about summary refs log tree commit diff
path: root/modules/nixos/git
diff options
context:
space:
mode:
Diffstat (limited to 'modules/nixos/git')
-rw-r--r--modules/nixos/git/default.nix197
-rw-r--r--modules/nixos/git/favicon.icobin0 -> 15406 bytes
-rw-r--r--modules/nixos/git/logo.gifbin0 -> 138553 bytes
3 files changed, 197 insertions, 0 deletions
diff --git a/modules/nixos/git/default.nix b/modules/nixos/git/default.nix
new file mode 100644
index 0000000..587f3b3
--- /dev/null
+++ b/modules/nixos/git/default.nix
@@ -0,0 +1,197 @@
+{
+  config,
+  lib,
+  inputs,
+  pkgs,
+  ...
+}:
+with lib; let
+  cfg = config.nixfiles.modules.git;
+in {
+  options.nixfiles.modules.git.server = {
+    enable = mkEnableOption "Git server";
+
+    domain = mkOption {
+      description = "Domain name sans protocol scheme.";
+      type = with types; nullOr str;
+      default = "git.${config.networking.domain}";
+    };
+
+    package = mkOption {
+      description = "Package.";
+      type = types.package;
+      default = pkgs.cgit-pink;
+    };
+  };
+
+  config = mkMerge [
+    (mkIf cfg.client.enable {
+      secrets = {
+        glab-cli-config = {
+          file = "${inputs.self}/secrets/glab-cli-config";
+          path = "${config.dirs.config}/glab-cli/config.yml";
+          owner = my.username;
+          inherit (config.my) group;
+        };
+        gh-hosts = {
+          file = "${inputs.self}/secrets/gh-hosts";
+          path = "${config.dirs.config}/gh/hosts.yml";
+          owner = my.username;
+          inherit (config.my) group;
+        };
+        hut = {
+          file = "${inputs.self}/secrets/hut";
+          path = "${config.dirs.config}/hut/config";
+          owner = my.username;
+          inherit (config.my) group;
+        };
+      };
+    })
+    (mkIf cfg.server.enable {
+      nixfiles.modules.nginx = {
+        enable = true;
+        virtualHosts.${cfg.server.domain} = {
+          locations = {
+            "/".extraConfig = let
+              cgitrc = pkgs.writeText "cgitrc" ''
+                root-title=github sux >:^(
+                root-desc=Homo sum, humani a me nihil alienum puto.
+                footer=
+
+                logo=/cgit-custom-logo.gif
+                favicon=/cgit-custom-favicon.gif
+                css=/cgit-custom-style.css
+
+                about-filter=${cfg.server.package}/lib/cgit/filters/about-formatting.sh
+                source-filter=${cfg.server.package}/lib/cgit/filters/syntax-highlighting.py
+                commit-filter=${cfg.server.package}/lib/cgit/filters/commit-links.sh
+
+                enable-git-config=1
+                enable-gitweb-owner=1
+                enable-index-owner=0
+                remove-suffix=1
+
+                readme=:README
+                readme=:README.md
+                readme=:README.org
+                readme=:README.txt
+                readme=:readme
+                readme=:readme.md
+                readme=:readme.org
+                readme=:readme.txt
+
+                scan-path=${config.services.gitolite.dataDir}/repositories
+              '';
+            in ''
+              include ${config.services.nginx.package}/conf/fastcgi_params;
+              fastcgi_split_path_info ^(/?)(.+)$;
+              fastcgi_pass unix:${config.services.fcgiwrap.socketAddress};
+              fastcgi_param SCRIPT_FILENAME ${cfg.server.package}/cgit/cgit.cgi;
+              fastcgi_param CGIT_CONFIG ${cgitrc};
+              fastcgi_param PATH_INFO $uri;
+              fastcgi_param QUERY_STRING $args;
+              fastcgi_param HTTP_HOST $server_name;
+            '';
+            "~* ^.+(cgit.css|robots.txt)$".extraConfig = ''
+              root ${cfg.server.package}/cgit;
+            '';
+            "~* ^.+cgit-custom-logo.gif$".extraConfig = ''
+              alias ${./logo.gif};
+            '';
+            "~* ^.+cgit-custom-favicon.gif$".extraConfig = ''
+              alias ${./favicon.ico};
+            '';
+            "~* ^.+cgit-custom-style.css$".extraConfig = let
+              css = with config.colourScheme;
+                pkgs.writeText "custom.css" ''
+                  @import url("cgit.css");
+
+                  form {
+                    display: none;
+                  }
+
+                  div#cgit {
+                    max-width: 200ch;
+                    margin: auto;
+                    font-family: "${config.fontScheme.monospaceFont.family}", monospace;
+                    -moz-tab-size: 4;
+                    tab-size: 4;
+                  }
+
+                  div#cgit table#header td.sub {
+                    border-top: none;
+                  }
+
+                  div#cgit table#header td.sub.right {
+                    padding-right: 1em;
+                  }
+
+                  div#cgit table.tabs {
+                    border-bottom: none;
+                  }
+
+                  div#cgit div.content {
+                    border-bottom: none;
+                  }
+
+                  div#cgit table.list th a {
+                    color: inherit;
+                  }
+
+                  div#cgit table.list tr:nth-child(even) {
+                    background: inherit;
+                  }
+
+                  div#cgit table.list tr:hover {
+                    background: inherit;
+                  }
+
+                  div#cgit table.list tr.nohover-highlight:hover:nth-child(even) {
+                    background: inherit;
+                  }
+
+                  div#cgit table.blob td.linenumbers a:target {
+                    color: goldenrod;
+                    text-decoration: underline;
+                    outline: none;
+                  }
+
+                  div#cgit div#summary {
+                    max-width: 80ch;
+                  }
+
+                  div#cgit a.permalink {
+                    color: inherit;
+                  }
+                '';
+            in ''
+              alias ${css};
+            '';
+          };
+        };
+      };
+
+      services = let
+        user = "git";
+        group = "git";
+      in {
+        gitolite = {
+          enable = true;
+          inherit user group;
+          adminPubkey = my.ssh.key;
+          extraGitoliteRc = ''
+            # This allows hiding repositories via "cgit.ignore"[1].
+            #
+            # [1]: https://www.omarpolo.com/post/cgit-gitolite.html
+            $RC{GIT_CONFIG_KEYS} = '.*';
+          '';
+        };
+
+        fcgiwrap = {
+          enable = true;
+          inherit user group;
+        };
+      };
+    })
+  ];
+}
diff --git a/modules/nixos/git/favicon.ico b/modules/nixos/git/favicon.ico
new file mode 100644
index 0000000..bb7cc39
--- /dev/null
+++ b/modules/nixos/git/favicon.ico
Binary files differdiff --git a/modules/nixos/git/logo.gif b/modules/nixos/git/logo.gif
new file mode 100644
index 0000000..05874f9
--- /dev/null
+++ b/modules/nixos/git/logo.gif
Binary files differ

Consider giving Nix/NixOS a try! <3