2023-12-04 00:11:50 +02:00
|
|
|
{ config, depot, ... }:
|
|
|
|
|
2023-07-21 02:26:26 +03:00
|
|
|
{
|
|
|
|
services.forge = {
|
|
|
|
nodes.server = [ "VEGAS" ];
|
|
|
|
nixos.server = ./server.nix;
|
2024-07-04 05:25:56 +03:00
|
|
|
meshLinks.server = {
|
|
|
|
name = "forge";
|
|
|
|
link.protocol = "http";
|
|
|
|
};
|
2024-07-08 17:08:39 +03:00
|
|
|
secrets = with config.services.forge.nodes; {
|
|
|
|
oidcSecret = {
|
|
|
|
nodes = server;
|
|
|
|
owner = "forgejo";
|
|
|
|
};
|
|
|
|
};
|
2023-07-21 02:26:26 +03:00
|
|
|
};
|
2023-12-04 00:11:50 +02:00
|
|
|
|
2024-08-10 14:08:21 +03:00
|
|
|
ways.forge = let
|
2024-07-04 05:25:56 +03:00
|
|
|
host = builtins.head config.services.forge.nodes.server;
|
2024-08-10 14:08:21 +03:00
|
|
|
in config.lib.forService "forge" {
|
|
|
|
target = config.hostLinks.${host}.forge.url;
|
|
|
|
};
|
2024-07-02 18:07:43 +03:00
|
|
|
|
2024-08-11 21:47:59 +03:00
|
|
|
patroni = config.lib.forService "forge" {
|
|
|
|
databases.forge = {};
|
|
|
|
users.forge.locksmith = {
|
|
|
|
nodes = config.services.forge.nodes.server;
|
|
|
|
format = "raw";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2024-07-23 20:05:45 +03:00
|
|
|
garage = config.lib.forService "forge" {
|
2024-07-11 00:18:52 +03:00
|
|
|
keys.forgejo.locksmith.nodes = config.services.forge.nodes.server;
|
2024-07-02 18:07:43 +03:00
|
|
|
buckets.forgejo.allow.forgejo = [ "read" "write" ];
|
|
|
|
};
|
2024-07-11 01:29:15 +03:00
|
|
|
|
2024-07-23 20:05:45 +03:00
|
|
|
monitoring.blackbox.targets.forge = config.lib.forService "forge" {
|
2024-07-11 01:29:15 +03:00
|
|
|
address = "https://forge.${depot.lib.meta.domain}/api/v1/version";
|
|
|
|
module = "https2xx";
|
|
|
|
};
|
2024-07-17 01:48:01 +03:00
|
|
|
|
2024-07-23 20:05:45 +03:00
|
|
|
dns.records = config.lib.forService "forge" {
|
|
|
|
"ssh.forge".target = map
|
|
|
|
(node: depot.hours.${node}.interfaces.primary.addrPublic)
|
|
|
|
config.services.forge.nodes.server;
|
|
|
|
};
|
2023-07-21 02:26:26 +03:00
|
|
|
}
|