Bos55/nix-config
2
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity
nix-config/modules/apps/gitea/default.nix
Tibo De Peuter 32849cc5d2
Initial commit
2025-01-09 22:25:00 +01:00

673 lines
36 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
let
cfg = config.homelab.apps.gitea;
networkName = "gitea";
UID = 3015;
GID = config.users.groups.apps.gid;
postgresPassword = "ChangeMe";
repoDir = "/srv/git";
webPort = 3000;
sshPort = 2222;
dbPort = 5432;
redisPort = 6379;
title = "Hugo's Forge";
slogan = "Forging ideas into reality.";
description = "Personal git server for projects that don't need collaboration.";
in {
options.homelab.apps.gitea.enable = lib.mkEnableOption "Gitea";
config = lib.mkIf cfg.enable {
homelab = {
users = {
apps.enable = true;
backup.enable = true;
};
virtualisation.containers.enable = true;
};
users.users.gitea = {
uid = lib.mkForce UID;
isSystemUser = true;
group = config.users.groups.apps.name;
home = "/var/empty";
shell = null;
};
# Use filesystem mounts because rootless containers otherwise don't have access to the mount path (nested in docker directories).
# You could probably fix this by modifying the access rights on the path, but what would the point of that be?
fileSystems = {
# Mount options:
# - hard: retry requests indefinitely if the server becomes unresponsive.
# - nosuid: prevent set-user-id and set-group-id bits
"/srv/gitea-config" = {
device = "192.168.0.11:/mnt/SMALL/CONFIG/GITEA";
fsType = "nfs";
options = [
"rw"
"nfsvers=4.2"
"async" "soft" "timeo=100" "retry=50" "actimeo=1800" "lookupcache=all"
"nosuid"
"tcp"
];
};
"/srv/gitea-git" = {
device = "192.168.0.11:/mnt/SMALL/DATA/GIT";
fsType = "nfs";
options = [
"rw"
"nfsvers=4.2"
"async" "soft" "timeo=100" "retry=50" "actimeo=1800" "lookupcache=all"
"nosuid"
"tcp"
];
};
};
# Make sure the Docker network exists.
systemd.services."docker-${networkName}-create-network" = {
description = "Create Docker network for ${networkName}";
requiredBy = [
"docker-gitea-db.service"
"docker-gitea.service"
];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
if ! ${pkgs.docker}/bin/docker network ls | grep -q ${networkName}; then
${pkgs.docker}/bin/docker network create ${networkName}
fi
'';
};
virtualisation.oci-containers.containers = {
gitea-db = {
hostname = "gitea-db";
image = "postgres:15.8-alpine";
autoStart = true;
ports = [
"5432:${toString dbPort}/tcp"
];
extraOptions = [
"--network=${networkName}"
];
environment = {
POSTGRES_PASSWORD = "ChangeMe";
PGDATA = "/var/lib/postgresql/data/pgdata";
};
volumes = [
"gitea-db:/var/lib/postgresql/data/pgdata"
];
};
gitea-redis = {
hostname = "gitea-redis";
image = "redis:7.4.0-alpine3.20";
autoStart = true;
ports = [
"6379:${toString redisPort}/tcp"
];
extraOptions = [
"--network=${networkName}"
];
volumes = [
"gitea-redis:/data"
];
};
gitea = {
hostname = "gitea";
image = "codeberg.org/forgejo/forgejo:8.0.3-rootless";
autoStart = true;
user = "${toString UID}:${toString GID}";
ports = [
"3000:${toString webPort}/tcp"
"2222:${toString sshPort}/tcp"
];
extraOptions = [
"--network=${networkName}"
];
dependsOn = [
"gitea-db"
"gitea-redis"
];
volumes = [
"/srv/gitea-config:/var/lib/gitea"
"/srv/gitea-git:/srv/git"
"/etc/timezone:/etc/timezone:ro"
"/etc/localtime:/etc/localtime:ro"
];
environmentFiles = [
# NOTE Don't forget to create this file.
# TODO Put in place using age(nix)?
"/var/lib/gitea.env"
];
environment = {
# App name that shows in every page title.
FORGEJO__APP_NAME = title;
# Shows a slogan near the App name in every page title.
FORGEJO__APP_SLOGAN = slogan;
# Defines how the AppDisplayName should be presented.
#FORGEJO__APP_DISPLAY_NAME_FORMAT = "";
