stockholm/modules/tv/git/cgit.nix

94 lines
2.5 KiB
Nix
Raw Normal View History

{ cfg, config, lib, pkgs, ... }:
2015-06-18 18:12:05 +00:00
let
inherit (builtins) attrValues filter getAttr;
inherit (lib) concatMapStringsSep mkIf optionalString;
2015-06-22 16:20:25 +00:00
location = lib.nameValuePair; # TODO this is also in modules/wu/default.nix
2015-06-18 18:12:05 +00:00
isPublicRepo = getAttr "public"; # TODO this is also in ./default.nix
in
{
2015-06-22 17:20:34 +00:00
users.extraUsers = lib.singleton {
name = "fcgiwrap";
uid = 2851179180; # genid fcgiwrap
group = "fcgiwrap";
home = toString (pkgs.runCommand "empty" {} "mkdir -p $out");
2015-06-22 17:20:34 +00:00
};
2015-06-18 18:12:05 +00:00
2015-06-22 17:20:34 +00:00
users.extraGroups = lib.singleton {
name = "fcgiwrap";
gid = 2851179180; # genid fcgiwrap
};
2015-06-18 18:12:05 +00:00
2015-06-22 17:20:34 +00:00
services.fcgiwrap = {
enable = true;
user = "fcgiwrap";
group = "fcgiwrap";
# socketAddress = "/run/fcgiwrap.sock" (default)
# socketType = "unix" (default)
};
2015-06-18 18:12:05 +00:00
2015-06-22 17:20:34 +00:00
environment.etc."cgitrc".text = ''
css=/cgit-static/cgit.css
logo=/cgit-static/cgit.png
2015-06-18 18:12:05 +00:00
2015-06-22 17:20:34 +00:00
# if you do not want that webcrawler (like google) index your site
robots=noindex, nofollow
2015-06-18 18:12:05 +00:00
2015-06-22 17:20:34 +00:00
virtual-root=/cgit
2015-06-18 18:12:05 +00:00
# TODO make this nicer (and/or somewhere else)
2015-06-22 17:20:34 +00:00
cache-root=/tmp/cgit
2015-06-18 18:12:05 +00:00
2015-06-22 17:20:34 +00:00
cache-size=1000
enable-commit-graph=1
enable-index-links=1
enable-index-owner=0
enable-log-filecount=1
enable-log-linecount=1
enable-remote-branches=1
2015-06-18 18:12:05 +00:00
2015-06-22 17:20:34 +00:00
root-title=public repositories at ${config.networking.hostName}
root-desc=keep calm and engage
2015-06-18 18:12:05 +00:00
2015-06-22 17:20:34 +00:00
snapshots=0
max-stats=year
2015-06-18 18:12:05 +00:00
2015-06-22 17:20:34 +00:00
${concatMapStringsSep "\n" (repo: ''
repo.url=${repo.name}
repo.path=${cfg.dataDir}/${repo.name}
${optionalString (repo.section != null) "repo.section=${repo.section}"}
${optionalString (repo.desc != null) "repo.desc=${repo.desc}"}
'') (filter isPublicRepo (attrValues cfg.repos))}
'';
2015-06-18 18:12:05 +00:00
system.activationScripts.cgit = ''
mkdir -m 0700 -p /tmp/cgit
chown fcgiwrap: /tmp/cgit
'';
2015-06-22 17:20:34 +00:00
tv.nginx = {
enable = true;
retiolum-locations = [
(location "/cgit/" ''
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi;
fastcgi_split_path_info ^(/cgit/?)(.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $args;
fastcgi_param HTTP_HOST $server_name;
fastcgi_pass unix:${config.services.fcgiwrap.socketAddress};
'')
(location "= /cgit" ''
return 301 /cgit/;
'')
(location "/cgit-static/" ''
root ${pkgs.cgit}/cgit;
rewrite ^/cgit-static(/.*)$ $1 break;
'')
];
};
2015-06-18 18:12:05 +00:00
}