blob: fd25eecb70cf3126030478a491a8d595bade5c4e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.nixfiles.modules.git;
in {
options.nixfiles.modules.git.server = {
enable = mkEnableOption "Git server";
domain = mkOption {
description = "Domain name sans protocol scheme.";
type = with types; nullOr str;
default = "git.${config.networking.domain}";
};
package = mkOption {
description = "Package.";
type = types.package;
default = pkgs.cgit;
};
};
config = mkIf cfg.server.enable {
nixfiles.modules.nginx = {
enable = true;
virtualHosts.${cfg.server.domain} = {
locations = {
"/".extraConfig = let
cgitrc = pkgs.writeText "cgitrc" ''
root-title=github sux >:^(
root-desc=Homo sum, humani a me nihil alienum puto.
footer=
clone-url=https://${cfg.server.domain}/$CGIT_REPO_URL
logo=/cgit-custom-logo.gif
favicon=/cgit-custom-favicon.gif
css=/cgit-custom-style.css
about-filter=${cfg.server.package}/lib/cgit/filters/about-formatting.sh
source-filter=${cfg.server.package}/lib/cgit/filters/syntax-highlighting.py
commit-filter=${cfg.server.package}/lib/cgit/filters/commit-links.sh
enable-git-config=1
enable-gitweb-owner=1
remove-suffix=1
readme=:README
readme=:README.md
readme=:README.org
readme=:README.txt
readme=:readme
readme=:readme.md
readme=:readme.org
readme=:readme.txt
scan-path=${config.services.gitolite.dataDir}/repositories
'';
in ''
include ${config.services.nginx.package}/conf/fastcgi_params;
fastcgi_split_path_info ^(/?)(.+)$;
fastcgi_pass unix:${config.services.fcgiwrap.socketAddress};
fastcgi_param SCRIPT_FILENAME ${cfg.server.package}/cgit/cgit.cgi;
fastcgi_param CGIT_CONFIG ${cgitrc};
fastcgi_param PATH_INFO $uri;
fastcgi_param QUERY_STRING $args;
fastcgi_param HTTP_HOST $server_name;
'';
"~* ^.+(cgit.css|robots.txt)$".extraConfig = ''
root ${cfg.server.package}/cgit;
'';
"~* ^.+cgit-custom-logo.gif$".extraConfig = ''
alias ${./logo.gif};
'';
"~* ^.+cgit-custom-favicon.gif$".extraConfig = ''
alias ${./favicon.ico};
'';
"~* ^.+cgit-custom-style.css$".extraConfig = let
css = with config.colourScheme;
pkgs.writeText "custom.css" ''
@import url("cgit.css");
div#cgit {
font-family: "${config.fontScheme.monospaceFont.family}", monospace;
-moz-tab-size: 4;
tab-size: 4;
}
'';
in ''
alias ${css};
'';
};
};
};
services = let
user = "git";
group = "git";
in {
gitolite = {
enable = true;
inherit user group;
adminPubkey = my.ssh.key;
extraGitoliteRc = ''
# This allows hiding repositories via "cgit.ignore"[1].
#
# [1]: https://www.omarpolo.com/post/cgit-gitolite.html
$RC{GIT_CONFIG_KEYS} = '.*';
'';
};
fcgiwrap = {
enable = true;
inherit user group;
};
};
};
}
|
