chore: resonite, storage and forgejo setup

2026-02-27 21:47:24 +01:00 · 2026-02-27 21:47:24 +01:00 · 279e95a1ec
commit 279e95a1ec
parent d79fe97b7e
18 changed files with 203 additions and 167 deletions
--- a/systems/rena/impl/forgejo.nix
+++ b/systems/rena/impl/forgejo.nix
@ -0,0 +1,31 @@
+{
+  services.forgejo = {
+    enable = true;
+    database.type = "postgres";
+    lfs.enable = true;
+
+    settings = {
+      server = {
+        DOMAIN = "git.avali.network";
+        ROOT_URL = "https://git.avali.network/";
+        HTTP_ADDR = "127.0.0.1";
+        HTTP_PORT = 3000;
+      };
+
+      service = {
+        DISABLE_REGISTRATION = true;
+      };
+    };
+  };
+
+  services.nginx.virtualHosts."git.avali.network" = {
+    enableACME = true;
+    forceSSL = true;
+    locations."/" = {
+      proxyPass = "http://127.0.0.1:3000";
+    };
+    extraConfig = ''
+      client_max_body_size 512M;
+    '';
+  };
+}
--- a/systems/rena/impl/resonite.nix
+++ b/systems/rena/impl/resonite.nix
@ -0,0 +1,35 @@
+{ config, ... }:
+{
+  sops = {
+    secrets = {
+      "resonite/steam/username" = { };
+      "resonite/steam/password" = { };
+      "resonite/steam/branch-password" = { };
+      "resonite/username" = { };
+      "resonite/password" = { };
+    };
+
+    templates = {
+      "resonite/.env".content = ''
+        STEAM_USER=${config.sops.placeholder."resonite/steam/username"}
+        STEAM_PASS=${config.sops.placeholder."resonite/steam/password"}
+        BETA_CODE=${config.sops.placeholder."resonite/steam/branch-password"}
+      '';
+      "resonite/config.json".content = builtins.toJSON {
+        universeId = null;
+        tickRate = 60.0;
+        maxConcurrentAssetTransfers = 8;
+
+        loginCredential = config.sops.placeholder."resonite/username";
+        loginPassword = config.sops.placeholder."resonite/password";
+        loginRequired = true;
+      };
+    };
+  };
+
+  services.resonite-server = {
+    enable = false;
+    environmentFiles = [ config.sops.templates."resonite/.env".path ];
+    settingsFile = config.sops.templates."resonite/config.json".path;
+  };
+}
--- a/systems/rena/impl/storage.nix
+++ b/systems/rena/impl/storage.nix
@ -0,0 +1,17 @@
+{
+  systemd.tmpfiles.rules = [
+    "d /srv/storage 0775 root wheel -"
+  ];
+
+  services.nginx.virtualHosts."storage.avali.network" = {
+    enableACME = true;
+    forceSSL = true;
+
+    root = "/srv/storage";
+
+    extraConfig = ''
+      autoindex on;
+      autoindex_localtime on;
+    '';
+  };
+}