From 01906f483c15b9d97ab8cb7cb2f8a379bc312ac8 Mon Sep 17 00:00:00 2001
From: Ivan Dimitrov <ivan@idimitrov.dev>
Date: Sat, 16 Dec 2023 11:50:47 +0200
Subject: [PATCH] enable gitea

---
 mailserver/default.nix          |  2 +-
 mailserver/gitea/default.nix    | 17 +++++++++++++++++
 mailserver/nginx/default.nix    |  8 ++++++++
 mailserver/postgres/default.nix | 12 +++++++++++-
 4 files changed, 37 insertions(+), 2 deletions(-)
 create mode 100644 mailserver/gitea/default.nix

diff --git a/mailserver/default.nix b/mailserver/default.nix
index b56b68d..b491c46 100644
--- a/mailserver/default.nix
+++ b/mailserver/default.nix
@@ -1,4 +1,4 @@
 { config, pkgs, ... }:
 {
-  imports = [ ./configuration.nix ./mailserver ./roundcube ./postgres ./wireguard ./nginx ./webshite ./tor ./i2pd ];
+  imports = [ ./configuration.nix ./mailserver ./roundcube ./postgres ./wireguard ./nginx ./webshite ./tor ./i2pd ./gitea ];
 }
diff --git a/mailserver/gitea/default.nix b/mailserver/gitea/default.nix
new file mode 100644
index 0000000..6f40716
--- /dev/null
+++ b/mailserver/gitea/default.nix
@@ -0,0 +1,17 @@
+{ config, pkgs, ... }:
+{
+  services.gitea = {
+    enable = true;
+    appName = "idimitrov: Gitea";
+    database = {
+      type = "postgres";
+    };
+    settings = {
+      server = {
+        DOMAIN = "git.idimitrov.dev";
+        ROOT_URL = "https://git.idimitrov.dev/";
+        HTTP_PORT = 3001;
+      };
+    };
+  };
+}
diff --git a/mailserver/nginx/default.nix b/mailserver/nginx/default.nix
index 3ed5ea8..429e24d 100644
--- a/mailserver/nginx/default.nix
+++ b/mailserver/nginx/default.nix
@@ -32,7 +32,15 @@
             proxyPass = "http://127.0.0.1:3000";
           };
         };
+        "git.idimitrov.dev" = {
+          enableACME = true;
+          forceSSL = true;
+          locations."/" = {
+            proxyPass = "http://127.0.0.1:3001";
+          };
+        };
       };
     };
   };
 }
+
diff --git a/mailserver/postgres/default.nix b/mailserver/postgres/default.nix
index 4ff65ac..0657ecb 100644
--- a/mailserver/postgres/default.nix
+++ b/mailserver/postgres/default.nix
@@ -3,12 +3,16 @@
   services = {
     postgresql = {
       enable = true;
-      ensureDatabases = [ "roundcube" ];
+      ensureDatabases = [ "roundcube" "gitea" ];
       ensureUsers = [
         {
           name = "roundcube";
           ensureDBOwnership = true;
         }
+        {
+          name = "gitea";
+          ensureDBOwnership = true;
+        }
         {
           name = "root";
           ensureClauses = {
@@ -18,6 +22,12 @@
           };
         }
       ];
+      authentication = ''
+        local gitea all ident map=gitea-users
+      '';
+      identMap = ''
+        gitea-users gitea gitea
+      '';
       initialScript = pkgs.writeText "init" ''
         GRANT ALL PRIVILEGES ON DATABASE roundcube TO roundcube;
         GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO roundcube;