summary refs log tree commit diff
path: root/hosts/vps/services/git.nix
diff options
context:
space:
mode:
Diffstat (limited to 'hosts/vps/services/git.nix')
-rw-r--r--hosts/vps/services/git.nix93
1 files changed, 93 insertions, 0 deletions
diff --git a/hosts/vps/services/git.nix b/hosts/vps/services/git.nix
new file mode 100644
index 0000000..8bd4653
--- /dev/null
+++ b/hosts/vps/services/git.nix
@@ -0,0 +1,93 @@
+{
+  pkgs,
+  config,
+  ...
+}: {
+  config = {
+    users.groups.git = {};
+    users.users.git = {
+      isSystemUser = true;
+      description = "tzlil";
+      group = "git";
+      home = "/home/git";
+      packages = [pkgs.git];
+      shell = "${pkgs.git}/bin/git-shell";
+      openssh.authorizedKeys.keys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIgPE76xQXx1kpvWavHGNOWHiZSFdGfz/rQlISGrKsDe"
+      ];
+    };
+
+    # for syntax highlighting
+    users.groups.fcgiwrap = {};
+    users.users.fcgiwrap = {
+      isSystemUser = true;
+      group = "fcgiwrap";
+      packages = [pkgs.highlight pkgs.fcgiwrap];
+    };
+
+    services = {
+      fcgiwrap = {
+        enable = true;
+        user = "fcgiwrap";
+        group = "fcgiwrap";
+      };
+      caddy = {
+        virtualHosts."tzlil.net".extraConfig = ''
+          bind 0.0.0.0
+          ${config.website.defaultHeaders}
+          handle_path /cgit/* {
+            handle /cgit.png {
+              root * ${pkgs.cgit}/cgit
+              file_server
+            }
+            handle /cgit.css {
+              try_files ${pkgs.fetchurl {
+            url = "https://jeremias.stotter.eu/cgi-bin/cgit.cgi/cgit-dark/plain/cgit.css";
+            sha256 = "sha256-wqszujnWV5PRh3L23L1BFj/PKUElpyu1KhjqrHS8lCw=";
+          }} /
+              file_server
+            }
+            handle /favicon.ico {
+              root * ${pkgs.cgit}/cgit
+              file_server
+            }
+            handle {
+              reverse_proxy unix//run/fcgiwrap.sock {
+                transport fastcgi {
+                  env SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi
+                  env CGIT_CONFIG ${pkgs.writeText "cgitrc" (pkgs.lib.generators.toKeyValue {} {
+            css = "/cgit/cgit.css";
+            logo = "/cgit/cgit.png";
+            favicon = "/favicon.ico";
+            clone-url = pkgs.lib.concatStringsSep " " [
+              "http://$HTTP_HOST$SCRIPT_NAME/$CGIT_REPO_URL"
+              "ssh://git@tzlil.net:$CGIT_REPO_URL"
+            ];
+            enable-log-filecount = 1;
+            enable-log-linecount = 1;
+            enable-git-config = 1;
+            root-title = "tzlil.net";
+            root-desc = "Tzlil's Git Repositories";
+            scan-path = "/home/git";
+            about-filter = "${pkgs.cgit}/lib/cgit/filters/about-formatting.py";
+            source-filter = "${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py";
+            logo-link = "/";
+            virtual-root = "/cgit";
+            readme = ":README.md";
+          })}
+                }
+              }
+          }
+          }
+        '';
+      };
+    };
+    environment.persistence."/nix/persist".directories = [
+      {
+        directory = "/home/git";
+        user = "git";
+        group = "git";
+      }
+    ];
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 21:30:37 +0000