stura-infra/hosts/git/default.nix

{
  config,
  lib,
  pkgs,
  ...
}:
{
  imports = [
    ./hardware-configuration.nix
  ];

  networking = {
    hostName = "git";
    interfaces.ens18.ipv4.addresses = [
      {
        address = "141.56.51.97";
        prefixLength = 24;
      }
    ];

    defaultGateway.address = "141.56.51.254";
    firewall.allowedTCPPorts = [
      80
      443
    ];
  };

  services = {
    openssh.enable = true;
    forgejo = {
      enable = true;
      settings = {

        server = {
          PROTOCOL = "http+unix";
          HTTP_ADDR = "/run/forgejo/forgejo.sock";
          ROOT_URL = "https://${config.networking.fqdn}";
        };
        oauth2_client = {
          ENABLE_AUTO_REGISTRATION = "true";
          REGISTER_EMAIL_CONFIRM = "false";
          username = "email";
        };
        service = {
          SHOW_REGISTRATION_BUTTON = "false";
        };
      };
    };

    nginx = {
      enable = true;
      virtualHosts."${config.networking.fqdn}" = {
        forceSSL = true;
        enableACME = true;
        locations."/" = {
          recommendedProxySettings = true;
          proxyWebsockets = true;
          proxyPass = "http://unix:/run/forgejo/forgejo.sock";
        };
      };
    };
  };


  system.stateVersion = "24.11";

}