{ self, config, ... }: { age.secrets.forgejo-fastmail = { file = "${self}/secrets/forgejo-fastmail.age"; }; services.forgejo = { enable = true; dump = { enable = true; }; database.type = "postgres"; lfs.enable = false; secrets = { mailer.PASSWD = config.age.secrets.forgejo-fastmail.path; }; settings = { DEFAULT.APP_NAME = "¯\\_(ツ)_/¯"; session = { COOKIE_SECURE = true; PROVIDER = "db"; PROVIDER_CONFIG = ""; SESSION_LIFE_TIME = 86400 * 5; }; server = { DOMAIN = "code.fcuny.net"; ROOT_URL = "https://code.fcuny.net"; HTTP_PORT = 3000; HTTP_ADDR = "10.100.0.40"; LANDING_PAGE = "explore"; }; mailer = { ENABLED = true; PROTOCOL = "smtp+starttls"; FROM = "code "; USER = "franck@fcuny.net"; SMTP_ADDR = "smtp.fastmail.com"; }; metrics = { ENABLED = true; ENABLED_ISSUE_BY_LABEL = true; ENABLED_ISSUE_BY_REPOSITORY = true; }; service = { REGISTER_EMAIL_CONFIRM = true; DISABLE_REGISTRATION = true; ALLOW_ONLY_EXTERNAL_REGISTRATION = false; SHOW_REGISTRATION_BUTTON = true; }; openid = { ENABLE_OPENID_SIGNIN = true; ENABLE_OPENID_SIGNUP = true; }; oauth2_client = { REGISTER_EMAIL_CONFIRM = false; ENABLE_AUTO_REGISTRATION = true; USERNAME = "preferred_username"; ACCOUNT_LINKING = "auto"; }; repository = { DEFAULT_PRIVATE = "public"; DEFAULT_PUSH_CREATE_PRIVATE = true; ENABLE_PUSH_CREATE_USER = true; PREFERRED_LICENSES = "GPL-3.0-or-later,MIT"; DEFAULT_REPO_UNITS = "repo.code,repo.issues,repo.pulls"; DISABLE_STARS = true; # self-hosting so, doesn't make sense }; "service.explore" = { DISABLE_USERS_PAGE = true; }; federation = { ENABLED = true; }; ui = { # To protect privacy of users. SHOW_USER_EMAIL = false; }; }; }; my.modules.backups = { local.paths = [ "/var/lib/forgejo" ]; local.exclude = [ "/var/lib/forgejo/data/indexers" "/var/lib/forgejo/data/repo-archive" "/var/lib/forgejo/data/tmp" ]; remote.paths = [ "/var/lib/forgejo" ]; remote.exclude = [ "/var/lib/forgejo/data/indexers" "/var/lib/forgejo/data/repo-archive" "/var/lib/forgejo/data/tmp" ]; }; }