feat: add panam host for forgejo instance

2026-04-09 21:54:25 +10:00 · 2026-04-09 21:54:25 +10:00 · 3b56a51634
commit 3b56a51634
parent 2af088e966
4 changed files with 67 additions and 1 deletions
--- a/flake.nix
+++ b/flake.nix
@ -79,6 +79,16 @@
          (mkHomeManagerConfig {})
        ];
      };
+
+      panam = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        specialArgs = { inherit inputs; };
+        modules = [
+          ./hosts/panam/configuration.nix
+          home-manager.nixosModules.home-manager
+          (mkHomeManagerConfig {})
+        ];
+      };
      # other hosts...
    };
  };
--- a/hosts/alt/caddy.nix
+++ b/hosts/alt/caddy.nix
@ -5,7 +5,7 @@ let
 		"analytics.figtree.dev" = "http://192.168.80.1:3300";
 		"figtree.dev"           = "http://192.168.1.63:8080";
 		"files.figtree.dev"     = "http://192.168.80.4:8080";
-		"git.figtree.dev"       = "http://192.168.80.2:3000";
+		"git.figtree.dev"       = "http://192.168.80.8:3000";
 		"nc.figtree.dev"        = "http://192.168.1.62:11000";
 		"paperless.figtree.dev" = "http://192.168.1.63:8010";
 		"photos.figtree.dev"    = "http://192.168.80.1:2283";
--- a/hosts/panam/configuration.nix
+++ b/hosts/panam/configuration.nix
@ -0,0 +1,24 @@
+{ config, modulesPath, pkgs, inputs, ... }:
+
+{
+  imports =
+    [ 
+      (modulesPath + "/virtualisation/proxmox-lxc.nix")
+      ../modules/base.nix
+      ../modules/server.nix
+      ./forgejo.nix
+    ];
+
+  nix.settings = { sandbox = false; };
+  proxmoxLXC = {
+    manageNetwork = false;
+    privileged = true;
+  };
+
+  networking.hostName = "panam";
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken.
+  system.stateVersion = "25.05";
+}
--- a/hosts/panam/forgejo.nix
+++ b/hosts/panam/forgejo.nix
@ -0,0 +1,32 @@
+{ config, pkgs, lib, ... }:
+
+let
+  cfg = config.services.forgejo;
+  srv = cfg.settings.server;
+in
+{
+  services.forgejo = {
+    enable = true;
+    database.type = "sqlite";
+    lfs.enable = true;
+    settings = {
+      server = {
+        DOMAIN = "git.figtree.dev";
+        ROOT_URL = "https://git.figtree.dev/";
+        HTTP_ADDR = "0.0.0.0";
+        HTTP_PORT = 3000;
+      };
+      service.DISABLE_REGISTRATION = true;
+    };
+  };
+
+  # Open the firewall for Forgejo's HTTP and SSH ports
+  networking.firewall.allowedTCPPorts = [ 3000 22 ];
+
+  # Ensure the user 'alex' is an admin in Forgejo if needed
+  # (Note: Forgejo doesn't allow 'admin' as a username)
+  systemd.services.forgejo.preStart = ''
+    # This will fail if the user already exists, hence || true
+    ${lib.getExe cfg.package} admin user create --admin --email "code@figtree.dev" --username alex --password "changeme123" || true
+  '';
+}