{ pkgs, config, lib, ... }: let cfg = config.services.forgejo; domainName = "forge.acomputer.lol"; inherit (import ../../../shared/caddy-helpers.nix) logFormat; in { sops.secrets = { "forgejo/runner_registration_token_file" = { mode = "400"; owner = config.users.users.root.name; group = config.users.users.root.group; }; }; services = { caddy.virtualHosts."act-cache.labs.adtya.xyz" = { inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:7777 ''; }; gitea-actions-runner = { package = pkgs.forgejo-runner; instances = { x86_64-runner = { enable = true; name = "x86_64-runner"; labels = [ "docker:docker://ubuntu:latest" "x86_64-docker:docker://ubuntu:latest" "linux:docker://ubuntu:latest" "x86_64-linux:docker://ubuntu:latest" ]; tokenFile = config.sops.secrets."forgejo/runner_registration_token_file".path; url = "https://${domainName}"; settings = { log.level = "info"; cache = { enabled = true; port = 7777; external_server = "https://act-cache.labs.adtya.xyz/"; }; }; }; }; }; forgejo = { enable = true; package = pkgs.forgejo; stateDir = "/mnt/data/Forgejo"; settings = { database = { DB_TYPE = lib.mkForce "postgres"; HOST = "127.0.0.1:5432"; USER = cfg.database.user; NAME = cfg.database.name; }; server = { ROOT_URL = "https://${domainName}"; PROTOCOL = "http"; DISABLE_SSH = false; START_SSH_SERVER = true; BUILTIN_SSH_SERVER_USER = "forge"; SSH_PORT = 42069; SSH_LISTEN_HOST = "10.10.10.13"; HTTP_ADDR = "10.10.10.13"; HTTP_PORT = 3000; DOMAIN = domainName; }; session = { COOKIE_SECURE = true; }; service = { DISABLE_REGISTRATION = true; }; }; database.createDatabase = true; }; }; }