blob: 84c4241741f6134b108241e7b8da2fd3c707d36c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
{
pkgs,
config,
...
}: {
config = let
cgit = pkgs.cgit-pink;
in {
users.groups.git = {};
users.users.git = {
isSystemUser = true;
description = "tzlil";
group = "git";
home = "/home/git";
packages = [pkgs.git];
shell = "${pkgs.git}/bin/git-shell";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIgPE76xQXx1kpvWavHGNOWHiZSFdGfz/rQlISGrKsDe"
];
};
# for syntax highlighting
users.groups.fcgiwrap = {};
users.users.fcgiwrap = {
isSystemUser = true;
group = "fcgiwrap";
packages = [pkgs.highlight pkgs.fcgiwrap];
};
services = {
fcgiwrap = {
enable = true;
user = "fcgiwrap";
group = "fcgiwrap";
};
caddy = {
virtualHosts."git.tzlil.net".extraConfig = ''
bind 0.0.0.0
${config.website.defaultHeaders}
handle_path /cgit.png {
try_files ${cgit}/cgit/cgit.png /
file_server
}
handle_path /cgit.css {
try_files ${pkgs.fetchurl {
url = "https://jeremias.stotter.eu/cgi-bin/cgit.cgi/cgit-dark/plain/cgit.css";
sha256 = "sha256-wqszujnWV5PRh3L23L1BFj/PKUElpyu1KhjqrHS8lCw=";
}} /
file_server
}
handle_path /favicon.ico {
try_files ${cgit}/cgit/favicon.ico /
file_server
}
handle {
reverse_proxy unix//run/fcgiwrap.sock {
transport fastcgi {
env SCRIPT_FILENAME ${cgit}/cgit/cgit.cgi
env CGIT_CONFIG ${pkgs.writeText "cgitrc" (pkgs.lib.generators.toKeyValue {} {
about-filter = "${cgit}/lib/cgit/filters/about-formatting.py";
source-filter = "${cgit}/lib/cgit/filters/syntax-highlighting.py";
css = "/cgit.css";
logo = "/cgit.png";
favicon = "/favicon.ico";
clone-url = pkgs.lib.concatStringsSep " " [
"http://git.tzlil.net/$CGIT_REPO_URL"
# "ssh://git@tzlil.net:$CGIT_REPO_URL"
];
enable-log-filecount = 1;
enable-log-linecount = 1;
enable-git-config = 1;
root-title = "tzlil.net";
root-desc = "Tzlil's Git Repositories";
scan-path = config.users.users.git.home;
logo-link = "/";
readme = ":README.md";
})}
}
}
}
'';
};
};
environment.persistence."/nix/persist".directories = [
{
directory = "/home/git";
user = "git";
group = "git";
}
];
};
}
|