diff --git a/nixos/modules/services/misc/gitit.nix b/nixos/modules/services/misc/gitit.nix
index 10a706fbd71..d5ad4faa6fe 100644
--- a/nixos/modules/services/misc/gitit.nix
+++ b/nixos/modules/services/misc/gitit.nix
@@ -99,7 +99,7 @@ let
};
authenticationMethod = mkOption {
- type = types.enum [ "form" "http" "generic"];
+ type = types.enum [ "form" "http" "generic" "github" ];
default = "form";
description = ''
'form' means that users will be logged in and registered using forms
@@ -537,6 +537,42 @@ video/x-ms-wmx wmx
through xss-sanitize. Set to no only if you trust all of your users.
'';
};
+
+ oauthClientId = mkOption {
+ type = with types; nullOr str;
+ default = null;
+ description = "OAuth client ID";
+ };
+
+ oauthClientSecret = mkOption {
+ type = with types; nullOr str;
+ default = null;
+ description = "OAuth client secret";
+ };
+
+ oauthCallback = mkOption {
+ type = with types; nullOr str;
+ default = null;
+ description = "OAuth callback URL";
+ };
+
+ oauthAuthorizeEndpoint = mkOption {
+ type = with types; nullOr str;
+ default = null;
+ description = "OAuth authorize endpoint";
+ };
+
+ oauthAccessTokenEndpoint = mkOption {
+ type = with types; nullOr str;
+ default = null;
+ description = "OAuth access token endpoint";
+ };
+
+ githubOrg = mkOption {
+ type = with types; nullOr str;
+ default = null;
+ description = "Github organization";
+ };
};
configFile = pkgs.writeText "gitit.conf" ''
@@ -587,6 +623,14 @@ video/x-ms-wmx wmx
pdf-export: ${toYesNo cfg.pdfExport}
pandoc-user-data: ${toString cfg.pandocUserData}
xss-sanitize: ${toYesNo cfg.xssSanitize}
+
+ [Github]
+ oauthclientid: ${cfg.oauthClientId}
+ oauthclientsecret: ${cfg.oauthClientSecret}
+ oauthcallback: ${cfg.oauthCallback}
+ oauthauthorizeendpoint: ${cfg.oauthAuthorizeEndpoint}
+ oauthaccesstokenendpoint: ${cfg.oauthAccessTokenEndpoint}
+ github-org: ${cfg.githubOrg}
'';
in
@@ -681,4 +725,3 @@ NAMED
};
};
}
-