From 693768ee37098dbebb38c86e27044f2faa38348d Mon Sep 17 00:00:00 2001 From: azahi Date: Sun, 10 Nov 2024 01:08:38 +0300 Subject: 2024-11-10 --- modules/git/default.nix | 386 ++++++++++++++++++++++++------------------------ 1 file changed, 190 insertions(+), 196 deletions(-) (limited to 'modules/git') diff --git a/modules/git/default.nix b/modules/git/default.nix index b618a57..f370ae6 100644 --- a/modules/git/default.nix +++ b/modules/git/default.nix @@ -8,38 +8,37 @@ this, ... }: -with lib; let cfg = config.nixfiles.modules.git; in { options.nixfiles.modules.git = { - client.enable = mkEnableOption "Git client"; + client.enable = lib.mkEnableOption "Git client"; server = { - enable = mkEnableOption "Git server"; + enable = lib.mkEnableOption "Git server"; - domain = mkOption { + domain = lib.mkOption { description = "Domain name sans protocol scheme."; - type = with types; nullOr str; + type = with lib.types; nullOr str; default = "git.${config.networking.domain}"; }; - package = mkOption { + package = lib.mkOption { description = "Package."; - type = types.package; + type = lib.types.package; default = pkgs.cgit; }; }; }; - config = mkMerge [ - (mkIf cfg.client.enable { + config = lib.mkMerge [ + (lib.mkIf cfg.client.enable { secrets = { glab-cli-config = { file = "${inputs.self}/secrets/glab-cli-config"; path = "${config.dirs.config}/glab-cli/config.yml"; - owner = my.username; + owner = lib.my.username; }; # NOTE SSO requires relogin every day, so keeping persistent auth tokens # doesn't work. @@ -51,7 +50,7 @@ in hut = { file = "${inputs.self}/secrets/hut"; path = "${config.dirs.config}/hut/config"; - owner = my.username; + owner = lib.my.username; }; }; @@ -73,10 +72,10 @@ in package = if this.isHeadful then pkgs.gitFull else pkgs.gitMinimal; - userName = my.username; - userEmail = my.email; + userName = lib.my.username; + userEmail = lib.my.email; signing = { - inherit (my.pgp) key; + inherit (lib.my.pgp) key; signByDefault = true; }; @@ -102,48 +101,46 @@ in }; submodule.recurse = true; sendemail = rec { - smtpServer = my.domain.shire; - smtpUser = "${my.username}@${smtpServer}"; + smtpServer = lib.my.domain.shire; + smtpUser = "${lib.my.username}@${smtpServer}"; smtpEncryption = "ssl"; smtpServerPort = 465; annotate = true; confirm = "always"; }; column.ui = "auto"; - github.user = my.username; - gitlab.user = my.username; + github.user = lib.my.username; + gitlab.user = lib.my.username; } - // mapAttrs' (name: value: nameValuePair ''url "git@${value}:"'' { insteadOf = "${name}:"; }) { + // lib.mapAttrs' (n: v: lib.nameValuePair ''url "git@${v}:"'' { insteadOf = "${n}:"; }) { "bitbucket" = "bitbucket.com"; "codeberg" = "codeberg.org"; "github" = "github.com"; "gitlab" = "gitlab.com"; "sourcehut" = "git.sr.ht"; } - // - mapAttrs' (name: values: nameValuePair ''url "https://${values}/"'' { insteadOf = "${name}:"; }) - { - "alpine" = "gitlab.alpinelinux.org"; - "clan" = "git.clan.lol"; - "debian" = "salsa.debian.org"; - "freedesktop" = "gitlab.freedesktop.org"; - "gnome" = "gitlab.gnome.org"; - "haskell" = "gitlab.haskell.org"; - "homotopic" = "gitlab.homotopic.tech"; - "horizon" = "gitlab.horizon-haskell.net"; - "kde" = "invent.kde.org"; - "nixca" = "gitlab.nixca.dev"; - "notabug" = "notabug.org"; - "opencode" = "opencode.net"; - "syndicate" = "git.syndicate-lang.org"; - "torproject" = "gitlab.torproject.org"; - "videolan" = "code.videolan.org"; - }; + // lib.mapAttrs' (n: v: lib.nameValuePair ''url "https://${v}/"'' { insteadOf = "${n}:"; }) { + "alpine" = "gitlab.alpinelinux.org"; + "clan" = "git.clan.lol"; + "debian" = "salsa.debian.org"; + "freedesktop" = "gitlab.freedesktop.org"; + "gnome" = "gitlab.gnome.org"; + "haskell" = "gitlab.haskell.org"; + "homotopic" = "gitlab.homotopic.tech"; + "horizon" = "gitlab.horizon-haskell.net"; + "kde" = "invent.kde.org"; + "nixca" = "gitlab.nixca.dev"; + "notabug" = "notabug.org"; + "opencode" = "opencode.net"; + "syndicate" = "git.syndicate-lang.org"; + "torproject" = "gitlab.torproject.org"; + "videolan" = "code.videolan.org"; + }; aliases = let - git = getExe config.hm.programs.git.package; - curl = getExe pkgs.curl; + git = lib.getExe config.hm.programs.git.package; + curl = lib.getExe pkgs.curl; in { amend = "commit --amend"; @@ -189,181 +186,178 @@ in }; }; }) - (mkIf cfg.server.enable ( - with cfg.server; - { - ark.directories = [ config.services.gitolite.dataDir ]; + (lib.mkIf cfg.server.enable { + ark.directories = [ config.services.gitolite.dataDir ]; - nixfiles.modules.nginx = { - enable = true; - virtualHosts.