Hey all. I’ve been trying to set up a self-hosted instance of Sourcehut using the NixOS module services.sourcehut
, but I’ve been running into issues left and right. Firstly, it doesn’t seem like you can just toggle on all of the options at once (because you need to create an admin user and generate an oauth token to pass into the other services or they will fail to build). So, I tried to start from the bare minimum and set up the meta.sr.ht
so I could make a user and start setting up the other services from there. I got the site running and was able to access it, but attempting to create a user with
nix shell nixpkgs#sourcehut.metasrht -c metasrht-manageuser -t admin -e mymail@gmail.com username
gives an error saying something along the lines of “could not find config key webhooks.private-key”. This is weird, because I have set webhooks.private-key
, and generated it properly. The error message seemed to mean that it could not even read the key, not that it was misconfigured or something. I checked /run/sourcehut/meta-srht/config.ini
as well as all of the other config.ini
files and they all had the correct configuration line for webhooks.private-key
(which I verified from the srht documentation examples).
I tried to see if I could create a user by enabling public registration and going through the normal process. I was hit by an error saying that the reserved_users
relation did not exist in postgres, and upon further inspection it seems like postgres had not even been set up even with the postgres option enabled in the module. I tried manually setting it up with the schema.sql
, which worked, but trying to register again caused a permission error. I probably could’ve fixed this manually by setting permissions on the sourcehut user but it seems like this should all be stuff that the module handles with the Postgres option?
I’m completely lost at this point, has anyone been successful setting up Sourcehut with the NixOS module? Is it just unmaintained or broken right now? I know Sourcehut self-hosting is not very supported, unlike Gitea/Forgejo, so I’m not sure what my options are at this point.
Here is my configuration (with some domains and stuff stripped). All of the file paths lead to files with the correct contents. Postgres and redis are all enabled with their relevant modules, but with no additional configuration on my part. I didn’t enable the Nginx integration but I manually set up the reverse proxy in services.nginx
.
services.sourcehut = {
enable = true;
meta = {
enable = true;
port = 5000;
};
postgresql.enable = true;
redis.enable = true;
postfix.enable = true;
settings = {
"sr.ht" = {
environment = "production";
global-domain = "srht.domain";
origin = "https://srht.domain";
network-key = "/var/lib/sourcehut/network.key";
service-key = "/var/lib/sourcehut/service.key";
};
"meta.sr.ht" = {
origin = "https://meta.srht.domain";
};
"meta.sr.ht::settings" = {
onboarding-redirect = "https://meta.srht.domain";
registration = true;
};
"git.sr.ht" = {
origin = "https://git.srht.domain";
# oauth-client-id = "1";
# oauth-client-secret = ""
};
webhooks.private-key = "/var/lib/sourcehut/webhooks.privkey";
mail = {
pgp-key-id = "key_id";
pgp-privkey = "/etc/nixos/srht-key";
pgp-pubkey = "/etc/nixos/pubkey.gpg";
smtp-from = "srht@maildomain";
smtp-host = "srht@maildomain";
};
};
};