From 8a0b4ce76d3fb839cb56e3fa543a58cea5b58c18 Mon Sep 17 00:00:00 2001
From: Raphael <rparodi@student.42.fr>
Date: Fri, 31 Oct 2025 14:24:42 +0100
Subject: [PATCH] feat(secrets/git): adding the gitea configuration

---
 services/self_host/git.nix | 49 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 services/self_host/git.nix

diff --git a/services/self_host/git.nix b/services/self_host/git.nix
new file mode 100644
index 0000000..c31e695
--- /dev/null
+++ b/services/self_host/git.nix
@@ -0,0 +1,49 @@
+{ config, pkgs, lib, ... }:
+
+let
+  giteaDomain = "git.enium.eu";
+in
+{
+  services.gitea = {
+    enable = true;
+    appName = "Enium Git";
+    user = "gitea";
+    group = "gitea";
+    database.type = "sqlite3";
+
+    settings = {
+      server = {
+        DOMAIN = giteaDomain;
+        ROOT_URL = "https://${giteaDomain}/";
+        SSH_PORT = 42131;
+        HTTP_ADDR = "127.0.0.1";
+        HTTP_PORT = 3042;
+        DISABLE_REGISTRATION = true;
+        ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
+        SHOW_REGISTRATION_BUTTON = false;
+        DISABLE_REGULAR_LOGIN = true;
+      };
+
+      service = {
+        DISABLE_REGISTRATION = true;
+        ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
+      };
+
+      web = {
+        DISABLE_LOCAL_LOGIN = true;
+      };
+
+      oauth2_client = {
+        ENABLE_AUTO_REGISTRATION = true;
+      };
+    };
+  };
+
+  services.nginx.virtualHosts."${giteaDomain}" = {
+    enableACME = true;
+    forceSSL = true;
+    locations."/" = {
+      proxyPass = "http://127.0.0.1:3042";
+    };
+  };
+}