diff --git a/nixos/modules/services/misc/gitea.nix b/nixos/modules/services/misc/gitea.nix
index 7a10bd87299..be4d3871978 100644
--- a/nixos/modules/services/misc/gitea.nix
+++ b/nixos/modules/services/misc/gitea.nix
@@ -46,6 +46,9 @@ let
ROOT_PATH = ${cfg.log.rootPath}
LEVEL = ${cfg.log.level}
+ [service]
+ DISABLE_REGISTRATION = ${boolToString cfg.disableRegistration}
+
${cfg.extraConfig}
'';
in
@@ -248,6 +251,18 @@ in
description = "Upper level of template and static files path.";
};
+ disableRegistration = mkEnableOption "the registration lock" // {
+ description = ''
+ By default any user can create an account on this gitea instance.
+ This can be disabled by using this option.
+
+ Note: please keep in mind that this should be added after the initial
+ deploy unless services.gitea.useWizard
+ is true as the first registered user will be the administrator if
+ no install wizard is used.
+ '';
+ };
+
extraConfig = mkOption {
type = types.str;
default = "";
@@ -263,7 +278,7 @@ in
description = "gitea";
after = [ "network.target" ] ++ lib.optional usePostgresql "postgresql.service" ++ lib.optional useMysql "mysql.service";
wantedBy = [ "multi-user.target" ];
- path = [ gitea.bin ];
+ path = [ gitea.bin pkgs.gitAndTools.git ];
preStart = let
runConfig = "${cfg.stateDir}/custom/conf/app.ini";
diff --git a/nixos/tests/gitea.nix b/nixos/tests/gitea.nix
index 35433499185..28e6479e9cb 100644
--- a/nixos/tests/gitea.nix
+++ b/nixos/tests/gitea.nix
@@ -64,6 +64,7 @@ with pkgs.lib;
machine =
{ config, pkgs, ... }:
{ services.gitea.enable = true;
+ services.gitea.disableRegistration = true;
};
testScript = ''
@@ -72,6 +73,7 @@ with pkgs.lib;
$machine->waitForUnit('gitea.service');
$machine->waitForOpenPort('3000');
$machine->succeed("curl --fail http://localhost:3000/");
+ $machine->succeed("curl --fail http://localhost:3000/user/sign_up | grep 'Registration is disabled. Please contact your site administrator.'");
'';
};
}