diff --git a/etc/nixos/configs/gitlab.rb b/etc/nixos/configs/gitlab.rb new file mode 100644 index 0000000..5af01fd --- /dev/null +++ b/etc/nixos/configs/gitlab.rb @@ -0,0 +1,18 @@ +external_url 'https://gitlab.tlater.net/'; +pages_external_url 'https://pages.tlater.net/'; + +gitlab_rails['gitlab_shell_ssh_port'] = 3022; + +user['git_user_email'] = 'gitlab@tlater.net'; +gitlab_rails['gitlab_email_from'] = 'gitlab@tlater.net'; +gitlab_rails['gitlab_email_display_name'] = 'GitLab'; +gitlab_rails['gitlab_email_reply_to'] = 'noreply@tlater.net'; +gitlab_rails['incoming_email_enabled'] = false; + +gitlab_rails['registry_enabled'] = false; + +letsencrypt['enable'] = false; +nginx['listen_port'] = 80; +nginx['listen_https'] = false; +pages_nginx['listen_port'] = 80; +pages_nginx['listen_https'] = false; diff --git a/etc/nixos/configuration.nix b/etc/nixos/configuration.nix index 387113d..4fa7b94 100644 --- a/etc/nixos/configuration.nix +++ b/etc/nixos/configuration.nix @@ -19,6 +19,7 @@ 80 443 2222 + 3022 ]; }; }; @@ -63,6 +64,7 @@ }; docker-containers = { + ## nginx proxy nginx-proxy = { image = "jwilder/nginx-proxy:alpine"; ports = [ @@ -83,19 +85,44 @@ environment = { DHPARAM_GENERATION = "false"; # Provided by nginx-proxy-letsencrypt }; + extraDockerOptions = [ + "--network=webproxy" + ]; }; nginx-proxy-letsencrypt = { image = "jrcs/letsencrypt-nginx-proxy-companion"; volumes = [ - "/var/run/docker.sock:/var/run/dokcer.sock:ro" + "/var/run/docker.sock:/var/run/docker.sock:ro" "nginx-certs:/etc/nginx/certs" - "nginx-challenges:/usr/share/nginx/html" - "nginx-conf:/etc/nginx/vhost.d" ]; environment = { DEFAULT_EMAIL = "tm@tlater.net"; }; + extraDockerOptions = [ + "--volumes-from" "docker-nginx-proxy.service" + ]; + }; + + ## GitLab + gitlab = { + image = "gitlab/gitlab-ce:latest"; + ports = [ + "3022:22" + ]; + volumes = [ + "gitlab-data:/var/opt/gitlab:Z" + "gitlab-logs:/var/log/gitlab:Z" + "gitlab-config:/etc/gitlab:Z" + ]; + environment = { + VIRTUAL_HOST = "gitlab.tlater.net"; + LETSENCRYPT_HOST = "gitlab.tlater.net"; + GITLAB_OMNIBUS_CONFIG = builtins.replaceStrings ["\n"] [""] (builtins.readFile ./configs/gitlab.rb); + }; + extraDockerOptions = [ + "--network=webproxy" + ]; }; };