# Will automaticaly detect the current user - but you can set it here.
FORGEJO__RUN_USER = "gitea";
# Application run mode, affects performance and debugging: "dev" or "prod", default is
# "prod". Mode "dev" makes Gitea easier to develop and debug, values other than "dev" are
# treated as "prod" which is for production use.
FORGEJO__RUN_MODE = "prod";
# The working directory.
#WORK_PATH = "";
# Disable SSH feature when not available.
FORGEJO__server__DISABLE_SSH = "false";
# Whether to use the builltin SSH server or not.
FORGEJO__server__START_SSH_SERVER = "true";
# Username to use for the builtin SSH server. If blank, then it is the value of RUN_USER.
#FORGEJO__server__BUILTIN_SSH_SERVER_USER = "git";
# Domain to be exposed in clone URL.
#FORGEJO__server__SSH_DOMAIN = "";
# SSH username displayed in clone URLs.
#FORGEJO__server__SSH_USER = "git";
# The network interface the builtin SSH server should listen on.
#FORGEJO__server__SSH_LISTEN_HOST = "ens18";
# Port number to be exposed in clone URL.
FORGEJO__server__SSH_PORT = "22";
# Port number the builtin SSH server should listen on.
FORGEJO__server__SSH_LISTEN_PORT = toString sshPort;
# Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
FORGEJO__server__SSH_ROOT_PATH = "/var/lib/gitea/ssh";
# Gitea will create a authorized_keys file by default when it is not using the internal ssh server
# If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
#FORGEJO__server__SSH_CREATE_AUTHORIZED_KEYS_FILE = "true";
# Gitea will create a authorized_principals file by default when it is not using the internal ssh server
# If you intend to use the AuthorizedPrincipalsCommand functionality then you should turn this off.
#FORGEJO__server__SSH_CREATE_AUTHORIZED_PRINCIPALS_FILE = "true";
# For the built-in SSH server, choose the ciphers to support for SSH connections,
# for system SSH this setting has no effect
#FORGEJO__server__SSH_SERVER_CIPHERS = "chacha20-poly1305@openssh.com, aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com";
# For the built-in SSH server, choose the key exchange algorithms to support for SSH connections,
# for system SSH this setting has no effect
#FORGEJO__server__SSH_SERVER_KEY_EXCHANGES = "curve25519-sha256, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha256, diffie-hellman-group14-sha1";
# For the built-in SSH server, choose the MACs to support for SSH connections,
# for system SSH this setting has no effect
#FORGEJO__server__SSH_SERVER_MACS = "hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1";
# For the built-in SSH server, choose the keypair to offer as the host key
# The private key should be at SSH_SERVER_HOST_KEY and the public SSH_SERVER_HOST_KEY.pub
# relative paths are made absolute relative to the %(APP_DATA_PATH)s
FORGEJO__server__SSH_SERVER_HOST_KEYS = "/var/lib/gitea/ssh/forgejo.ed25519";
# Directory to create temporary files in when testing public keys using ssh-keygen,
# default is the system temporary directory.
#FORGEJO__server__SSH_KEY_TEST_PATH = "";
# Use `ssh-keygen` to parse public SSH keys. The value is passed to the shell. By default, Gitea does the parsing itself.
#FORGEJO__server__SSH_KEYGEN_PATH = "";
# Enable SSH Authorized Key Backup when rewriting all keys, default is false
FORGEJO__server__SSH_AUTHORIZED_KEYS_BACKUP = "false";
# ...
# Enable exposure of SSH clone URL to anonymous visitors, default is false.
FORGEJO__server__EXPOSE_ANONYMOUS = "false";
# ...
# Enables git-lfs support. true or false, default is false.
FORGEJO__server__LFS_START_SERVER = "false";
# ...
# Database to use. Either "mysql", "postgres" or "sqlite3".
FORGEJO__database__DB_TYPE = "postgres";
FORGEJO__database__HOST = "gitea-db:${toString dbPort}";
FORGEJO__database__NAME = "gitea";
FORGEJO__database__USER = "gitea";
FORGEJO__database__PASSWD = postgresPassword;
#FORGEJO__database__SCHEMA = "";
#FORGEJO__database__SSL_MODE = "disable";
# Whether the installer is disabled (set to true to disable the installer).
#FORGEJO__security__INSTALL_LOCK = "false";
