|
|
|
|
@ -378,6 +378,14 @@ in {
|
|
|
|
|
systemd.services.gitea.serviceConfig.SystemCallArchitectures = lib.mkForce "";
|
|
|
|
|
systemd.services.gitea.serviceConfig.SystemCallFilter = lib.mkForce [];
|
|
|
|
|
|
|
|
|
|
# FIXME: This isn't really a secret... and should probably be a part of the Gitea module instead
|
|
|
|
|
deployment.secrets.gitea-header = {
|
|
|
|
|
source = builtins.toFile "header.tmpl" "<style> * { tab-size: 4; } </style>";
|
|
|
|
|
destination = "/var/lib/gitea/custom/templates/custom/header.tmpl";
|
|
|
|
|
owner = { user = "git"; };
|
|
|
|
|
action = [ "systemctl" "restart" "gitea.service" ];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# FIXME: Healthcheck for this!
|
|
|
|
|
services.gitea = {
|
|
|
|
|
enable = true;
|
|
|
|
|
|
