krebs.git.cgit: make cache-root configurable

... along with all the other stuff :)
This commit is contained in:
tv 2016-06-07 03:14:21 +02:00
parent 6fcc35afb0
commit 4a34b27c1c
9 changed files with 200 additions and 120 deletions

View File

@ -25,6 +25,11 @@ let
type = types.submodule {
options = {
enable = mkEnableOption "krebs.git.cgit" // { default = true; };
settings = mkOption {
apply = flip removeAttrs ["_module"];
default = {};
type = subtypes.cgit-settings;
};
};
};
default = {};
@ -66,22 +71,6 @@ let
Repositories.
'';
};
root-desc = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Text printed below the heading on the repository index page.
Default value: "a fast webinterface for the git dscm".
'';
};
root-title = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Text printed as heading on the repository index page.
Default value: "Git Repository Browser".
'';
};
rules = mkOption {
type = types.listOf subtypes.rule;
default = [];
@ -102,8 +91,101 @@ let
# TODO put into krebs/4lib/types.nix?
subtypes = {
repo = types.submodule ({
cgit-settings = types.submodule {
# A setting's value of `null` means cgit's default should be used.
options = {
cache-root = mkOption {
type = types.absolute-pathname;
default = "/tmp/cgit";
};
cache-size = mkOption {
type = types.uint;
default = 1000;
};
css = mkOption {
type = types.absolute-pathname;
default = "/static/cgit.css";
};
enable-commit-graph = mkOption {
type = types.bool;
default = true;
};
enable-index-links = mkOption {
type = types.bool;
default = true;
};
enable-index-owner = mkOption {
type = types.bool;
default = false;
};
enable-log-filecount = mkOption {
type = types.bool;
default = true;
};
enable-log-linecount = mkOption {
type = types.bool;
default = true;
};
enable-remote-branches = mkOption {
type = types.bool;
default = true;
};
logo = mkOption {
type = types.absolute-pathname;
default = "/static/cgit.png";
};
max-stats = mkOption {
type =
types.nullOr (types.enum ["week" "month" "quarter" "year"]);
default = "year";
};
robots = mkOption {
type = types.nullOr (types.listOf types.str);
default = ["nofollow" "noindex"];
};
root-desc = mkOption {
type = types.nullOr types.str;
default = null;
};
root-title = mkOption {
type = types.nullOr types.str;
default = null;
};
};
};
repo = types.submodule ({ config, ... }: {
options = {
cgit = {
desc = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Repository description.
'';
};
path = mkOption {
type = types.str;
default = "${cfg.dataDir}/${config.name}";
description = ''
An absolute path to the repository directory. For non-bare
repositories this is the .git-directory.
'';
};
section = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Repository section.
'';
};
url = mkOption {
type = types.str;
default = config.name;
description = ''
The relative url used to access the repository.
'';
};
};
collaborators = mkOption {
type = types.listOf types.user;
default = [];
@ -115,20 +197,6 @@ let
an example.
'';
};
desc = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Repository description.
'';
};
section = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Repository section.
'';
};
name = mkOption {
type = types.str;
description = ''
@ -266,43 +334,34 @@ let
# socketType = "unix" (default)
};
environment.etc."cgitrc".text = ''
css=/static/cgit.css
logo=/static/cgit.png
environment.etc."cgitrc".text = let
repo-to-cgitrc = _: repo:
optionals (isPublicRepo repo) (concatLists [
[""] # empty line
[(kv-to-cgitrc "repo.url" repo.cgit.url)]
(mapAttrsToList kv-to-cgitrc
(mapAttrs' (k: nameValuePair "repo.${k}")
(removeAttrs repo.cgit ["url"])))
]);
# if you do not want that webcrawler (like google) index your site
robots=noindex, nofollow
virtual-root=/
# TODO make this nicer (and/or somewhere else)
cache-root=/tmp/cgit
cache-size=1000
enable-commit-graph=1
enable-index-links=1
enable-index-owner=0
enable-log-filecount=1
enable-log-linecount=1
enable-remote-branches=1
${optionalString (cfg.root-title != null) "root-title=${cfg.root-title}"}
${optionalString (cfg.root-desc != null) "root-desc=${cfg.root-desc}"}
snapshots=0
max-stats=year
${concatMapStringsSep "\n" (repo: ''
repo.url=${repo.name}
repo.path=${cfg.dataDir}/${repo.name}
${optionalString (repo.section != null) "repo.section=${repo.section}"}
${optionalString (repo.desc != null) "repo.desc=${repo.desc}"}
'') (filter isPublicRepo (attrValues cfg.repos))}
'';
kv-to-cgitrc = k: v: getAttr (typeOf v) {
bool = kv-to-cgitrc k (if v then 1 else 0);
null = []; # This will be removed by `flatten`.
list = "${k}=${concatStringsSep ", " v}";
int = "${k}=${toString v}";
string = "${k}=${v}";
};
in
concatStringsSep "\n"
(flatten (
mapAttrsToList kv-to-cgitrc cfg.cgit.settings
++
mapAttrsToList repo-to-cgitrc cfg.repos
));
system.activationScripts.cgit = ''
mkdir -m 0700 -p /tmp/cgit
chown ${toString fcgitwrap-user.uid}:${toString fcgitwrap-group.gid} /tmp/cgit
mkdir -m 0700 -p ${cfg.cgit.settings.cache-root}
chown ${toString fcgitwrap-user.uid}:${toString fcgitwrap-group.gid} ${cfg.cgit.settings.cache-root}
'';
krebs.nginx = {