# Global security key that will be used.
# This key is VERY IMPORTANT. If you lose it, the data encrypted by it can't be decrypted anymore.
#FORGEJO__security__SECRET_KEY = "";
# Alternatively, specify the location of the secret key.
#FORGEJO__security__SECRET_KEY_URI = "file:/etc/gitea/secret_key";
# ...
# IF the camo is enabled.
#FORGEJO__camo__ENABLED = "false";
# ....
# Enables OAuth2 provider
FORGEJO__oauth2__ENABLED = "false";
# ...
# Root path for the log files - defaults to %(GITEA_WORK_DIR)/log
#FORGEJO__log__ROOT_PATH = "";
# Either "console", "file" or "conn", default is "console"
FORGEJO__log__MODE = "file";
# Either "Trace", "Debug", "Info", "Warn", "Error" or "None", default is "Info".
FORGEJO__log__LEVEL = "Warn";
# ...
# Collect SSH logs (Creates logs from ssh git requests)
FORGEJO__log__ENABLE_SSH_LOG = "true";
# ...
# The path of git executable. If empty, Gitea searches through the PATH environment.
#FORGEJO__git__PATH = "";
# ...
FORGEJO__git_0x2E_timeout__MIGRATE = "600";
FORGEJO__git_0x2E_timeout__MIRROR = "600";
# Time limit to confirm account/email registration.
#FORGEJO__service__ACTIVE_CODE_LIVE_MINUTES = "180";
# Time limit to perform the reset of a forgotten password.
#FORGEJO__service__RESET_PASSWD_CODE_LIVE_MINUTES = "180";
# Whether a new user needs to confirm their email when registering.
FORGEJO__service__REGISTER_EMAIL_CONFIRM = "true";
# Whether a new user needs to be confirmed manually after registration.
FORGEJO__service__REGISTER_MANUAL_CONFIRM = "true";
# List of domain names that are allowed to be used to register on a Gitea instance, wildcard is supported.
#FORGEJO__service__EMAIL_DOMAIN_ALLOWLIST = "";
# Comma-separated list of domain names that are not allowed to be used to register on a Gitea instance, wildcard is supported.
#FORGEJO__service__EMAIL_DOMAIN_BLOCKLIST = "";
# Disallow registration, only allow admins to create accounts.
FORGEJO__service__DISABLE_REGISTRATION = "true";
# Allow registration only using gitea itself, it works only when DISABLE_REGISTRATION is false.
FORGEJO__service__ALLOW_ONLY_INTERNAL_REGISTRATION = "true";
# Allow registration only using third-party services, it works only when DISABLE_REGISTRATION is false.
FORGEJO__service__ALLOW_ONLY_EXTERNAL_REGISTRATION = "false";
# User must sign in to view anything.
FORGEJO__service__REQUIRE_SIGNIN_VIEW = "false";
# Mail notification
FORGEJO__service__ENABLE_NOTIFY_MAIL = "true";
# This setting enables gitea to be signed in with HTTP BASIC Authentication using the user's password.
# If you set this to false you will not be able to access the tokens endpoints on the API with your password.
# Please note that setting this to false will not disable OAuth Basic or Basic authentication using a token.
FORGEJO__service__ENABLE_BASIC_AUTHENTICATION = "false";
# ...
# Enable captcha validation for registration.
FORGEJO__service__ENABLE_CAPTCHA = "true";
# Enable this to require captcha validation for login.
FORGEJO__service__REQUIRE_CAPTCHA_FOR_LOGIN = "true";
# Requires captcha for external registrations
#FORGEJO__service__REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA = "false";
# Requires a password for external registrations.
#FORGEJO__service__REQUIRE_EXTERNAL_REGISTRATION_PASSWORD = "false";
# Type of captcha you want to use. Options: image, recaptcha, hcaptcha, mcaptcha, cfturnstile.
FORGEJO__service__CAPTCHA_TYPE = "image";
# ...
# Default value for KeepEmailPrivate
# Each new user will get the value of this setting copied into their profile
FORGEJO__service__DEFAULT_KEEP_EMAIL_PRIVATE = "true";
# Default value for AllowCreateOrganization
# Every new user will have rights set to create organizations depending on this setting.
FORGEJO__service__DEFAULT_ALLOW_CREATE_ORGANIZATION = "true";
