blob: 7ee279f57bc6c5fea83fac30464efd4be05c74ec (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.modules.services.cgit;
in
{
options.modules.services.cgit = {
enable = mkEnableOption "cgit with uwsgi";
domain = mkOption { type = types.str; };
realHost = mkOption { type = types.str; };
# TODO: use generators & submodules
settings = {
title = mkOption { type = types.str; default = "${cfg.domain} git"; };
description = mkOption { type = types.str; default = "cgit, hyperfast web frontend for Git"; };
};
};
config = mkIf cfg.enable {
modules.services.nginx.enable = true;
services.uwsgi = {
enable = true;
user = "nginx";
group = "nginx";
plugins = [ "cgi" ];
instance = {
type = "emperor";
vassals = {
cgit = {
type = "normal";
socket = "/run/uwsgi/cgit.sock";
procname-master = "uwsgi cgit";
plugins = [ "cgi" ];
cgi = "${pkgs.cgit-pink}/cgit/cgit.cgi";
};
};
};
};
users.extraUsers.nginx.extraGroups = [ "git" ];
services.nginx.virtualHosts.${cfg.realHost} = {
forceSSL = true;
useACMEHost = cfg.domain;
root = "${pkgs.cgit-pink}/cgit";
locations = {
"/" = {
extraConfig = ''
try_files $uri @cgit;
'';
};
"=/cgit-exotic.css" = {
alias = "${./cgit-exotic.css}";
extraConfig = ''
# add_header Cache-Control "public, max-age=14400, must-revalidate";
'';
};
"@cgit" = {
extraConfig = ''
uwsgi_pass unix:/run/uwsgi/cgit.sock;
include ${pkgs.nginx}/conf/uwsgi_params;
uwsgi_modifier1 9;
'';
};
};
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
systemd.services.create-cgit-cache = {
description = "Create cache directory for cgit";
enable = true;
script = ''
mkdir -p /run/cgit
chown -R nginx:nginx /run/cgit
'';
wantedBy = [ "uwsgi.service" ];
serviceConfig = {
Type = "oneshot";
};
};
environment.etc."cgitrc".text = ''
virtual-root=/
cache-size=1000
cache-root=/run/cgit
root-title=${cfg.settings.title}
root-desc=${cfg.settings.description}
css=/cgit-exotic.css
snapshots=tar.gz zip
enable-git-config=1
remove-suffix=1
enable-index-links=1
enable-index-owner=0
enable-git-clone=1
enable-commit-graph=1
enable-log-filecount=1
enable-log-linecount=1
branch-sort=age
readme=:README
readme=:readme
readme=:README.md
readme=:readme.md
readme=:README.org
readme=:readme.org
source-filter=${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py
about-filter=${pkgs.cgit-pink}/lib/cgit/filters/about-formatting.sh
section-from-path=2
project-list=${config.services.gitolite.dataDir}/projects.list
scan-path=${config.services.gitolite.dataDir}/repositories
'';
};
}
|