{pkgs, ...}: let port = 3000; in { services = { forgejo = { enable = true; package = pkgs.unstable.forgejo; settings = { DEFAULT = { APP_NAME = "buffet's kitchen"; }; actions = { ENABLED = false; }; admin = { SEND_NOTIFICATION_EMAIL_ON_NEW_USER = true; }; cron = { ENABLED = true; }; federation = { ENABLED = true; }; mailer = { ENABLED = true; PROTOCOL = "sendmail"; FROM = "buffet's kitchen "; SENDMAIL_PATH = "${pkgs.system-sendmail}/bin/sendmail"; }; "markup.asciidoc" = { ENABLED = true; NEED_POSTPROCESS = true; FILE_EXTENSIONS = ".adoc,.asciidoc"; RENDER_COMMAND = ''"${pkgs.asciidoctor}/bin/asciidoctor -e --safe-mode=secure -a showtitle --out-file=- -"''; IS_INPUT_FILE = false; }; "markup.restructuredtext" = { ENABLED = true; NEED_POSTPROCESS = true; FILE_EXTENSIONS = ".rst"; RENDER_COMMAND = ''"timeout 30s ${pkgs.pandoc}/bin/pandoc +RTS -M512M -RTS -f rst"''; IS_INPUT_FILE = false; }; repository = { ENABLE_PUSH_CREATE_USER = true; ENABLE_PUSH_CREATE_ORG = true; }; server = { DOMAIN = "buffets.kitchen"; ROOT_URL = "https://buffets.kitchen/"; HTTP_PORT = port; LANDING_PAGE = "/kitchen"; }; "repository.pull-request" = { DEFAULT_MERGE_STYLE = "rebase"; }; service = { DISABLE_REGISTRATION = true; ENABLE_NOTIFY_MAIL = true; }; webhook = { ALLOWED_HOST_LIST = "external,loopback"; }; }; }; nginx = { virtualHosts."buffets.kitchen" = { useACMEHost = "buffet.sh"; forceSSL = true; locations = { "@forgejo" = { proxyPass = "http://localhost:${toString port}"; }; "/" = { tryFiles = "$uri @forgejo"; }; "/assets/" = { root = ../../res/forgejo; tryFiles = ''$uri @forgejo''; }; }; }; }; }; }