{ pkgs, config, ... }: { config = let cgit = pkgs.cgit-pink; in { users.groups.git = {}; users.users.git = { isSystemUser = true; description = "tzlil"; group = "git"; home = "/home/git"; packages = [pkgs.git]; shell = "${pkgs.git}/bin/git-shell"; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIgPE76xQXx1kpvWavHGNOWHiZSFdGfz/rQlISGrKsDe" ]; }; # for syntax highlighting users.groups.fcgiwrap = {}; users.users.fcgiwrap = { isSystemUser = true; group = "fcgiwrap"; packages = [pkgs.highlight pkgs.fcgiwrap]; }; services = { fcgiwrap = { enable = true; user = "fcgiwrap"; group = "fcgiwrap"; }; caddy = { virtualHosts."git.tzlil.net".extraConfig = '' bind 0.0.0.0 ${config.website.defaultHeaders} handle_path /cgit.png { try_files ${cgit}/cgit/cgit.png / file_server } handle_path /cgit.css { try_files ${pkgs.fetchurl { url = "https://jeremias.stotter.eu/cgi-bin/cgit.cgi/cgit-dark/plain/cgit.css"; sha256 = "sha256-wqszujnWV5PRh3L23L1BFj/PKUElpyu1KhjqrHS8lCw="; }} / file_server } handle_path /favicon.ico { try_files ${cgit}/cgit/favicon.ico / file_server } handle { reverse_proxy unix//run/fcgiwrap.sock { transport fastcgi { env SCRIPT_FILENAME ${cgit}/cgit/cgit.cgi env CGIT_CONFIG ${pkgs.writeText "cgitrc" (pkgs.lib.generators.toKeyValue {} { about-filter = "${cgit}/lib/cgit/filters/about-formatting.py"; source-filter = "${cgit}/lib/cgit/filters/syntax-highlighting.py"; css = "/cgit.css"; logo = "/cgit.png"; favicon = "/favicon.ico"; clone-url = pkgs.lib.concatStringsSep " " [ "http://git.tzlil.net/$CGIT_REPO_URL" # "ssh://git@tzlil.net:$CGIT_REPO_URL" ]; enable-log-filecount = 1; enable-log-linecount = 1; enable-git-config = 1; root-title = "tzlil.net"; root-desc = "Tzlil's Git Repositories"; scan-path = config.users.users.git.home; logo-link = "/"; readme = ":README.md"; })} } } } ''; }; }; environment.persistence."/nix/persist".directories = [ { directory = "/home/git"; user = "git"; group = "git"; } ]; }; }