diff options
| author | Jasper Ras <jras@hostnet.nl> | 2025-03-24 08:34:04 +0100 |
|---|---|---|
| committer | Jasper Ras <jras@hostnet.nl> | 2025-03-24 08:34:04 +0100 |
| commit | 359614b31cc46bc4d00af97753725d5db4b1f5b3 (patch) | |
| tree | ca4a0184fdd6f114906914e72b767ba3fb1bf5de | |
| parent | 7a768cc5de8f0de198ea37ae1804af06dcf351ae (diff) | |
some gitlab stuff
| -rw-r--r-- | modules/snorlax/git.nix | 43 | ||||
| -rw-r--r-- | secrets/gitlab-db.age | bin | 0 -> 267 bytes | |||
| -rw-r--r-- | secrets/gitlab-init-root.age | bin | 0 -> 260 bytes | |||
| -rw-r--r-- | secrets/gitlab-jws.age | bin | 0 -> 1940 bytes | |||
| -rw-r--r-- | secrets/gitlab-otp.age | bin | 0 -> 267 bytes | |||
| -rw-r--r-- | secrets/gitlab-secret.age | bin | 0 -> 267 bytes | |||
| -rw-r--r-- | secrets/secrets.nix | bin | 1013 -> 1237 bytes |
7 files changed, 41 insertions, 2 deletions
diff --git a/modules/snorlax/git.nix b/modules/snorlax/git.nix index 36de434..e91afcb 100644 --- a/modules/snorlax/git.nix +++ b/modules/snorlax/git.nix @@ -1,4 +1,4 @@ -{ lib, pkgs, ... }: +{ config, lib, pkgs, ... }: let home = "/persist/var/lib/git"; repos = { @@ -50,7 +50,7 @@ let ''; in { - networking.firewall.allowedTCPPorts = [ 80 ]; + networking.firewall.allowedTCPPorts = [ 80 8080 ]; services.cgit.snorlax = { enable = true; @@ -86,4 +86,43 @@ in packages = with pkgs; [ git ]; }; services.openssh.settings.AllowUsers = [ "git" ]; + + age.secrets= { + gitlab-init-root = { + file = ../../secrets/gitlab-init-root.age; + owner = "gitlab"; + group = "gitlab"; + }; + gitlab-db = { + file = ../../secrets/gitlab-db.age; + owner = "gitlab"; + group = "gitlab"; + }; + gitlab-jws = { + file = ../../secrets/gitlab-jws.age; + owner = "gitlab"; + group = "gitlab"; + }; + gitlab-otp = { + file = ../../secrets/gitlab-otp.age; + owner = "gitlab"; + group = "gitlab"; + }; + gitlab-secret = { + file = ../../secrets/gitlab-secret.age; + owner = "gitlab"; + group = "gitlab"; + }; + }; + + + services.gitlab = { + enable = true; + initialRootEmail = "jaspert.ras@gmail.com"; + initialRootPasswordFile = config.age.secrets.gitlab-init-root.path; + secrets.dbFile = config.age.secrets.gitlab-db.path; + secrets.jwsFile = config.age.secrets.gitlab-jws.path; + secrets.otpFile = config.age.secrets.gitlab-otp.path; + secrets.secretFile = config.age.secrets.gitlab-secret.path; + }; } diff --git a/secrets/gitlab-db.age b/secrets/gitlab-db.age Binary files differnew file mode 100644 index 0000000..c388e62 --- /dev/null +++ b/secrets/gitlab-db.age diff --git a/secrets/gitlab-init-root.age b/secrets/gitlab-init-root.age Binary files differnew file mode 100644 index 0000000..9abf0cd --- /dev/null +++ b/secrets/gitlab-init-root.age diff --git a/secrets/gitlab-jws.age b/secrets/gitlab-jws.age Binary files differnew file mode 100644 index 0000000..eb8fa72 --- /dev/null +++ b/secrets/gitlab-jws.age diff --git a/secrets/gitlab-otp.age b/secrets/gitlab-otp.age Binary files differnew file mode 100644 index 0000000..de88c43 --- /dev/null +++ b/secrets/gitlab-otp.age diff --git a/secrets/gitlab-secret.age b/secrets/gitlab-secret.age Binary files differnew file mode 100644 index 0000000..5ea07bb --- /dev/null +++ b/secrets/gitlab-secret.age diff --git a/secrets/secrets.nix b/secrets/secrets.nix Binary files differindex b87293b..b0a4d7c 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix |