{ config, lib, inputs, pkgs, ... }: with lib; let cfg = config.nixfiles.modules.git; in { options.nixfiles.modules.git.server = { enable = mkEnableOption "Git server"; domain = mkOption { description = "Domain name sans protocol scheme."; type = with types; nullOr str; default = "git.${config.networking.domain}"; }; package = mkOption { description = "Package."; type = types.package; default = pkgs.cgit-pink; }; }; config = mkMerge [ (mkIf cfg.client.enable { secrets = { glab-cli-config = { file = "${inputs.self}/secrets/glab-cli-config"; path = "${config.dirs.config}/glab-cli/config.yml"; owner = my.username; inherit (config.my) group; }; gh-hosts = { file = "${inputs.self}/secrets/gh-hosts"; path = "${config.dirs.config}/gh/hosts.yml"; owner = my.username; inherit (config.my) group; }; hut = { file = "${inputs.self}/secrets/hut"; path = "${config.dirs.config}/hut/config"; owner = my.username; inherit (config.my) group; }; }; }) (mkIf cfg.server.enable { nixfiles.modules.nginx = { enable = true; virtualHosts.${cfg.server.domain} = { locations = { "/".extraConfig = let cgitrc = pkgs.writeText "cgitrc" '' root-title=github sux >:^( root-desc=Homo sum, humani a me nihil alienum puto. footer= logo=/cgit-custom-logo.gif favicon=/cgit-custom-favicon.gif css=/cgit-custom-style.css about-filter=${cfg.server.package}/lib/cgit/filters/about-formatting.sh source-filter=${cfg.server.package}/lib/cgit/filters/syntax-highlighting.py commit-filter=${cfg.server.package}/lib/cgit/filters/commit-links.sh enable-git-config=1 enable-gitweb-owner=1 enable-index-owner=0 remove-suffix=1 readme=:README readme=:README.md readme=:README.org readme=:README.txt readme=:readme readme=:readme.md readme=:readme.org readme=:readme.txt scan-path=${config.services.gitolite.dataDir}/repositories ''; in '' include ${config.services.nginx.package}/conf/fastcgi_params; fastcgi_split_path_info ^(/?)(.+)$; fastcgi_pass unix:${config.services.fcgiwrap.socketAddress}; fastcgi_param SCRIPT_FILENAME ${cfg.server.package}/cgit/cgit.cgi; fastcgi_param CGIT_CONFIG ${cgitrc}; fastcgi_param PATH_INFO $uri; fastcgi_param QUERY_STRING $args; fastcgi_param HTTP_HOST $server_name; ''; "~* ^.+(cgit.css|robots.txt)$".extraConfig = '' root ${cfg.server.package}/cgit; ''; "~* ^.+cgit-custom-logo.gif$".extraConfig = '' alias ${./logo.gif}; ''; "~* ^.+cgit-custom-favicon.gif$".extraConfig = '' alias ${./favicon.ico}; ''; "~* ^.+cgit-custom-style.css$".extraConfig = let css = with config.colourScheme; pkgs.writeText "custom.css" '' @import url("cgit.css"); form { display: none; } div#cgit { max-width: 157ch; margin: auto; font-family: "${config.fontScheme.monospaceFont.family}", monospace; -moz-tab-size: 4; tab-size: 4; } div#cgit table#header td.sub { border-top: none; } div#cgit table#header td.sub.right { padding-right: 1em; } div#cgit table.tabs { border-bottom: none; } div#cgit div.content { border-bottom: none; } div#cgit table.list th a { color: inherit; } div#cgit table.list tr:nth-child(even) { background: inherit; } div#cgit table.list tr:hover { background: inherit; } div#cgit table.list tr.nohover-highlight:hover:nth-child(even) { background: inherit; } div#cgit table.blob td.linenumbers a:target { color: goldenrod; text-decoration: underline; outline: none; } div#cgit div#summary { max-width: 80ch; } div#cgit a.permalink { color: inherit; } ''; in '' alias ${css}; ''; }; }; }; services = let user = "git"; group = "git"; in { gitolite = { enable = true; inherit user group; adminPubkey = my.ssh.key; extraGitoliteRc = '' # This allows hiding repositories via "cgit.ignore"[1]. # # [1]: https://www.omarpolo.com/post/cgit-gitolite.html $RC{GIT_CONFIG_KEYS} = '.*'; ''; }; fcgiwrap = { enable = true; inherit user group; }; }; }) ]; }