${domain}.locations = { }; - }; + nixfiles.modules.nginx = { + enable = true; + virtualHosts.${cfg.server.domain}.locations = { }; + }; - services = { - cgit.${domain} = { - enable = true; + services = { + cgit.${cfg.server.domain} = { + enable = true; - package = pkgs.cgit-pink; + package = pkgs.cgit-pink; - # We make gitolite repos readable by the common group. - user = "git"; - group = "git"; + # We make gitolite repos readable by the common group. + user = "git"; + group = "git"; - scanPath = "${config.services.gitolite.dataDir}/repositories"; + scanPath = "${config.services.gitolite.dataDir}/repositories"; - settings = { - root-title = "git.azahi.cc"; - root-desc = "British scientists have discovered that using GitHub frequently is harmful to one's mental health, especially GitHub Actions..."; + settings = { + root-title = "git.azahi.cc"; + root-desc = "British scientists have discovered that using GitHub frequently is harmful to one's mental health, especially GitHub Actions..."; - footer = "${pkgs.writeText "cgit-footer" '' -

Consider giving Nix/NixOS a try! <3

- ''}"; + footer = "${pkgs.writeText "cgit-footer" '' +

Consider giving Nix/NixOS a try! <3

+ ''}"; - about-filter = "${pkgs.writeScript "cgit-about-filter.sh" '' - #!${pkgs.bash}/bin/sh - filename=$1 - case "$filename" in - *.md) - exec ${pkgs.pandoc}/bin/pandoc -f markdown -t html - ;; - *.org) - exec ${pkgs.pandoc}/bin/pandoc -f org -t html - ;; - *) - echo "
"
-                    ${pkgs.coreutils}/bin/cat
-                    echo "
" - ;; - esac - ''}"; - source-filter = "${package}/lib/cgit/filters/syntax-highlighting.py"; - commit-filter = "${package}/lib/cgit/filters/commit-links.sh"; + about-filter = "${pkgs.writeScript "cgit-about-filter.sh" '' + #!${pkgs.bash}/bin/sh + filename=$1 + case "$filename" in + *.md) + exec ${pkgs.pandoc}/bin/pandoc -f markdown -t html + ;; + *.org) + exec ${pkgs.pandoc}/bin/pandoc -f org -t html + ;; + *) + echo "
"
+                  ${pkgs.coreutils}/bin/cat
+                  echo "
" + ;; + esac + ''}"; + source-filter = "${cfg.server.package}/lib/cgit/filters/syntax-highlighting.py"; + commit-filter = "${cfg.server.package}/lib/cgit/filters/commit-links.sh"; - readme = [ - ":README" - ":readme.md" - ":readme.org" - ]; + readme = [ + ":README" + ":readme.md" + ":readme.org" + ]; - clone-url = "https://$HTTP_HOST/$CGIT_REPO_URL"; + clone-url = "https://$HTTP_HOST/$CGIT_REPO_URL"; - enable-blame = true; - enable-commit-graph = true; - enable-follow-links = true; - enable-git-config = true; - enable-gitweb-owner = true; - enable-html-serving = true; - enable-http-clone = true; - enable-index-links = false; - enable-index-owner = false; - enable-log-filecount = true; - enable-log-linecount = true; - enable-subject-links = true; - enable-tree-linenumbers = true; + enable-blame = true; + enable-commit-graph = true; + enable-follow-links = true; + enable-git-config = true; + enable-gitweb-owner = true; + enable-html-serving = true; + enable-http-clone = true; + enable-index-links = false; + enable-index-owner = false; + enable-log-filecount = true; + enable-log-linecount = true; + enable-subject-links = true; + enable-tree-linenumbers = true; - branch-sort = "age"; - repository-sort = "age"; + branch-sort = "age"; + repository-sort = "age"; - remove-suffix = true; + remove-suffix = true; - logo = "/logo.gif"; - logo-link = "https://www.youtube.com/watch?v=dQw4w9WgXcQ"; - }; + logo = "/logo.gif"; + logo-link = "https://www.youtube.com/watch?v=dQw4w9WgXcQ"; }; + }; - gitolite = { - enable = true; - user = "git"; - group = "git"; - adminPubkey = my.ssh.key; - extraGitoliteRc = '' - # This allows cgit to scan repositories while running under a - # different user. - $RC{UMASK} = 0027; + gitolite = { + enable = true; + user = "git"; + group = "git"; + adminPubkey = lib.my.ssh.key; + extraGitoliteRc = '' + # This allows cgit to scan repositories while running under a + # different user. + $RC{UMASK} = 0027; - # This allows hiding repositories via "cgit.ignore"[1]. - # - # [1]: https://www.omarpolo.com/post/cgit-gitolite.html - $RC{GIT_CONFIG_KEYS} = '.