From fdc36b270831caad5c1ad35176b19a588bb6dded Mon Sep 17 00:00:00 2001
From: Asmir A <asmir.abdulahovic@gmail.com>
Date: Tue, 17 Oct 2023 23:51:20 +0200
Subject: [PATCH] magpie/gitea: switch to sqlite3

---
 magpie/configuration.nix     |  9 +++++++--
 magpie/secrets/gitea_db.yaml | 21 +++++++++++++++++++++
 2 files changed, 28 insertions(+), 2 deletions(-)
 create mode 100644 magpie/secrets/gitea_db.yaml

diff --git a/magpie/configuration.nix b/magpie/configuration.nix
index e8eb0cb..3e33c1e 100644
--- a/magpie/configuration.nix
+++ b/magpie/configuration.nix
@@ -159,8 +159,8 @@
     enable = true;
     appName = "Project Cloud Gitea server";
     database = {
-      type = "postgres";
-      passwordFile = config.sops.secrets."postgres/gitea_dbpass".path;
+      type = "sqlite3";
+      passwordFile = config.sops.secrets."gitea_db".path;
     };
     settings.server = {
       DOMAIN = "git.project-cloud.net";
@@ -220,6 +220,11 @@
     sopsFile = ./secrets/gitea_mail_pw_hash.yaml;
   };
 
+  sops.secrets."gitea_db" = {
+    sopsFile = ./secrets/gitea_db.yaml;
+    owner = config.users.users.gitea.name;
+  };
+
   networking.hostName = "magpie";
   networking.wireless.enable = false;
   networking.firewall.enable = true;
diff --git a/magpie/secrets/gitea_db.yaml b/magpie/secrets/gitea_db.yaml
new file mode 100644
index 0000000..e490e8f
--- /dev/null
+++ b/magpie/secrets/gitea_db.yaml
@@ -0,0 +1,21 @@
+gitea_db: ENC[AES256_GCM,data:50Hu8vTKZFxd9kjbcDlyqBW9L5s=,iv:ADKMUKbu1YHOp+DUAezpT8tXCi7x3ayA2VN0s7k4kxg=,tag:S1cu5w8qKT7FFpC30Kd3Xg==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age153y8mz6gqy5t54q4fnrdvjj4v5ls9cgp3hhpd2hzf5tvkcnncf6q4xns0j
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKZ3l1UTRDMFVlM01TR1dW
+            VzNnRXpuc0R0d3BpVzZveHRrdHRTTVRXNWpnCjVqNittd3BiZ0d3YXVQUXBpWExU
+            cGdkSmVtOHJBN3FEdDVCeTVjUllHc0EKLS0tIG5TQlpIQXhNNmJiR0Y3L1p3SVpG
+            ZnlvRDRUam5MaFdZcGgyZlJSZzMvVWcKxiwENpP7qlF0Uy7DJM0WwLFQ0h+ost5T
+            BCsZtGP61Z2WcQq0EWYLqJItR2Tk3AXox014CJAm+G/G8PMTAKv0xw==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2023-10-17T21:16:10Z"
+    mac: ENC[AES256_GCM,data:EPiLv8IzVXqRan9UlBuA3TmxtB3f4Qj4owed+1Pat9Tih1yOe4Z9RT28JIYJQ70R/IK+Yi0NQem9Ec6HU+8kaxLE3fff/4PM+B9QQbB6fjgLFod/nFk+OuWgR7FTcJ2j16OnlxE5ikCP+qdfvAM0eEv+BoDrWv98gSyCXtMCe48=,iv:th0E7zioz7gtgMlns8kvnf5hmlRH0KX65wPxBi3YP6Y=,tag:JhoGvF8LJmrAQpUOEopohA==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.7.3