diff --git a/nixos/modules/services/misc/gitea.nix b/nixos/modules/services/misc/gitea.nix
index 8ec7fe28af6d..7aaa93ac4c1c 100644
--- a/nixos/modules/services/misc/gitea.nix
+++ b/nixos/modules/services/misc/gitea.nix
@@ -10,6 +10,7 @@ let
useMysql = cfg.database.type == "mysql";
usePostgresql = cfg.database.type == "postgres";
useSqlite = cfg.database.type == "sqlite3";
+ format = pkgs.formats.ini { };
configFile = pkgs.writeText "app.ini" ''
APP_NAME = ${cfg.appName}
RUN_USER = ${cfg.user}
@@ -22,6 +23,16 @@ let
in
{
+ imports = [
+ (mkRenamedOptionModule [ "services" "gitea" "cookieSecure" ] [ "services" "gitea" "settings" "session" "COOKIE_SECURE" ])
+ (mkRenamedOptionModule [ "services" "gitea" "disableRegistration" ] [ "services" "gitea" "settings" "service" "DISABLE_REGISTRATION" ])
+ (mkRenamedOptionModule [ "services" "gitea" "log" "level" ] [ "services" "gitea" "settings" "log" "LEVEL" ])
+ (mkRenamedOptionModule [ "services" "gitea" "log" "rootPath" ] [ "services" "gitea" "settings" "log" "ROOT_PATH" ])
+ (mkRenamedOptionModule [ "services" "gitea" "ssh" "clonePort" ] [ "services" "gitea" "settings" "server" "SSH_PORT" ])
+
+ (mkRemovedOptionModule [ "services" "gitea" "ssh" "enable" ] "services.gitea.ssh.enable has been migrated into freeform setting services.gitea.settings.server.DISABLE_SSH. Keep in mind that the setting is inverted")
+ ];
+
options = {
services.gitea = {
enable = mkOption {
@@ -49,20 +60,6 @@ in
description = lib.mdDoc "gitea data directory.";
};
- log = {
- rootPath = mkOption {
- default = "${cfg.stateDir}/log";
- defaultText = literalExpression ''"''${config.${opt.stateDir}}/log"'';
- type = types.str;
- description = lib.mdDoc "Root path for log files.";
- };
- level = mkOption {
- default = "Info";
- type = types.enum [ "Trace" "Debug" "Info" "Warn" "Error" "Critical" ];
- description = lib.mdDoc "General log level.";
- };
- };
-
user = mkOption {
type = types.str;
default = "gitea";
@@ -192,25 +189,6 @@ in
};
};
- ssh = {
- enable = mkOption {
- type = types.bool;
- default = true;
- description = lib.mdDoc "Enable external SSH feature.";
- };
-
- clonePort = mkOption {
- type = types.int;
- default = 22;
- example = 2222;
- description = lib.mdDoc ''
- SSH port displayed in clone URL.
- The option is required to configure a service when the external visible port
- differs from the local listening port i.e. if port forwarding is used.
- '';
- };
- };
-
lfs = {
enable = mkOption {
type = types.bool;
@@ -269,15 +247,6 @@ in
description = lib.mdDoc "Configure Gitea to listen on a unix socket instead of the default TCP port.";
};
- cookieSecure = mkOption {
- type = types.bool;
- default = false;
- description = lib.mdDoc ''
- Marks session cookies as "secure" as a hint for browsers to only send
- them via HTTPS. This option is recommend, if gitea is being served over HTTPS.
- '';
- };
-
staticRootPath = mkOption {
type = types.either types.str types.path;
default = gitea.data;
@@ -293,20 +262,7 @@ in
description = lib.mdDoc "Path to a file containing the SMTP password.";
};
- disableRegistration = mkEnableOption "the registration lock" // {
- description = ''
- By default any user can create an account on this gitea instance.
- This can be disabled by using this option.
-
- Note: please keep in mind that this should be added after the initial
- deploy unless services.gitea.useWizard
- is true as the first registered user will be the administrator if
- no install wizard is used.
- '';
- };
-
settings = mkOption {
- type = with types; attrsOf (attrsOf (oneOf [ bool int str ]));
default = {};
description = lib.mdDoc ''
Gitea configuration. Refer to
@@ -330,6 +286,68 @@ in
};
}
'';
+ type = with types; submodule {
+ freeformType = format.type;
+ options = {
+ log = {
+ ROOT_PATH = mkOption {
+ default = "${cfg.stateDir}/log";
+ defaultText = literalExpression ''"''${config.${opt.stateDir}}/log"'';
+ type = types.str;
+ description = "Root path for log files.";
+ };
+ LEVEL = mkOption {
+ default = "Info";
+ type = types.enum [ "Trace" "Debug" "Info" "Warn" "Error" "Critical" ];
+ description = "General log level.";
+ };
+ };
+
+ server = {
+ DISABLE_SSH = mkOption {
+ type = types.bool;
+ default = false;
+ description = "Disable external SSH feature.";
+ };
+
+ SSH_PORT = mkOption {
+ type = types.int;
+ default = 22;
+ example = 2222;
+ description = ''
+ SSH port displayed in clone URL.
+ The option is required to configure a service when the external visible port
+ differs from the local listening port i.e. if port forwarding is used.
+ '';
+ };
+ };
+
+ service = {
+ DISABLE_REGISTRATION = mkEnableOption "the registration lock" // {
+ description = ''
+ By default any user can create an account on this gitea instance.
+ This can be disabled by using this option.
+
+ Note: please keep in mind that this should be added after the initial
+ deploy unless services.gitea.useWizard
+ is true as the first registered user will be the administrator if
+ no install wizard is used.
+ '';
+ };
+ };
+
+ session = {
+ COOKIE_SECURE = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Marks session cookies as "secure" as a hint for browsers to only send
+ them via HTTPS. This option is recommend, if gitea is being served over HTTPS.
+ '';
+ };
+ };
+ };
+ };
};
extraConfig = mkOption {
@@ -385,13 +403,6 @@ in
HTTP_ADDR = cfg.httpAddress;
HTTP_PORT = cfg.httpPort;
})
- (mkIf cfg.ssh.enable {
- DISABLE_SSH = false;
- SSH_PORT = cfg.ssh.clonePort;
- })
- (mkIf (!cfg.ssh.enable) {
- DISABLE_SSH = true;
- })
(mkIf cfg.lfs.enable {
LFS_START_SERVER = true;
LFS_CONTENT_PATH = cfg.lfs.contentDir;
@@ -400,8 +411,7 @@ in
];
session = {
- COOKIE_NAME = "session";
- COOKIE_SECURE = cfg.cookieSecure;
+ COOKIE_NAME = lib.mkDefault "session";
};
security = {
@@ -410,15 +420,6 @@ in
INSTALL_LOCK = true;
};
- log = {
- ROOT_PATH = cfg.log.rootPath;
- LEVEL = cfg.log.level;
- };
-
- service = {
- DISABLE_REGISTRATION = cfg.disableRegistration;
- };
-
mailer = mkIf (cfg.mailerPasswordFile != null) {
PASSWD = "#mailerpass#";
};