50 lines
1.1 KiB
Nix
50 lines
1.1 KiB
Nix
{ lib, config, specialArgs, ... }:
|
|
let
|
|
gitlab_home = "/opt/gitlab";
|
|
hostname = "gitlab.orion-technologies.io";
|
|
in
|
|
{
|
|
virtualisation.oci-containers.containers.gitlab = {
|
|
image = "gitlab/gitlab-ee:latest";
|
|
autoStart = true;
|
|
ports = [
|
|
"127.0.0.1:8080:80"
|
|
"2222:22"
|
|
];
|
|
volumes = [
|
|
"${gitlab_home}/config:/etc/gitlab"
|
|
"${gitlab_home}/logs:/var/log/gitlab"
|
|
"${gitlab_home}/data:/var/opt/gitlab"
|
|
];
|
|
extraOptions = [
|
|
"--shm-size=256m"
|
|
"--hostname=${hostname}"
|
|
];
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
2222
|
|
];
|
|
|
|
age.secrets.gitlab-runner-reg-config.file = specialArgs.secrets + "/gitlab-runner-reg-config.age";
|
|
services.gitlab-runner = {
|
|
enable = true;
|
|
services = {
|
|
default = with lib; {
|
|
registrationConfigFile = config.age.secrets.gitlab-runner-reg-config.path;
|
|
dockerImage = "alpine";
|
|
tagList = [
|
|
"alpine"
|
|
"default"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts."${hostname}" = {
|
|
locations."/".proxyPass = "http://127.0.0.1:8080";
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
};
|
|
}
|