# Default value for IsRestricted
# Every new user will have restricted permissions depending on this setting.
FORGEJO__service__DEFAULT_USER_IS_RESTRICTED = "false";
# Users will be able to use dots when choosing their username. Disabling this is
# helpful if your usersare having issues with e.g. RSS feeds or advanced third-party
# extensions that use strange regex patterns.
FORGEJO__service__ALLOW_DOTS_IN_USERNAMES = "false";
# Either "public", "limited" or "private", default is "public".
# Limited is for users visible only to signed users.
# Private is for users visible only to members of their organizations
# Public is for users visible for everyone
FORGEJO__service__DEFAULT_USER_VISIBILITY = "limited";
# Set which visibility modes a user can have
FORGEJO__service__ALLOWED_USER_VISIBILITY_MODES = "public,limited,private";
# Either "public", "limited" or "private", default is "public".
# Limited is for organizations visible only to signed users
# Private is for organizations visible only to members of the organization
# Public is for organizations visible to everyone
FORGEJO__service__DEFAULT_ORG_VISIBILITY = "limited";
# Default value for DefaultOrgMemberVisible
# True will make the membership of the users visible when added to the organisation
FORGEJO__service__DEFAULT_ORG_MEMBER_VISIBLE = "false";
# Default value for EnableDependencies
# Repositories will use dependencies by default depending on this setting
#FORGEJO__service__DEFAULT_ENABLE_DEPENDENCIES = "true";
# Dependencies can be added from any repository where the user is granted access or only from the current repository depending on this setting.
#FORGEJO__service__ALLOW_CROSS_REPOSITORY_DEPENDENCIES = "true";
# Default map service. No external API support has been included. A service has to allow
# searching using URL parameters, the location will be appended to the URL as escaped query parameter.
# Some example values are:
# - OpenStreetMap: https://www.openstreetmap.org/search?query=
# - Google Maps: https://www.google.com/maps/place/
# - MapQuest: https://www.mapquest.com/search/
# - Bing Maps: https://www.bing.com/maps?where1=
#FORGEJO__service__USER_LOCATION_MAP_URL = "https://www.openstreetmap.org/search?query=";
# Enable heatmap on users profiles.
FORGEJO__service__ENABLE_USER_HEATMAP = "true";
# Enable Timetracking
FORGEJO__service__ENABLE_TIMETRACKING = "true";
# Default value for EnableTimetracking
# Repositories will use timetracking by default depending on this setting
FORGEJO__service__DEFAULT_ENABLE_TIMETRACKING = "false";
# Default value for AllowOnlyContributorsToTrackTime
# Only users with write permissions can track time if this is true
#FORGEJO__service__DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = "true";
# Value for the domain part of the user's email address in the git log if user
# has set KeepEmailPrivate to true. The user's email will be replaced with a
# concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS. Default
# value is "noreply." + DOMAIN, where DOMAIN resolves to the value from server.DOMAIN
# Note: do not use the <DOMAIN> notation below
FORGEJO__service__NO_REPLY_ADDRESS = "noreply.depeuter.dev";
# Show Registration button.
FOGEJO__service__SHOW_REGISTRATION_BUTTON = "false";
# Show milestones dashboard page - a view of all the user's milestones.
#FORGEJO__service__SHOW_MILESTONES_DASHBOARD_PAGE = "true";
# Default value for AutoWatchNewRepos
# When adding a repo to a team or creating a new repo all team members will watch the
# repo automatically if enabled
#FORGEJO__service__AUTO_WATCH_NEW_REPOS = "true";
# Default value for AutoWatchOnChanges
# Make the user watch a repository When they commit for the first time
#FORGEJO__service__AUTO_WATCH_ON_CHANGES = "false";
# Minimum amount of time a user must exist before comments are kept when the user is deleted.
#FORGEJO__service__USER_DELETE_WITH_COMMENTS_MAX_TIME = "0";
# Valid site url schemes for user profiles
#FORGEJO__service__VALID_SITE_URL_SCHEMES = "http,https";
# Enable repository badges (via shields.io or a similar generator)
#FORGEJO__badges__ENABLED = "true";
# ...
# Root path for storing all repository data. By default, it is set to %(APP_DATA_PATH)s/gitea-repositories.
# A relative path is interpreted as _`AppWorkPath`_/%(ROOT)s
FORGEJO__repository__ROOT = repoDir;
# ...
# Force every new repository to be private.
FORGEJO__repository__FORCE_PRIVATE = "false";