*'; - ''; - }; + # This allows hiding repositories via "cgit.ignore"[1]. + # + # [1]: https://www.omarpolo.com/post/cgit-gitolite.html + $RC{GIT_CONFIG_KEYS} = '.*'; + ''; + }; - nginx.virtualHosts.${domain}.locations = - let - extraHead = '' - ${libNginx.config.appendHead [ - '''' - (libPlausible.htmlPlausibleScript { inherit (cfg.server) domain; }) - ]} + nginx.virtualHosts.${cfg.server.domain}.locations = + let + extraHead = '' + ${libNginx.config.appendHead [ + '''' + (libPlausible.htmlPlausibleScript { inherit (cfg.server) domain; }) + ]} + ''; + in + { + "/" = { + extraConfig = lib.mkBefore extraHead; + fastcgiParams.HTTP_ACCEPT_ENCODING = ""; + }; + "~ /.+/(info/refs|git-upload-pack)" = { + extraConfig = lib.mkBefore extraHead; + fastcgiParams.HTTP_ACCEPT_ENCODING = ""; + }; + "= /logo.gif".alias = "${./logo.gif}"; + "= /favicon.ico" = { + alias = "${./favicon.ico}"; + extraConfig = lib.mkForce ""; + }; + "= /cgit.css" = { + alias = pkgs.writeText "cgit.css" '' + ${builtins.readFile "${cfg.server.package}/cgit/cgit.css"} + * { + line-height: 1.25em; + } + div#cgit { + font-family: ${ + lib.concatMapStringsSep ", " (f: ''"${f}"'') config.fonts.fontconfig.defaultFonts.monospace + }, monospace; + -moz-tab-size: 2; + tab-size: 2; + max-width: 117ch; + margin: auto; + } + div#cgit table#header td.sub { + border-top: none; + } + div#cgit table#header td.sub.right { + padding-right: 1em; + } + div#cgit table.tabs { + border-bottom: none; + } + div#cgit div.content { + border-bottom: none; + } + div#cgit table.list th a { + color: inherit; + } + div#cgit table.list tr:nth-child(even) { + background: inherit; + } + div#cgit table.list tr:hover { + background: inherit; + } + div#cgit table.list tr.nohover-highlight:hover:nth-child(even) { + background: inherit; + } + div#cgit table.blob td.linenumbers a:target { + color: goldenrod; + text-decoration: underline; + outline: none; + } + div#cgit div#summary { + max-width: 80ch; + } ''; - in - { - "/" = { - extraConfig = mkBefore extraHead; - fastcgiParams.HTTP_ACCEPT_ENCODING = ""; - }; - "~ /.+/(info/refs|git-upload-pack)" = { - extraConfig = mkBefore extraHead; - fastcgiParams.HTTP_ACCEPT_ENCODING = ""; - }; - "= /logo.gif".alias = "${./logo.gif}"; - "= /favicon.ico" = { - alias = "${./favicon.ico}"; - extraConfig = mkForce ""; - }; - "= /cgit.css" = { - alias = pkgs.writeText "cgit.css" '' - ${readFile "${package}/cgit/cgit.css"} - * { - line-height: 1.25em; - } - div#cgit { - font-family: ${ - concatMapStringsSep ", " (f: ''"${f}"'') config.fonts.fontconfig.defaultFonts.monospace - }, monospace; - -moz-tab-size: 2; - tab-size: 2; - max-width: 117ch; - margin: auto; - } - div#cgit table#header td.sub { - border-top: none; - } - div#cgit table#header td.sub.right { - padding-right: 1em; - } - div#cgit table.tabs { - border-bottom: none; - } - div#cgit div.content { - border-bottom: none; - } - div#cgit table.list th a { - color: inherit; - } - div#cgit table.list tr:nth-child(even) { - background: inherit; - } - div#cgit table.list tr:hover { - background: inherit; - } - div#cgit table.list tr.nohover-highlight:hover:nth-child(even) { - background: inherit; - } - div#cgit table.blob td.linenumbers a:target { - color: goldenrod; - text-decoration: underline; - outline: none; - } - div#cgit div#summary { - max-width: 80ch; - } - ''; - extraConfig = mkForce ""; - }; + extraConfig = lib.mkForce ""; }; - }; - } - )) + }; + }; + }) ]; } -- cgit 1.4.1