{pkgs, ...}: let port = 3000; in { services = { forgejo = { enable = true; package = pkgs.unstable.forgejo; settings = { DEFAULT.APP_NAME = "buffet's kitchen"; admin.SEND_NOTIFICATION_EMAIL_ON_NEW_USER = true; cron.ENABLED = true; federation.ENABLED = true; mailer = { ENABLED = true; PROTOCOL = "sendmail"; FROM = "buffet's kitchen "; SENDMAIL_PATH = "${pkgs.system-sendmail}/bin/sendmail"; }; repository = { ENABLE_PUSH_CREATE_USER = true; ENABLE_PUSH_CREATE_ORG = true; }; server = { DOMAIN = "buffets.kitchen"; ROOT_URL = "https://buffets.kitchen/"; HTTP_PORT = port; }; service = { DISABLE_REGISTRATION = true; ENABLE_NOTIFY_MAIL = true; }; "markup.asciidoc" = { ENABLED = true; NEED_POSTPROCESS = true; FILE_EXTENSIONS = ".adoc,.asciidoc"; RENDER_COMMAND = ''"${pkgs.asciidoctor}/bin/asciidoctor -e --safe-mode=secure -a showtitle --out-file=- -"''; IS_INPUT_FILE = false; }; "markup.restructuredtext" = { ENABLED = true; NEED_POSTPROCESS = true; FILE_EXTENSIONS = ".rst"; RENDER_COMMAND = ''"timeout 30s ${pkgs.pandoc}/bin/pandoc +RTS -M512M -RTS -f rst"''; IS_INPUT_FILE = false; }; }; }; nginx = { enable = true; recommendedGzipSettings = true; recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; virtualHosts."buffets.kitchen" = { useACMEHost = "buffet.sh"; forceSSL = true; locations."= /" = { extraConfig = '' return 301 https://$host/chef; ''; }; locations."/" = { proxyPass = "http://localhost:${toString port}"; }; }; }; }; }