forked from hacc/haccfiles
services/gitlab: init ssh
This commit is contained in:
parent
373926e33b
commit
69e49a0020
1 changed files with 18 additions and 0 deletions
|
@ -41,6 +41,8 @@
|
|||
port = 443;
|
||||
|
||||
statePath = "/persist/gitlab";
|
||||
user = "git";
|
||||
databaseUsername = "git";
|
||||
|
||||
initialRootPasswordFile = "/persist/secrets/gitlab-root";
|
||||
secrets.secretFile = "/persist/secrets/gitlab-secret";
|
||||
|
@ -113,6 +115,16 @@
|
|||
};
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
services.openssh.passwordAuthentication = false;
|
||||
|
||||
users.users.git = {
|
||||
isSystemUser = true;
|
||||
group = "gitlab";
|
||||
home = "/persist/gitlab/home";
|
||||
uid = 165;
|
||||
};
|
||||
|
||||
services.coredns = {
|
||||
enable = true;
|
||||
config = ''
|
||||
|
@ -124,6 +136,12 @@
|
|||
})).config.system.build.toplevel;
|
||||
};
|
||||
|
||||
hexchen.nftables.nat.forwardPorts = [{
|
||||
ports = [ 22 ];
|
||||
destination = "${config.containers.gitlab.localAddress}:22";
|
||||
proto = "tcp";
|
||||
}];
|
||||
|
||||
services.nginx.virtualHosts."gitlab.infra4future.de" = {
|
||||
locations."/".proxyPass = "http://${config.containers.gitlab.localAddress}:80";
|
||||
locations."/".extraConfig = ''
|
||||
|
|
Loading…
Reference in a new issue