initial commit

2025-08-06 00:18:58 +02:00 · 2025-08-06 00:18:58 +02:00 · 95085a0d24
commit 95085a0d24
16 changed files with 294 additions and 0 deletions
--- a/hosts/physique/hyponix/services/default.nix
+++ b/hosts/physique/hyponix/services/default.nix
@ -0,0 +1,13 @@
+{ ... }:
+{
+  imports = [
+    ./fail2ban.nix
+    ./forgejo.nix
+  ];
+
+  services.caddy = {
+    enable = true;
+  };
+
+  networking.firewall.allowedTCPPorts = [80 443];
+}
--- a/hosts/physique/hyponix/services/fail2ban.nix
+++ b/hosts/physique/hyponix/services/fail2ban.nix
@ -0,0 +1,8 @@
+{ ... }:
+{
+  services.fail2ban = {
+    enable = true;
+  };
+
+  services.openssh.settings.LogLevel = "VERBOSE";
+}
--- a/hosts/physique/hyponix/services/forgejo.nix
+++ b/hosts/physique/hyponix/services/forgejo.nix
@ -0,0 +1,22 @@
+{config, ...}:
+let
+  domain = "git.${config.networking.domain}";
+in
+{
+  services.forgejo = {
+    enable = true;
+
+    settings = {
+      server = {
+        DOMAIN = domain;
+      };
+    };
+  };
+
+
+  services.caddy.virtualHosts."git.${config.networking.domain}" = {
+    extraConfig = ''
+      reverse_proxy localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}
+    '';
+  };
+}