View File

@ -41,7 +41,6 @@ let out = rec {
mapAttrs (name: _: path + "/${name}")
(filterAttrs (_: eq "directory") (readDir path));
mapAttrValues = f: mapAttrs (_: f);
setAttr = name: value: set: set // { ${name} = value; };
optionalTrace = c: msg: x: if c then trace msg x else x;

View File

@ -7,8 +7,12 @@ let
out = {
krebs.git = {
enable = true;
root-title = "public repositories at ${config.krebs.build.host.name}";
root-desc = "keep calm and engage";
cgit = {
settings = {
root-title = "public repositories at ${config.krebs.build.host.name}";
root-desc = "keep calm and engage";
};
};
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
rules = rules;
};
@ -27,7 +31,7 @@ let
public-repos = mapAttrs make-public-repo {
painload = {};
stockholm = {
desc = "take all the computers hostage, they'll love you!";
cgit.desc = "take all the computers hostage, they'll love you!";
};
wai-middleware-time = {};
web-routes-wai-custom = {};
@ -52,8 +56,8 @@ let
import <secrets/repos.nix> { inherit config lib pkgs; }
);
make-public-repo = name: { desc ? null, ... }: {
inherit name desc;
make-public-repo = name: { cgit ? {}, ... }: {
inherit cgit name;
public = true;
hooks = {
post-receive = pkgs.git-hooks.irc-announce {
@ -66,13 +70,13 @@ let
};
};
make-public-repo-silent = name: { desc ? null, ... }: {
inherit name desc;
make-public-repo-silent = name: { cgit ? {}, ... }: {
inherit cgit name;
public = true;
};
make-restricted-repo = name: { collaborators ? [], desc ? null, ... }: {
inherit name collaborators desc;
make-restricted-repo = name: { collaborators ? [], ... }: {
inherit collaborators name;
public = false;
};

View File

@ -7,9 +7,7 @@ let
rules = concatMap krebs-rules (attrValues krebs-repos) ++ concatMap priv-rules (attrValues priv-repos);
krebs-repos = mapAttrs make-krebs-repo {
brain = {
desc = "braiiiins";
};
brain = { };
};
priv-repos = mapAttrs make-priv-repo {
@ -18,13 +16,13 @@ let
};
# TODO move users to separate module
make-priv-repo = name: { desc ? null, ... }: {
inherit name desc;
make-priv-repo = name: { ... }: {
inherit name;
public = false;
};
make-krebs-repo = with git; name: { desc ? null, ... }: {
inherit name desc;
make-krebs-repo = with git; name: { ... }: {
inherit name;
public = false;
hooks = {
post-receive = pkgs.git-hooks.irc-announce {
@ -63,7 +61,7 @@ in {
imports = [ ];
krebs.git = {
enable = true;
cgit = false;
cgit.enable = false;
inherit repos rules;
};
}

View File

@ -10,17 +10,17 @@ let
krebs-repos = mapAttrs make-krebs-repo {
stockholm = {
desc = "Make all the systems into 1systems!";
cgit.desc = "Make all the systems into 1systems!";
};
tinc_graphs = {
desc = "Tinc Advanced Graph Generation";
cgit.desc = "Tinc Advanced Graph Generation";
};
stockholm-init = {
desc = "Build new Stockholm hosts";
cgit.desc = "Build new Stockholm hosts";
};
cac-api = { };
init-stockholm = {
desc = "Init stuff for stockholm";
cgit.desc = "Init stuff for stockholm";
};
};
@ -32,19 +32,19 @@ let
connector = { };
minikrebs = { };
mattermost = {
desc = "Mattermost Docker files";
cgit.desc = "Mattermost Docker files";
};
};
# TODO move users to separate module
make-priv-repo = name: { desc ? null, ... }: {
inherit name desc;
make-priv-repo = name: { ... }: {
inherit name;
public = false;
};
make-krebs-repo = with git; name: { desc ? null, ... }: {
inherit name desc;
make-krebs-repo = with git; name: { cgit ? {}, ... }: {
inherit cgit name;
public = true;
hooks = {
post-receive = pkgs.git-hooks.irc-announce {
@ -88,8 +88,12 @@ let
in {
krebs.git = {
enable = true;
root-title = "public repositories";
root-desc = "keep on krebsing";
cgit = {
settings = {
root-title = "public repositories";
root-desc = "keep on krebsing";
};
};
inherit repos rules;
};
}

