From fa04def7a1d5faf35cc822088d82c42a54b60da0 Mon Sep 17 00:00:00 2001
From: Yan Lin <github@yanlincs.com>
Date: Tue, 17 Feb 2026 20:51:20 +0100
Subject: [PATCH] enable forgejo on vps

---
 hosts/nixos/vps/proxy.nix  | 19 +++++++++++++++++++
 hosts/nixos/vps/system.nix |  7 +++++++
 modules/git/server.nix     |  8 +++++++-
 modules/ssh.nix            |  5 +++++
 4 files changed, 38 insertions(+), 1 deletion(-)

diff --git a/hosts/nixos/vps/proxy.nix b/hosts/nixos/vps/proxy.nix
index d4d85ad..1743577 100644
--- a/hosts/nixos/vps/proxy.nix
+++ b/hosts/nixos/vps/proxy.nix
@@ -38,6 +38,17 @@
           };
         };
 
+        git = {
+          rule = "Host(`git.yanlincs.com`)";
+          service = "git";
+          tls = {
+            certResolver = "cloudflare";
+            domains = [{
+              main = "*.yanlincs.com";
+            }];
+          };
+        };
+
       };
 
       services = {
@@ -59,6 +70,14 @@
           };
         };
 
+        git = {
+          loadBalancer = {
+            servers = [{
+              url = "http://127.0.0.1:3000";
+            }];
+          };
+        };
+
       };
 
     };
diff --git a/hosts/nixos/vps/system.nix b/hosts/nixos/vps/system.nix
index bf64008..0094da4 100644
--- a/hosts/nixos/vps/system.nix
+++ b/hosts/nixos/vps/system.nix
@@ -10,6 +10,7 @@
     ../../../modules/podman.nix
     ../../../modules/traefik.nix
     ../../../modules/borg/client.nix
+    ../../../modules/git/server.nix
   ];
 
   # GRUB bootloader with UEFI support
@@ -72,12 +73,18 @@
 
   services.tailscale-custom.exitNode = true;
 
+  services.git-server-custom = {
+    enable = true;
+    domain = "git.yanlincs.com";
+  };
+
   # Borg backup configuration
   services.borg-client-custom = {
     enable = true;
     repositoryUrl = "ssh://helsinki-box/./vps";
     backupPaths = [
       "/var/lib/mongodb"
+      "/var/lib/forgejo"
     ];
     backupFrequency = "*-*-* 03:00:00";
     retention = {
diff --git a/modules/git/server.nix b/modules/git/server.nix
index 365e2ac..62f09af 100644
--- a/modules/git/server.nix
+++ b/modules/git/server.nix
@@ -1,4 +1,7 @@
-{ config, lib, ... }:
+# NOTE: After install, use the following command to create admin account.
+# sudo -u forgejo forgejo --config /var/lib/forgejo/custom/conf/app.ini admin user create --admin --username <user> --password <pass> --email <email>
+
+{ config, lib, pkgs, ... }:
 
 let
   cfg = config.services.git-server-custom;
@@ -24,6 +27,8 @@ in
   };
 
   config = lib.mkIf cfg.enable {
+    environment.systemPackages = [ config.services.forgejo.package ];
+
     services.forgejo = {
       enable = true;
       lfs.enable = true;
@@ -35,6 +40,7 @@ in
           HTTP_ADDR = "127.0.0.1";
           HTTP_PORT = cfg.httpPort;
           SSH_PORT = cfg.sshPort;
+          LANDING_PAGE = "/yanlin";
         };
         service.DISABLE_REGISTRATION = true;
       };
diff --git a/modules/ssh.nix b/modules/ssh.nix
index c773b11..9ed224b 100644
--- a/modules/ssh.nix
+++ b/modules/ssh.nix
@@ -51,6 +51,11 @@ in
         identityFile = "${keyDir}/hetzner";
       };
 
+      "git.yanlincs.com" = {
+        user = "forgejo";
+        identityFile = "${keyDir}/hetzner";
+      };
+
       "borg-box" = {
         hostname = "u518619.your-storagebox.de";
         user = "u518619";