abonerib/jungle
1
0
Fork 0
forked from rarias/jungle
Code Pull Requests 2 Actions Activity
Files
64cb958400a581a90877e643bd0ae4ae4a290fd5
jungle/m/tent/gitea.nix
Rodrigo Arias Mallo 32a576e870 Copy Gitea backup in /ceph too 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
2026-03-09 15:27:37 +01:00

83 lines
2.0 KiB
Nix
Raw Blame History

{ config, lib, ... }:
let
cfg = config.services.gitea;
in
{
services.gitea = {
enable = true;
appName = "Gitea in the jungle";
settings = {
server = {
ROOT_URL = "https://jungle.bsc.es/git/";
LOCAL_ROOT_URL = "https://jungle.bsc.es/git/";
LANDING_PAGE = "explore";
};
metrics.ENABLED = true;
service = {
DISABLE_REGISTRATION = true;
REGISTER_MANUAL_CONFIRM = true;
ENABLE_NOTIFY_MAIL = true;
};
log.LEVEL = "Warn";
mailer = {
ENABLED = true;
FROM = "jungle-robot@bsc.es";
PROTOCOL = "sendmail";
SENDMAIL_PATH = "/run/wrappers/bin/sendmail";
SENDMAIL_ARGS = "--";
};
};
dump = {
enable = false; # Do not enable NixOS module, use our custom systemd script below
backupDir = "/vault/backup/gitea";
};
};
systemd.services.gitea-backup = let
exe = lib.getExe cfg.package;
in {
description = "Gitea daily backup";
after = [ "gitea.service" ];
path = [ cfg.package ];
environment = {
USER = cfg.user;
HOME = cfg.stateDir;
GITEA_WORK_DIR = cfg.stateDir;
GITEA_CUSTOM = cfg.customDir;
};
serviceConfig = {
Type = "oneshot";
User = cfg.user;
WorkingDirectory = cfg.dump.backupDir;
};
script = ''
name="gitea-dump-$(date +%a).${cfg.dump.type}"
${exe} dump --type ${cfg.dump.type} --file - >"$name.tmp"
mv "$name.tmp" "$name"
cp "$name" "/ceph/backup/gitea/$name"
'';
};
# Create also the /ceph directories if needed
systemd.tmpfiles.rules = [
"d /ceph/backup/gitea/ 0750 ${cfg.user} ${cfg.group} - -"
"z /ceph/backup/gitea/ 0750 ${cfg.user} ${cfg.group} - -"
];
systemd.timers.gitea-backup = {
description = "Update timer for gitea-backup";
partOf = [ "gitea-backup.service" ];
wantedBy = [ "timers.target" ];
timerConfig.OnCalendar = cfg.dump.interval;
};
# Allow gitea user to send mail
users.users.gitea.extraGroups = [ "mail-robot" ];
}
View Git Blame Copy Permalink