View File

@ -7,8 +7,12 @@ let
out = {
krebs.git = {
enable = true;
root-title = "public repositories at ${config.krebs.build.host.name}";
root-desc = "keep calm and engage";
cgit = {
settings = {
root-title = "public repositories at ${config.krebs.build.host.name}";
root-desc = "keep calm and engage";
};
};
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
rules = rules;
};
@ -27,7 +31,7 @@ let
public-repos = mapAttrs make-public-repo {
painload = {};
stockholm = {
desc = "take all the computers hostage, they'll love you!";
cgit.desc = "take all the computers hostage, they'll love you!";
};
#wai-middleware-time = {};
#web-routes-wai-custom = {};
@ -46,8 +50,8 @@ let
import <secrets/repos.nix> { inherit config lib pkgs; }
);
make-public-repo = name: { desc ? null, ... }: {
inherit name desc;
make-public-repo = name: { cgit ? {}, ... }: {
inherit cgit name;
public = true;
hooks = {
post-receive = pkgs.git-hooks.irc-announce {
@ -60,8 +64,8 @@ let
};
};
make-restricted-repo = name: { collaborators ? [], desc ? null, ... }: {
inherit name collaborators desc;
make-restricted-repo = name: { collaborators ? [], ... }: {
inherit collaborators name;
public = false;
};

View File

@ -7,8 +7,12 @@ let
out = {
krebs.git = {
enable = true;
root-title = "public repositories at ${config.krebs.build.host.name}";
root-desc = "Hmhmh, im Moment nicht.";
cgit = {
settings = {
root-title = "public repositories at ${config.krebs.build.host.name}";
root-desc = "Hmhmh, im Moment nicht.";
};
};
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
rules = rules;
};
@ -22,8 +26,8 @@ let
stockholm = {};
};
make-public-repo = name: { desc ? null, section ? null, ... }: {
inherit name desc section;
make-public-repo = name: { cgit ? {}, ... }: {
inherit cgit name;
public = true;
hooks = {
post-receive = pkgs.git-hooks.irc-announce {

View File

@ -11,7 +11,7 @@ let
stockholm-mirror = {
public = true;
name = "stockholm-mirror";
desc = "mirror for all stockholm branches";
cgit.desc = "mirror for all stockholm branches";
hooks = {
post-receive = pkgs.git-hooks.irc-announce {
nick = config.networking.hostName;
@ -33,8 +33,12 @@ in {
krebs.users.wolf-repo-sync = wolf-repo-sync;
krebs.git = {
enable = true;
root-title = "Shared Repos";
root-desc = "keep on krebsing";
cgit = {
settings = {
root-title = "Shared Repos";
root-desc = "keep on krebsing";
};
};
inherit rules;
repos.stockholm-mirror = stockholm-mirror;
};

View File

@ -7,8 +7,12 @@ let
out = {
krebs.git = {
enable = true;
root-title = "repositories at ${config.krebs.build.host.name}";
root-desc = "mostly krebs";
cgit = {
settings = {
root-title = "repositories at ${config.krebs.build.host.name}";
root-desc = "mostly krebs";
};
};
repos = repos;
rules = rules;
};
@ -21,9 +25,9 @@ let
rules = concatMap make-rules (attrValues repos);
public-repos = mapAttrs make-public-repo ({
} // mapAttrValues (setAttr "section" "1. miscellaneous") {
} // mapAttrs (_: recursiveUpdate { cgit.section = "1. miscellaneous"; }) {
cac-api = {
desc = "CloudAtCost API command line interface";
cgit.desc = "CloudAtCost API command line interface";
};
get = {};
hack = {};
@ -35,13 +39,13 @@ let
push = {};
regfish = {};
soundcloud = {
desc = "SoundCloud command line interface";
cgit.desc = "SoundCloud command line interface";
};
stockholm = {
desc = "NixOS configuration";
cgit.desc = "NixOS configuration";
};
with-tmpdir = {};
} // mapAttrValues (setAttr "section" "2. Haskell libraries") {
} // mapAttrs (_: recursiveUpdate { cgit.section = "2. Haskell libraries"; }) {
blessings = {};
mime = {};
quipper = {};
@ -50,7 +54,7 @@ let
web-routes-wai-custom = {};
xintmap = {};
xmonad-stockholm = {};
} // mapAttrValues (setAttr "section" "3. museum") {
} // mapAttrs (_: recursiveUpdate { cgit.section = "3. museum"; }) {
cgserver = {};
crude-mail-setup = {};
dot-xmonad = {};
@ -68,8 +72,8 @@ let
import <secrets/repos.nix> { inherit config lib pkgs; }
);
make-public-repo = name: { desc ? null, section ? null, ... }: {
inherit name desc section;
make-public-repo = name: { cgit ? {}, ... }: {
inherit cgit name;
public = true;
hooks = optionalAttrs (config.krebs.build.host.name == "cd") {
post-receive = pkgs.git-hooks.irc-announce {
@ -82,8 +86,8 @@ let
};
};
make-restricted-repo = name: { collaborators ? [], desc ? null, ... }: {
inherit name collaborators desc;
make-restricted-repo = name: { collaborators ? [], ... }: {
inherit collaborators name;
public = false;
};