# Default private when creating a new repository with push-to-create.
FORGEJO__repository__DEFAULT_PUSH_TO_CREATE = "true";
# ...
# Allow users to push local repositories to Forgejo and have them automatically created for a user.
FORGEJO__repository__ENABLE_PUSH_CREATE_USER = "true";
# Allow users to push local repositories to Forgejo and have them automatically created for an org.
FORGEJO__repository__ENABLE_PUSH_CREATE_ORG = "false";
# Comma separated list of globally disabled repo units.
FORGEJO__repository__DISABLED_REPO_UNITS = "";
# Comma separated list of default new repo units.
FORGEJO__repository__DEFAULT_REPO_UNITS = "repo.code,repo.issues,repo.pulls,repo.releases,repo.actions";
# Comma separated list of default forked repo units.
FORGEJO__repository__DEFAULT_FORK_REPO_UNITS = "repo.code,repo.pulls";
# Prefix archive files by placing them in a directory named after the repository.
FORGEJO__repository__PREFIX_ARCHIVE_FILES = "true";
# Disable migrating feature.
FORGEJO__repository__DISABLE_MIGRATIONS = "false";
# Disable stars feature.
FORGEJO__repository__DISABLE_STARS = "true";
# Disable repository forking.
#FORGEJO__repository__DISABLE_FORKS = "false";
# The default branch name of new repositories
FORGEJO__repository__DEFAULT_BRANCH = "main";
# ...
# List of prefixes used in Pull Request title to mark them as Work In Progress (matched in a case-insensitive manner)
FORGEJO__repository_0x2E_pull_0X2D_request__WORK_IN_PROGRESS_PREFIXES = "WIP:,[WIP],WIP";
# ...
# In the default merge message for squash commits walk all commits to include all authors in the Co-authored-by otherwise just use those in the limited list.
FORGEJO__repository_0x2E_pull_0X2D_request__DEFAULT_MERGE_MESSAGE_ALL_AUTHORS = "true";
# ...
# Enable cors headers (disabled by default)
FORGEJO__cors__ENABLED = "true";
# list of requesting origins that are allowed, eg: "https://*.example.com".
FORGEJO__cors__ALLOW_DOMAINS = "https://git.depeuter.dev,http://192.168.0.24:${toString webPort}";
# Set the default theme for the Gitea install.
FORGEJO__ui__DEFAULT_THEME = "gitea-auto";
# All available themes. Allow users to select personalized themes regardless of `DEFAULT_THEME`.
FORGEJO__ui__THEMES = "gitea-auto,gitea-light,gitea-dark,forgejo-auto,forgejo-light,forgejo-dark,forgejo-auto-deuteranopia-protanopia,forgejo-light-deuteranopia-protanopia,forgejo-dark-deuteranopia-protanopia,forgejo-auto-tritanopia,forgejo-light-tritanopia-forgejo-dark-tritanopia,github-auto,github,github-dark,edge-auto,edge-light,edge-dark,everforest-auto,everforest-light,everforest-dark,gruvbox-auto,gruvbox-light,gruvbox-dark,gruvbox-material-auto,grubox-material-dark,gruvbox-material-light,sonokai-andromeda,sonokai-atlantis,sonokai-espresso,sonokai-maia,sonokai-shusia,sonokai,catppuccin-frappe-green,catppuccin-frappe-teal,catppuccin-frappe-sky,catppuccin-frappe-sapphire,catppuccin-frappe-blue,catppuccin-frappe-lavender,catppuccin-macchiato-green,catppuccin-macchiato-teal,catppuccin-macchiato-sky,catppuccin-macchiato-sapphire,catppuccin-macchiato-blue,catppuccin-macchiato-lavender,catppuccin-mocha-green,catppuccin-mocha-teal,catppuccin-mocha-sky,catppuccin-mocha-sapphire,catppuccin-mocha-blue,catppuccin-mocha-lavender,nord,pitchblack,matrix,dark-arc";
FORGEJO__ui_0x2E_meta__AUTHOR = "${title} - ${slogan}";
FORGEJO__ui_0x2E_meta__DESCRIPTION = description;
FORGEJO__ui_0x2E_meta__KEYWORDS = "git,self-hosted,projects,code";
# Whether to render SVG files as images. If SVG rendering is disabled, SVG files are displayed as text and cannot be embedded in markdown files as images.
