mynix/system
1
1
Fork 0
Code Issues 2 Pull requests Activity
system/nixos/hosts/magenta/services/woodpecker/server.nix
Dmitriy Pleshevskiy dab505e62b nix: use 22.11 stable nixpkgs (#13) 
nix: refac overlays

nix: fix path to packages

nix: use mkMerge

nix: rename nixpkgs-unstable input

user: remove my tools

user: build use unstable packages for nil

cannot be built on stable because it requires rustc 1.66 or newer, while the currently active rustc version is 1.64.0

host/magenta: use unstable gitea

nix: fix rollback command

nix: fix overlays

user: use unstable haskell packages to build xmonad

user: don't build woodpecker-cli

host: import nix module for canigou and magenta

pkgs: fix woodpecker

host/home: use unstable kernel to use rtl88x2bu driver

host: use unstable ipfs

move ipfs to shared config

user: use unstable woodpecker-cli

Reviewed-on: #13
2023-03-31 17:40:22 +03:00

68 lines
2.2 KiB
Nix
Raw Blame History

# https://github.com/Mic92/dotfiles/tree/035a2c22e161f4fbe4fcbd038c6464028ddce619/nixos/eve/modules/woodpecker
{ pkgs, config, ... }:
let
data = import ./data.secret.nix;
inherit (data) hostname port grpcPort userServer group database;
in
{
networking.firewall.allowedTCPPorts = [ port grpcPort ];
services.postgresql.enable = true;
systemd.services.woodpecker-server = {
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
serviceConfig = {
# See: https://woodpecker-ci.org/docs/administration/server-config
EnvironmentFile = [
config.age.secrets.woodpecker-common-env.path
config.age.secrets.woodpecker-server-env.path
];
Environment = [
"WOODPECKER_DEBUG_PRETTY=true"
"WOODPECKER_LOG_LEVEL=trace"
"WOODPECKER_HOST=https://${hostname}"
"WOODPECKER_SERVER_ADDR=:${toString port}"
"WOODPECKER_GRPC_ADDR=:${toString grpcPort}"
"WOODPECKER_ADMIN=pleshevskiy"
"WOODPECKER_DATABASE_DRIVER=postgres"
"WOODPECKER_DATABASE_DATASOURCE=postgres://${userServer}@:${toString config.services.postgresql.port}/${database}?host=/run/postgresql"
"WOODPECKER_GITEA=true"
"WOODPECKER_GITEA_URL=https://git.pleshevski.ru"
"WOODPECKER_DOCKER_CONFIG=${config.age.secrets.woodpecker-docker-config.path}"
"WOODPECKER_AUTHENTICATE_PUBLIC_REPOS=true"
];
ExecStart = "${pkgs.unstable.woodpecker-server}/bin/woodpecker-server";
User = userServer;
Group = group;
};
};
services.postgresql = {
ensureDatabases = [ database ];
ensureUsers = [
{
name = userServer;
ensurePermissions = {
"DATABASE ${database}" = "ALL PRIVILEGES";
};
}
];
};
services.traefik.dynamicConfigOptions.http = {
routers.to_woodpecker_server = {
rule = "Host(`${hostname}`)";
entryPoints = [ "https" ];
tls.certResolver = "le";
service = "woodpecker_server";
};
services.woodpecker_server = {
loadBalancer.servers = [
{ url = "http://host.docker.internal:${toString port}"; }
];
};
};
}
Reference in a new issue View git blame Copy permalink