gitea: add robots.txt
This commit is contained in:
parent
a0021eec05
commit
d851303bb0
1 changed files with 22 additions and 11 deletions
|
@ -3,6 +3,8 @@
|
||||||
let
|
let
|
||||||
hostname = "git.pleshevski.ru";
|
hostname = "git.pleshevski.ru";
|
||||||
|
|
||||||
|
giteaCfg = config.services.gitea;
|
||||||
|
|
||||||
gitea = pkgs.gitea.overrideAttrs (oldAttrs: {
|
gitea = pkgs.gitea.overrideAttrs (oldAttrs: {
|
||||||
postInstall = with pkgs; ''
|
postInstall = with pkgs; ''
|
||||||
mkdir $data
|
mkdir $data
|
||||||
|
@ -13,6 +15,11 @@ let
|
||||||
--prefix PATH : ${lib.makeBinPath [ bash git gzip openssh gnupg ]}
|
--prefix PATH : ${lib.makeBinPath [ bash git gzip openssh gnupg ]}
|
||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
|
|
||||||
|
robotsTxt = pkgs.writeText "robots.txt" ''
|
||||||
|
User-agent: *
|
||||||
|
Disallow: /
|
||||||
|
'';
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
services.postgresql.package = pkgs.postgresql_14;
|
services.postgresql.package = pkgs.postgresql_14;
|
||||||
|
@ -65,35 +72,35 @@ in
|
||||||
DEFAULT_CLOSE_ISSUES_VIA_COMMITS_IN_ANY_BRANCH = true;
|
DEFAULT_CLOSE_ISSUES_VIA_COMMITS_IN_ANY_BRANCH = true;
|
||||||
};
|
};
|
||||||
"repository.local" = {
|
"repository.local" = {
|
||||||
LOCAL_COPY_PATH = "${config.services.gitea.stateDir}/tmp/local-repo";
|
LOCAL_COPY_PATH = "${giteaCfg.stateDir}/tmp/local-repo";
|
||||||
};
|
};
|
||||||
"repository.upload" = {
|
"repository.upload" = {
|
||||||
TEMP_PATH = "${config.services.gitea.stateDir}/uploads";
|
TEMP_PATH = "${giteaCfg.stateDir}/uploads";
|
||||||
ALLOWED_TYPES = "image/*";
|
ALLOWED_TYPES = "image/*";
|
||||||
};
|
};
|
||||||
"repository.pull-request" = {
|
"repository.pull-request" = {
|
||||||
WORK_IN_PROGRESS_PREFIXES = "Draft:,[Draft]:,WIP:,[WIP]:";
|
WORK_IN_PROGRESS_PREFIXES = "Draft:,[Draft]:,WIP:,[WIP]:";
|
||||||
};
|
};
|
||||||
indexer = {
|
indexer = {
|
||||||
ISSUE_INDEXER_PATH = "${config.services.gitea.stateDir}/indexers/issues.bleve";
|
ISSUE_INDEXER_PATH = "${giteaCfg.stateDir}/indexers/issues.bleve";
|
||||||
};
|
};
|
||||||
sessions = {
|
sessions = {
|
||||||
PROVIDER = "file";
|
PROVIDER = "file";
|
||||||
PROVIDER_CONFIG = "${config.services.gitea.stateDir}/sessions";
|
PROVIDER_CONFIG = "${giteaCfg.stateDir}/sessions";
|
||||||
};
|
};
|
||||||
picture = {
|
picture = {
|
||||||
AVATAR_UPLOAD_PATH = "${config.services.gitea.stateDir}/avatars";
|
AVATAR_UPLOAD_PATH = "${giteaCfg.stateDir}/avatars";
|
||||||
REPOSITORY_AVATAR_UPLOAD_PATH = "${config.services.gitea.stateDir}/repo-avatars";
|
REPOSITORY_AVATAR_UPLOAD_PATH = "${giteaCfg.stateDir}/repo-avatars";
|
||||||
DISABLE_GRAVATAR = false;
|
DISABLE_GRAVATAR = false;
|
||||||
ENABLE_FEDERATED_AVATAR = true;
|
ENABLE_FEDERATED_AVATAR = true;
|
||||||
};
|
};
|
||||||
attachment = {
|
attachment = {
|
||||||
PATH = "${config.services.gitea.stateDir}/attachments";
|
PATH = "${giteaCfg.stateDir}/attachments";
|
||||||
};
|
};
|
||||||
mailer = {
|
mailer = {
|
||||||
ENABLED = true;
|
ENABLED = true;
|
||||||
MAILER_TYPE = "smtp";
|
MAILER_TYPE = "smtp";
|
||||||
FROM = "\"${config.services.gitea.appName}\" <no-reply@pleshevski.ru>";
|
FROM = "\"${giteaCfg.appName}\" <no-reply@pleshevski.ru>";
|
||||||
USER = "dmitriy@pleshevski.ru";
|
USER = "dmitriy@pleshevski.ru";
|
||||||
HOST = "mail.pleshevski.ru:465";
|
HOST = "mail.pleshevski.ru:465";
|
||||||
};
|
};
|
||||||
|
@ -104,15 +111,19 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
systemd.services.gitea.preStart = lib.mkAfter ''
|
||||||
|
cp -f ${robotsTxt} ${giteaCfg.stateDir}/custom/robots.txt
|
||||||
|
'';
|
||||||
|
|
||||||
services.nginx.virtualHosts.${hostname} = {
|
services.nginx.virtualHosts.${hostname} = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
locations."/".proxyPass = "http://localhost:${toString config.services.gitea.httpPort}/";
|
locations."/".proxyPass = "http://localhost:${toString giteaCfg.httpPort}/";
|
||||||
};
|
};
|
||||||
|
|
||||||
age.secrets.gitea-mailserver-passfile = {
|
age.secrets.gitea-mailserver-passfile = {
|
||||||
file = ../../../secrets/mailserver-users-jan-passfile.age;
|
file = ../../../secrets/mailserver-users-jan-passfile.age;
|
||||||
owner = config.services.gitea.user;
|
owner = giteaCfg.user;
|
||||||
group = "gitea";
|
group = "gitea";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -124,7 +135,7 @@ in
|
||||||
action = iptables-allports
|
action = iptables-allports
|
||||||
'';
|
'';
|
||||||
|
|
||||||
environment.etc."fail2ban/filter.d/gitea.conf".source = pkgs.writeText "gitea.conf" ''
|
environment.etc."fail2ban/filter.d/gitea.conf".text = ''
|
||||||
[Definition]
|
[Definition]
|
||||||
failregex = .*Failed authentication attempt for .* from <HOST>
|
failregex = .*Failed authentication attempt for .* from <HOST>
|
||||||
ignoreregex =
|
ignoreregex =
|
||||||
|
|
Loading…
Reference in a new issue