FORGEJO__ui_0x2E_svg__ENABLE_RENDER = "true";
# ...
# Enables math inline and block detection
FORGEJO__markdown__ENABLE_MATH = "true";
# Define allowed algorithms and their minimum key length (use -1 to disable a type)
#FORGEJO__ssh__0x2E__minimum_key_sizes__ED25519 = "256";
#FORGEJO__ssh__0x2E__minimum_key_sizes__ECDSA = "256";
FORGEJO__ssh_0x2E_minimum_key_sizes__RSA = "-1";
FORGEJO__ssh_0x2E_minimum_key_sizes__DSA = "-1";
# ... indexer
# ... queue
# Disallow regular (non-admin) users from creating organizations.
#FORGEJO__admin__DISABLE_REGULAR_ORG_CREATION = "false";
# Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled
FORGEJO__admin__DEFAULT_EMAIL_NOTIFICATIONS = "enabled";
# Send an email to all admins when a new user signs up to inform the admins about this act. Options: true, false
FORGEJO__admin__SEND_NOTIFICATION_EMAIL_ON_NEW_USER = "true";
# Disabled features for users, could be "deletion", "manage_ssh_keys","manage_gpg_keys" more features can be disabled in future
# - deletion: a user cannot delete their own account
# - manage_ssh_keys: a user cannot configure ssh keys
# - manage_gpg_keys: a user cannot configure gpg keys
#FORGEJO__admin__USER_DISABLED_FEATURES = "";
# Comma separated list of disabled features ONLY if the user has an external login type (eg. LDAP, Oauth, etc.), could be `deletion`, `manage_ssh_keys`, `manage_gpg_keys`. This setting is independent from `USER_DISABLED_FEATURES` and supplements its behavior.
# - deletion: a user cannot delete their own account
# - manage_ssh_keys: a user cannot configure ssh keys
# - manage_gpg_keys: a user cannot configure gpg keys
#FORGEJO__admin__EXTERNAL_USER_DISABLE_FEATURES = "";
# Whether to allow signin in via OpenID
FORGEJO__openid__ENABLE_OPENID_SIGNIN = "false";
# Whether to allow registering via OpenID
# Do not include to rely on rhw DISABLE_REGISTRATION setting
FORGEJO__openid__ENABLE_OPENID_SIGNUP = "false";
# ...
# ... oath2_client
# ... webhook
FORGEJO__mailer__ENABLED = "true";
# Buffer length of channel, keep it as it is if you don't know what it is.
#FORGEJO__mailer__SEND_BUFFER_LEN = "100";
# Prefix displayed before subject in mail.
#FORGEJO__mailer__SUBJECT_PREFIX = "";
# Mail server protocol. One of "smtp", "smtps", "smtp+starttls", "smtp+unix", "sendmail", "dummy"
FORGEJO__mailer__PROTOCOL = "smtps";
# Mail server address
FORGEJO__mailer__SMTP_ADDR = "smtp.gmail.com";
# Mail server port. If no protocol is specified, it will be inferred by this setting.
FORGEJO__mailer__SMTP_PORT = "465";
# Enable HELO operation. Defaults to true.
#FORGEJO__mailer__ENABLE_HELO = "true";
# Custom hostname fo the HELO operation. If no value is provided, one is retrieved from
# the system.
#FORGEJO__mailer__HELO_HOSTNAME = "";
# If set to 'true', completely ignores server certificate validation errors. UNSAFE!
#FORGEJO__mailer__FORCE_TRUST_SERVER_CERT = "false";
# Use client certificate in connection.
#FORGEJO__mailer__USE_CLIENT_CERT = "false";
#FORGEJO__mailer__CLIENT_CERT_FILE = "custom/mailer/cert.pem";
#FORGEJO__mailer__CLIENT_KEY_FILE = "custom/mailer/key.pem";
# Mail from address, RFC 5322. This can be just an email address, or the
# `"Name" <email@example.com>` format.
FORGEJO__mailer__FROM = ''"${title}" <git@depeuter.dev>'';
# Sometimes it is helpful to use a different address on the envelope. Set this to use
# ENVELOPE_FROM as the from on the envelope. Set to `<>` to send an empty address.
#FORGEJO__mailer__ENVELOPE_FROM = "";
