enable git server on vps

README.md

@@ -23,13 +23,13 @@ nix flake update
 ### New Host Installation
 ```bash
 # For NixOS and disko
-sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko --flake github:Logan-Lin/nix-config#<host>
+sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko --flake git+https://git.yanlincs.com/yanlin/nix#<host>
 sudo nixos-install --flake .#<host>
 
 # For nix-darwin
 xcode-select --install
-sudo nix --extra-experimental-features "nix-command flakes" run nix-darwin -- switch --flake github:Logan-Lin/nix-config#<host>
-nix --extra-experimental-features "nix-command flakes" run home-manager/master -- switch --flake github:Logan-Lin/nix-config#<user>@<host>
+sudo nix --extra-experimental-features "nix-command flakes" run nix-darwin -- switch --flake git+https://git.yanlincs.com/yanlin/nix#<host>
+nix --extra-experimental-features "nix-command flakes" run home-manager/master -- switch --flake git+https://git.yanlincs.com/yanlin/nix#<user>@<host>
 ```
 
 ### Occasional Commands

hosts/nixos/vps/proxy.nix

@@ -38,6 +38,17 @@
           };
         };
 
+        git = {
+          rule = "Host(`git.yanlincs.com`)";
+          service = "git";
+          tls = {
+            certResolver = "cloudflare";
+            domains = [{
+              main = "*.yanlincs.com";
+            }];
+          };
+        };
+
       };
 
       services = {
@@ -59,6 +70,14 @@
           };
         };
 
+        git = {
+          loadBalancer = {
+            servers = [{
+              url = "http://127.0.0.1:3000";
+            }];
+          };
+        };
+
       };
 
     };

hosts/nixos/vps/system.nix

@@ -10,6 +10,7 @@
     ../../../modules/podman.nix
     ../../../modules/traefik.nix
     ../../../modules/borg/client.nix
+    ../../../modules/git/server.nix
   ];
 
   # GRUB bootloader with UEFI support
@@ -72,12 +73,18 @@
 
   services.tailscale-custom.exitNode = true;
 
+  services.git-server-custom = {
+    enable = true;
+    domain = "git.yanlincs.com";
+  };
+
   # Borg backup configuration
   services.borg-client-custom = {
     enable = true;
     repositoryUrl = "ssh://helsinki-box/./vps";
     backupPaths = [
       "/var/lib/mongodb"
+      "/var/lib/forgejo"
     ];
     backupFrequency = "*-*-* 03:00:00";
     retention = {

modules/git/home.nix

@@ -24,7 +24,7 @@
     settings = {
       user = {
         name = "Yan Lin";
-        email = "github@yanlincs.com";
+        email = "git@yanlincs.com";
       };
 
       credential = {

modules/git/server.nix

@@ -1,4 +1,7 @@
-{ config, lib, ... }:
+# NOTE: After install, use the following command to create admin account.
+# sudo -u forgejo forgejo --config /var/lib/forgejo/custom/conf/app.ini admin user create --admin --username <user> --password <pass> --email <email>
+
+{ config, lib, pkgs, ... }:
 
 let
   cfg = config.services.git-server-custom;
@@ -24,6 +27,8 @@ in
   };
 
   config = lib.mkIf cfg.enable {
+    environment.systemPackages = [ config.services.forgejo.package ];
+
     services.forgejo = {
       enable = true;
       lfs.enable = true;
@@ -35,6 +40,7 @@ in
           HTTP_ADDR = "127.0.0.1";
           HTTP_PORT = cfg.httpPort;
           SSH_PORT = cfg.sshPort;
+          LANDING_PAGE = "/yanlin";
         };
         service.DISABLE_REGISTRATION = true;
       };

modules/ssh.nix

@@ -51,6 +51,11 @@ in
         identityFile = "${keyDir}/hetzner";
       };
 
+      "git.yanlincs.com" = {
+        user = "forgejo";
+        identityFile = "${keyDir}/hetzner";
+      };
+
       "borg-box" = {
         hostname = "u518619.your-storagebox.de";
         user = "u518619";