1 files changed, 93 insertions, 0 deletions

diff --git a/colmena/cobalt/services/cgit.nix b/colmena/cobalt/services/cgit.nix
new file mode 100644
index 0000000..6f377a2
--- /dev/null
+++ b/colmena/cobalt/services/cgit.nix
@@ -0,0 +1,93 @@
+{ pkgs, ... }:
+
+{
+  services.uwsgi = {
+    enable = true;
+    user = "nginx";
+    group = "nginx";
+    plugins = [ "cgi" ];
+
+    instance = {
+      type = "emperor";
+      vassals = {
+        cgit = {
+          type = "normal";
+          master = true;
+          socket = "/run/uwsgi/cgit.sock";
+          procname-master = "uwsgi cgit";
+          plugins = [ "cgi" ];
+          cgi = "${pkgs.cgit-pink}/cgit/cgit.cgi";
+        };
+      };
+    };
+  };
+
+  users.extraUsers.nginx.extraGroups = [ "git" ];
+
+  services.nginx.virtualHosts."git.sefidel.com" = {
+    addSSL = true;
+    useACMEHost = "sefidel.com";
+    root = "${pkgs.cgit-pink}/cgit";
+    locations = {
+      "/" = {
+        extraConfig = ''
+          try_files $uri @cgit;
+        '';
+      };
+      "@cgit" = {
+        extraConfig = ''
+          uwsgi_pass unix:/run/uwsgi/cgit.sock;
+          include ${pkgs.nginx}/conf/uwsgi_params;
+          uwsgi_modifier1 9;
+        '';
+      };
+    };
+  };
+
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+
+  systemd.services.create-cgit-cache = {
+    description = "Create cache directory for cgit";
+    enable = true;
+
+    script = ''
+      mkdir -p /run/cgit
+      chown -R nginx:nginx /run/cgit
+    '';
+
+    wantedBy = [ "uwsgi.service" ];
+    serviceConfig = {
+      Type = "oneshot";
+    };
+  };
+
+  environment.etc."cgitrc".text = ''
+    virtual-root=/
+
+    cache-size=1000
+    cache-root=/run/cgit
+
+    root-title=sefidel git
+    root-desc=Browse repositories
+
+    snapshots=tar.gz zip
+
+
+    readme=:README
+    readme=:readme
+    readme=:README.md
+    readme=:readme.md
+    readme=:README.org
+    readme=:readme.org
+
+    source-filter=${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py
+    about-filter=${pkgs.cgit-pink}/lib/cgit/filters/about-formatting.sh
+
+    project-list=/var/lib/gitolite/projects.list
+    scan-path=/var/lib/gitolite/repositories
+  '';
+
+  imports = [
+    ./nginx.nix
+  ];
+}