# If gitea sends mails on behave of users, it will just use the name also displayed in the
# WebUI. If you want e.g. `Mister X (by CodeIt) <gitea@codeit.net>`, set it to
# `{{ .DisplayName }} (by {{ .AppName }})`.
# Available Variables: `.DisplayName`, `.AppName` and `.Domain`.
#FORGEJO__mailer__FROM_DISPLAY_NAME_FORMAT = "{{ .DisplayName }}";
# Mailer user name and password, if required by provider.
#FORGEJO__mailer__USER = "";
# Use PASSWD = `your password` for quoting if you use special characters in the password.
#FORGEJO__mailer__PASSWD = "";
# Send mails only in plain text, without HTML alternative
#FORGEJO__mailer__SEND_AS_PLAIN_TEXT = "false";
# Specify an alternative sendmail binary
#FORGEJO__mailer__SENDMAIL_PATH = "sendmail";
# Specify any extra sendmail arguments
# WARNING: if your sendmail program interprets options you should set this to "--" or terminate these args with "--"
#FORGEJO__mailer__SENDMAIL_ARGS = "";
# Timeout for Sendmail
#FORGEJO__mailer__SENDMAIL_TIMEOUT = "5m";
# convert \r\n to \n for Sendmail
#FORGEJO__mailer__SENDMAIL_CONVERT_CRLF = "true";
# ... email.incoming
# Either "memory", "redis", "memcache", or "twoqueue". default is "memory"
FORGEJO__cache__ADAPTER = "redis";
# For "memory" only, GC interval in seconds, default is 60.
#FORGEJO__cache__INTERVAL = "60";
# For "redis" and "memcache", connection host address
# redis: `redis://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` (or `redis+cluster://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` for a Redis cluster)
# memcache: `127.0.0.1:11211`
# twoqueue: `{"size":50000,"recent_ratio":0.25,"ghost_ratio":0.5}` or `50000`
FORGEJO__cache__HOST = "redis://gitea-redis:${toString redisPort}/0?pool_size=100&idle_timeout=180s";
# Time to keep items in cache if not used, default is 16 hours.
# Setting it to -1 disables caching
FORGEJO__cache__ITEM_TTL = "16h";
# Time to keep items in cache if not used, default is 8760 hours.
# Setting it to -1 disables caching
FORGEJO__cache_0X2E_last_0X2D_commit__ITEM_TTL = "8760h";
# Only enable the cache when repository's commits count great than
FORGEJO__cache_0X2E_last_0X2D_commit__COMMITS_COUNT = "100";
# Either "memory", "file", "redis", "db", "mysql", "couchbase", "memcache" or "postgres"
# Default is "memory". "db" will reuse the configuration in [database]
#FORGEJO__session__PROVIDER = "memory";
# Provider config options
# memory: doesn't have any config yet
# file: session file path, e.g. `data/sessions`
# redis: `redis://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` (or `redis+cluster://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` for a Redis cluster)
# mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
#FORGEJO__session__PROVIDER_CONFIG = "data/sessions"; # Relative paths will be made absolute against _`AppWorkPath`_.
# Session cookie name
FORGEJO__session__COOKIE_NAME = "i_like_tibo";
# If you use session in https only: true or false. If not set, it defaults to `true` if the ROOT_URL is an HTTPS URL.
FORGEJO__session__COOKIE_SECURE = "true";
# Session GC time interval in seconds, default is 86400 (1 day)
#FORGEJO__session__GC_0X2E_INTERVAL_0X2E_TIME = "86400";
# Session life time in seconds, default is 86400 (1 day)
#FORGEJO__session__SESSION_0X2E_LIFE_0X2E_TIME = "86400";
# Cookie domain name. Default is empty
FORGEJO__session__DOMAIN = "git.depeuter.dev";
# SameSite settings. Either "none", "lax", or "strict"
FORGEJO__session__SAME_SITE = "strict";
# How Gitea deals with missing repository avatars
# none = no avatar will be displayed; random = random avatar will be displayed; image = default image will be used
#FORGEJO__picture__REPOSITORY_AVATAR_FALLBACK = "none";
#FORGEJO__picture__REPOSITORY_AVATAR_FALLBACK_IMAGE = "/img/repo_default.png";
# Max Width and Height of uploaded avatars.
# This is to limit the amount of RAM used when resizing the image.
FORGEJO__picture__AVATAR_MAX_WIDTH = "10000";
FORGEJO__picture__AVATAR_MAX_HEIGTH = "10000";
