summary refs log tree commit diff
path: root/hosts/vps/services/git.nix
blob: 84c4241741f6134b108241e7b8da2fd3c707d36c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
{
  pkgs,
  config,
  ...
}: {
  config = let
    cgit = pkgs.cgit-pink;
  in {
    users.groups.git = {};
    users.users.git = {
      isSystemUser = true;
      description = "tzlil";
      group = "git";
      home = "/home/git";
      packages = [pkgs.git];
      shell = "${pkgs.git}/bin/git-shell";
      openssh.authorizedKeys.keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIgPE76xQXx1kpvWavHGNOWHiZSFdGfz/rQlISGrKsDe"
      ];
    };

    # for syntax highlighting
    users.groups.fcgiwrap = {};
    users.users.fcgiwrap = {
      isSystemUser = true;
      group = "fcgiwrap";
      packages = [pkgs.highlight pkgs.fcgiwrap];
    };

    services = {
      fcgiwrap = {
        enable = true;
        user = "fcgiwrap";
        group = "fcgiwrap";
      };
      caddy = {
        virtualHosts."git.tzlil.net".extraConfig = ''
          bind 0.0.0.0
          ${config.website.defaultHeaders}
          handle_path /cgit.png {
            try_files ${cgit}/cgit/cgit.png /
            file_server
          }
          handle_path /cgit.css {
            try_files ${pkgs.fetchurl {
            url = "https://jeremias.stotter.eu/cgi-bin/cgit.cgi/cgit-dark/plain/cgit.css";
            sha256 = "sha256-wqszujnWV5PRh3L23L1BFj/PKUElpyu1KhjqrHS8lCw=";
          }} /
            file_server
          }
          handle_path /favicon.ico {
            try_files ${cgit}/cgit/favicon.ico /
            file_server
          }
          handle {
            reverse_proxy unix//run/fcgiwrap.sock {
             transport fastcgi {
               env SCRIPT_FILENAME ${cgit}/cgit/cgit.cgi
               env CGIT_CONFIG ${pkgs.writeText "cgitrc" (pkgs.lib.generators.toKeyValue {} {
            about-filter = "${cgit}/lib/cgit/filters/about-formatting.py";
            source-filter = "${cgit}/lib/cgit/filters/syntax-highlighting.py";
            css = "/cgit.css";
            logo = "/cgit.png";
            favicon = "/favicon.ico";
            clone-url = pkgs.lib.concatStringsSep " " [
              "http://git.tzlil.net/$CGIT_REPO_URL"
              # "ssh://git@tzlil.net:$CGIT_REPO_URL"
            ];
            enable-log-filecount = 1;
            enable-log-linecount = 1;
            enable-git-config = 1;
            root-title = "tzlil.net";
            root-desc = "Tzlil's Git Repositories";
            scan-path = config.users.users.git.home;
            logo-link = "/";
            readme = ":README.md";
          })}
             }
            }
          }
        '';
      };
    };
    environment.persistence."/nix/persist".directories = [
      {
        directory = "/home/git";
        user = "git";
        group = "git";
      }
    ];
  };
}