIN = "gitea.fredzernia.com";
         ROOT_URL = "https://gitea.fredzernia.com";
         HTTP_PORT = 7904;
       };
       service.DISABLE_REGISTRATION = true;
      };
    };
  };
}
gitea repo 2025-06-20 11:59:24 -07:00			`{ pkgs, inputs, config, lib, ... }: {`

			`config = {`

			`# fail2ban`
			`services.fail2ban.enable = true;`
			`services.openssh.settings.LogLevel = "VERBOSE";`


			`# caddy`
			`services.caddy = {`
			`enable = true;`
			`configFile = ../../dotfiles/caddy/Caddyfile;`
			`};`
			`networking.firewall.allowedTCPPorts = [ 80 443 ];`

			`# gitea`
			`sops.secrets."gitea_dbpass" = {`
			`owner = "gitea";`
			`group = "gitea";`
			`};`

			`services.gitea = {`
			`enable = true;`
			`database = {`
			`type = "postgres";`
			`passwordFile = config.sops.secrets."gitea_dbpass".path;`
			`};`
			`settings = {`
			`server = {`
			`DOMAIN = "gitea.fredzernia.com";`
			`ROOT_URL = "https://gitea.fredzernia.com";`
			`HTTP_PORT = 7904;`
			`};`
			`service.DISABLE_REGISTRATION = true;`
			`};`
			`};`
			`};`
			`}`