karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add nextcloud

Browse Source 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
Nick Karaolidis
2025-06-16 00:40:24 +01:00
parent 6505f74ef3
commit f819c8c5e3
36 changed files with 572 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
hosts/jupiter/users/storm/configs/console/podman/gitea/default.nix
View File

@@ -13,7 +13,7 @@
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) volumes networks;
inherit (hmConfig.virtualisation.quadlet) containers volumes networks;
autheliaClientId = "I2ZYDFGWP1bzfiauXe94IaiReZF6SqoEskSp6phoL2L8l16Cq7YX3Vr4pkQOSYfNDOwuFjTRIpqQ8eAqK0M93NeEgpr8YoPhKHyR";
podman = lib.meta.getExe pkgs.podman;
podmanAsUser = "${config.security.wrapperDir}/git-sudo -u ${user} ${podman}";
@@ -166,12 +166,12 @@ in
authelia-gitea.content = builtins.readFile (
(pkgs.formats.yaml { }).generate "gitea.yaml" {
identity_providers.oidc = {
authorization_policies.git = {
authorization_policies.gitea = {
default_policy = "deny";
rules = [
{
policy = "one_factor";
subject = "group:git";
subject = "group:gitea";
}
];
};
@@ -182,7 +182,7 @@ in
client_name = "Gitea";
client_secret = hmConfig.sops.placeholder."gitea/authelia/digest";
redirect_uris = [ "https://git.karaolidis.com/user/oauth2/authelia/callback" ];
authorization_policy = "git";
authorization_policy = "gitea";
}
];
};
@@ -196,6 +196,7 @@ in
volumes = {
gitea-postgresql = { };
# TODO: Move LFS to mass storage
gitea = { };
};
@@ -229,7 +230,10 @@ in
];
};
unitConfig.After = [ "sops-nix.service" ];
unitConfig.After = [
"${containers.gitea-postgresql._serviceName}.service"
"sops-nix.service"
];
};
gitea-postgresql = {