doc(gitea): cole*: i expect full credit somewhere

}:3 ♥

README.org

@@ -1,20 +1,4 @@
 #+title: Sydnix
 #+author: Madeleine Sydney Ślaga
 
-Hello! These are my dotfiles for all my software and Nix machines. My TODO lists and READMEs tend to share a file, so I've moved it out of version-control. A link will be here soon enough.
-
-* Overview
-
-** Modules
-
-Nix modules are Sydnix's primary mode of organisation. The modules in this repository are categorised by the scope of their applicability, be it user-specific, machine-specific, Sydnix-specific, or releasable. These sum of these categories resembles a hierarchy wherein modules become less generally-applicable as they build off one another. This all goes to say, in a very roundabout fashion, that we are using the [[https://www.nayuki.io/pe/designing-better-file-organization-around-tags-not-hierarchies][accursed]] hierarchical file-system as god intended:
-
-#+begin_example
-«TODO: Annotated diagram explaining the structore of modules/» 
-#+end_example
-
-User modules may be configurations using a host-specific module, which itself may be a configuration of a Sydnix-specific module.
-
-# Local Variables:
-# jinx-local-words: "dotfiles"
-# End:
+these are my disgusting undocumented dotfiles. someday they'll be documented. maybe. }:)

hosts/deertopia/configuration.nix

@@ -49,6 +49,7 @@
 
     deertopia = {
       authelia.enable = true;
+      gitea.enable = true;
       quiver.enable = true;
       www.enable = true;
       bepasty.enable = true;

modules/nixos/deertopia/gitea.nix

@@ -0,0 +1,60 @@
+{ config, lib, pkgs, ... }:
+
+let cfg = config.sydnix.deertopia.gitea;
+in {
+  options.sydnix.deertopia.gitea = {
+    enable = lib.mkEnableOption "Gitea";
+  };
+
+  config = lib.mkIf cfg.enable {
+    sydnix.impermanence.directories = [
+      {
+	directory = config.services.gitea.stateDir;
+	inherit (config.services.gitea) user group;
+      }
+    ];
+
+    sydnix.deertopia.nginx.vhosts."git" = {
+      directory = null;
+      vhost = {
+        forceSSL = true;
+        enableACME = true;
+        locations."/".extraConfig =
+          let port = builtins.toString config.services.gitea
+                      .settings.server.HTTP_PORT;
+          in ''
+            proxy_pass http://127.0.0.1:${port}/;
+          '';
+      };
+    };
+
+    users.users.git = {
+      description = "Gitea Service";
+      home = config.services.gitea.stateDir;
+      useDefaultShell = true;
+      group = config.services.gitea.group;
+      isSystemUser = true;
+    };
+
+    users.groups.git = { };
+
+    # sudo -u git gitea admin auth add-ldap --name gitea --port 3890 --bind-dn 'uid=gitea,ou=people,dc=deertopia,dc=net' --bind-password «password» --user-search-base 'ou=people,dc=deertopia,dc=net' --user-filter '(&(memberof=cn=git,ou=groups,dc=deertopia,dc=net)(|(uid=%[1]s)(mail=%[1]s)))' --username-attribute uid --firstname-attribute givenName --surname-attribute sn --email-attribute mail --avatar-attribute jpegPhoto --security-protocol unencrypted --host 127.0.0.1 --config /var/lib/gitea/custom/conf/app.ini --synchronize-users
+
+    services.gitea = {
+      enable = true;
+      user = "git";
+      group = "git";
+      appName = "GupHub"; # Name per my darling Colestar ♥
+      settings = {
+	server = {
+	  ROOT_URL = "https://git.deertopia.net/";
+	  HTTP_PORT = 3000;
+	  DOMAIN = "deertopia.net";
+	};
+	service = {
+	  DISABLE_REGISTRATION = true;
+	};
+      };
+    };
+  };
+}