felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2025-08-31 08:06:22 +02:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: felixalb:234a7030f030295f6f316e19d3e33b131b0a8b15
Branches Tags
felixalb:main
felixalb:minecraft-heatmap
felixalb:fix-import-gitea-users-script
felixalb:gitea-runners-secrets
felixalb:gitea-runners-cluster
felixalb:25.05
felixalb:new_nodes
felixalb:ooye
felixalb:grg-ip
felixalb:nom
felixalb:add-skrott
felixalb:pvvvvv
felixalb:setup-git-mirroring-on-bicep
felixalb:init-bakke
felixalb:gitea-show-license-in-list-view
felixalb:nix-topology
felixalb:gitea-robots-txt
felixalb:dagali-heimdal-openldap-sasl-stack
felixalb:gitea-navbar-get-started
felixalb:backup-databases
felixalb:openwebui
felixalb:setup-openvpn-tunnel
felixalb:gitea-gpg-signing
felixalb:sleipner-authorised-keys
felixalb:openstack-image-builder
felixalb:elysium
felixalb:smartd-notifs
felixalb:systemd-journald-remote
felixalb:skrot
felixalb:deploy-doorbell
felixalb:misc-gitea-fixes
felixalb:spotifyd
felixalb:remote
felixalb:setup-bikkje-login
felixalb:ozai-prod
felixalb:add-bluemap
felixalb:ozai
felixalb:setup-postfix-for-service-machines
felixalb:fix-gitea-ci-runner-network-issues
felixalb:heimdal-openldap-sasl-testing-on-salsa-on-buskerud
felixalb:gitea-metrics
felixalb:misc1
felixalb:add-simple-saml-theme
felixalb:misc-extra-gitea-setup
felixalb:setup-kerberos
felixalb:setup-home-areas
felixalb:shark-kanidm
felixalb:prometheusexim
...
compare: felixalb:2010556643e14cab72837cbc0ed17d8b1e81d907
Branches Tags
felixalb:main
felixalb:minecraft-heatmap
felixalb:fix-import-gitea-users-script
felixalb:gitea-runners-secrets
felixalb:gitea-runners-cluster
felixalb:25.05
felixalb:new_nodes
felixalb:ooye
felixalb:grg-ip
felixalb:nom
felixalb:add-skrott
felixalb:pvvvvv
felixalb:setup-git-mirroring-on-bicep
felixalb:init-bakke
felixalb:gitea-show-license-in-list-view
felixalb:nix-topology
felixalb:gitea-robots-txt
felixalb:dagali-heimdal-openldap-sasl-stack
felixalb:gitea-navbar-get-started
felixalb:backup-databases
felixalb:openwebui
felixalb:setup-openvpn-tunnel
felixalb:gitea-gpg-signing
felixalb:sleipner-authorised-keys
felixalb:openstack-image-builder
felixalb:elysium
felixalb:smartd-notifs
felixalb:systemd-journald-remote
felixalb:skrot
felixalb:deploy-doorbell
felixalb:misc-gitea-fixes
felixalb:spotifyd
felixalb:remote
felixalb:setup-bikkje-login
felixalb:ozai-prod
felixalb:add-bluemap
felixalb:ozai
felixalb:setup-postfix-for-service-machines
felixalb:fix-gitea-ci-runner-network-issues
felixalb:heimdal-openldap-sasl-testing-on-salsa-on-buskerud
felixalb:gitea-metrics
felixalb:misc1
felixalb:add-simple-saml-theme
felixalb:misc-extra-gitea-setup
felixalb:setup-kerberos
felixalb:setup-home-areas
felixalb:shark-kanidm
felixalb:prometheusexim

2 Commits
234a7030f0 ... 2010556643

Author SHA1 Message Date
h7x4
2010556643
kommode/gitea: fix declarative secrets 2025-08-03 04:44:37 +02:00
h7x4
8dcd471a6f
base: don't lock kernel modules lmao 2025-08-03 04:36:10 +02:00
2 changed files with 4 additions and 4 deletions
Show Stats Expand all files Collapse all files

2
base/default.nix
View File

@ -66,7 +66,7 @@
programs.zsh.enable = true;
security.lockKernelModules = true;
# security.lockKernelModules = true;
security.protectKernelImage = true;
security.sudo.execWheelOnly = true;
security.sudo.extraConfig = ''

6
hosts/kommode/services/gitea/default.nix
View File

@ -51,11 +51,11 @@ in {
START_SSH_SERVER = true;
START_LFS_SERVER = true;
LFS_JWT_SECRET = lib.mkForce "";
LFS_JWT_SECRET_URI = config.sops.secrets."gitea/lfs-jwt-secret".path;
LFS_JWT_SECRET_URI = "file:${config.sops.secrets."gitea/lfs-jwt-secret".path}";
};
oauth2 = {
JWT_SECRET = lib.mkForce "";
JWT_SECRET_URI = config.sops.secrets."gitea/oauth2-jwt-secret".path;
JWT_SECRET_URI = "file:${config.sops.secrets."gitea/oauth2-jwt-secret".path}";
};
"git.timeout" = {
MIGRATE = 3600;
@ -85,7 +85,7 @@ in {
session.COOKIE_SECURE = true;
security = {
SECRET_KEY = lib.mkForce "";
SECRET_KEY_PATH = config.sops.secrets."gitea/secret-key".path;
SECRET_KEY_URI = "file:${config.sops.secrets."gitea/secret-key".path}";
};
database.LOG_SQL = false;
repository = {