colonelpanic/dotfiles
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[NixOS] Try gitlab on biskcomp

Browse Source
This commit is contained in:
Ivan Malison
2024-10-20 16:29:38 -06:00
parent a2bbd4e04e
commit d4faa061dc
1 changed files with 17 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
nixos/machines/biskcomp.nix
View File

@@ -1,4 +1,4 @@
{ forEachUser, ... }:
{ pkgs, forEachUser, ... }:
let biskcomp-nginx-hostnames = "192.168.1.44 railbird.ai 1896Folsom.duckdns.org biskcomp.local 0.0.0.0 67.162.131.71";
in
{
@@ -52,14 +52,17 @@ in
defaults.email = "IvanMalison@gmail.com";
};
# services.nextcloud = {
# enable = true;
# hostName = "nextcloud.railbird.ai";
# config = {
# dbtype = "pgsql";
# database.createLocally = true;
# };
# };
services.gitlab = {
enable = true;
databasePasswordFile = pkgs.writeText "dbPassword" "zgvcyfwsxzcwr85l";
initialRootPasswordFile = pkgs.writeText "rootPassword" "dakqdvp4ovhksxer";
secrets = {
secretFile = pkgs.writeText "secret" "Aig5zaic";
otpFile = pkgs.writeText "otpsecret" "Riew9mue";
dbFile = pkgs.writeText "dbsecret" "we2quaeZ";
jwsFile = pkgs.runCommand "oidcKeyBase" {} "${pkgs.openssl}/bin/openssl genrsa 2048 > $out";
};
};
services.nginx = {
enable = true;
@@ -67,6 +70,11 @@ in
recommendedGzipSettings = true;
recommendedTlsSettings = true;
virtualHosts = {
"gitlab.railbird.ai" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";
};
"vaultwarden.railbird.ai" = {
enableACME = true;
forceSSL = true;