# The multiplication factor for rendered avatar images.
# Larger values result in finer rendering on HiDPI devices.
#FORGEJO__picture__AVATAR_RENDERED_SIZE_FACTOR = "2";
# Maximum allowed file size for uploaded avatars.
# This is to limit the amount of RAM used when resizing the image.
#FORGEJO__picture__AVATAR_MAX_FILE_SIZE = "1048576";
# If the uploaded file is not larger than this byte size, the image will be used as is, without resizing/converting.
#FORGEJO__picture__AVATAR_MAX_ORIGIN_SIZE = "262144";
# Chinese users can choose "duoshuo"
# or a custom avatar source, like: http://cn.gravatar.com/avatar/
#FORGEJO__picture__GRAVATAR_SOURCE = "gravatar";
# This value will always be true in offline mode.
#FORGEJO__picture__DISABLE_GRAVATAR = "false";
# Federated avatar lookup uses DNS to discover avatar associated.
# with emails, see https://www.libravatar.org
# This value will always be false in offline mode or when Gravatar is disabled.
#FORGEJO__picture__ENABLE_FEDERATED_AVATAR = "false";
# ... attachment
# ... time
# ... cron
# Enables the mirror functionality. Set to **false** to disable all mirrors. Pre-existing mirrors remain valid but won't be updated; may be converted to regular repo.
FORGEJO__mirror__ENABLED = "true";
# Disable the creation of **new** pull mirrors. Pre-existing mirrors remain valid. Will be ignored if `mirror.ENABLED` is `false`.
FORGEJO__mirror__DISABLE_NEW_PULL = "false";
# Disable the creation of **new** push mirrors. Pre-existing mirrors remain valid. Will be ignored if `mirror.ENABLED` is `false`.
FORGEJO__mirror__DISABLE_NEW_PUSH = "false";
# Default interval as a duration between each check
FORGEJO__mirror__DEFAULT_INTERVAL = "1h";
# Min interval as a duration must be > 1m
FORGEJO__mirror__MIN_INTERVAL = "5m";
# ... api
# ... i18n
# .. highlight.mapping
# Show version information about Gitea and Go in the footer
FORGEJO__other__SHOW_FOOTER_VERSION = "false";
# Show template execution time in the footer
FORGEJO__other__SHOW_FOOTER_TEMPLATE_LOAD_TIME = "false";
# Show the "powered by" text in the footer
FORGEJO__other__SHOW_FOOTER_POWERED_BY = "false";
# Generate sitemap. Defaults to `true`.
FORGEJO__other__ENABLE_SITEMAP = "true";
# Enable/Disable RSS/Atom feed
FORGEJO__other__ENABLE_FEED = "true";
# ... markup
# ... metrics
# ... migrations
# ... f3
# Enable/Disable federation capabilities
FORGEJO__federation_ENABLED = "false";
# ...
# Enable/Disable package registry capabilities
FORGEJO__packages__ENABLED = "true";
# ... storage
# Repo-archive storage will override storage.
#FORGEJO__repo_0X2D_archive__STORAGE_TYPE = "local";
# Where your lfs files reside, default is data/lfs
FORGEJO__repo_0X2D_archive__PATH = "";
# Override the minio base path if storage type is minio.
#FORGEJO__repo_0X2D_archive__MINIO_BASE_PATH = "";
# lfs storage will override storage.
#FORGEJO__lfs__STORAGE_TYPE = "local";
# Where your lfs files reside, default is data/lfs
FORGEJO__lfs__PATH = "";
# Override the minio base path if storage is set to minio.
#FORGEJO__lfs__MINIO_BASE_PATH = "lfs/";
# Enable the proxy, all requests to external via HTTP will be affected
FORGEJO__proxy__PROXY_ENABLED = "false";
# Proxy server URL, support http://, https//, socks://, blank will follow environment http_proxy/https_proxy/no_proxy
#FORGEJO__proxy__PROXY_URL = "";
# Comma separated list of host names requiring proxy. Glob patterns (*) are accepted; use ** to match all hosts.
#FORGEJO__proxy__PROXY_HOSTS = "";
# Enable/Disable actions capabilities
FORGEJO__actions__ENABLED = "true";
# Default address to get action plugins, e.g. the default value means downloading from "https://code.forgejo.org/actions/checkout" for "uses: actions/checkout@v3"
#FORGEJO__actions__DEFAULT_ACTIONS_URL = "https://code.forgejo.org";
# ...
};
};
};
};
}
Reference in a new issue View git blame Copy permalink