38 lines
937 B
Nix
38 lines
937 B
Nix
{ config, depot, ... }:
|
|
|
|
{
|
|
services.forge = {
|
|
nodes.server = [ "VEGAS" ];
|
|
nixos.server = ./server.nix;
|
|
meshLinks.server = {
|
|
name = "forge";
|
|
link.protocol = "http";
|
|
};
|
|
secrets = with config.services.forge.nodes; {
|
|
oidcSecret = {
|
|
nodes = server;
|
|
owner = "forgejo";
|
|
};
|
|
dbCredentials.nodes = server;
|
|
};
|
|
};
|
|
|
|
ways.forge.target = let
|
|
host = builtins.head config.services.forge.nodes.server;
|
|
in config.hostLinks.${host}.forge.url;
|
|
|
|
garage = {
|
|
keys.forgejo.locksmith.nodes = config.services.forge.nodes.server;
|
|
buckets.forgejo.allow.forgejo = [ "read" "write" ];
|
|
};
|
|
|
|
monitoring.blackbox.targets.forge = {
|
|
address = "https://forge.${depot.lib.meta.domain}/api/v1/version";
|
|
module = "https2xx";
|
|
};
|
|
|
|
dns.records."ssh.forge".target = map
|
|
(node: depot.hours.${node}.interfaces.primary.addrPublic)
|
|
config.services.forge.nodes.server;
|
|
}
|