diff options
Diffstat (limited to 'infra/libkookie')
-rw-r--r-- | infra/libkookie/configuration/server/cgit/default.nix | 39 | ||||
-rw-r--r-- | infra/libkookie/modules/server/cgit/default.nix | 98 | ||||
-rw-r--r-- | infra/libkookie/modules/server/cgit/smart-http.nix | 84 | ||||
-rw-r--r-- | infra/libkookie/modules/server/default.nix | 2 |
4 files changed, 200 insertions, 23 deletions
diff --git a/infra/libkookie/configuration/server/cgit/default.nix b/infra/libkookie/configuration/server/cgit/default.nix index 2c0e0427e573..5d6c4779624b 100644 --- a/infra/libkookie/configuration/server/cgit/default.nix +++ b/infra/libkookie/configuration/server/cgit/default.nix @@ -3,26 +3,9 @@ let port = 15150; in { - services.nginx.virtualHosts."git.spacekookie.de" = { - enableACME = false; - useACMEHost = "spacekookie.de"; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:${builtins.toString port}"; - }; - locations."/static/" = { - alias = "/var/lib/cgit/"; - }; - }; - - # cgit server - services.lighttpd = { - enable = true; - inherit port; - - cgit = { - enable = true; - configText = '' + services.cgit.instances.main = { + vhost = "git.spacekookie.de"; + config = pkgs.writeText "cgit.conf" '' clone-prefix=https://git.spacekookie.de css=/static/cgit.css favicon=/static/favicon.ico @@ -38,10 +21,20 @@ in source-filter=${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py root-title=git.spacekookie.de root-desc=Here be really bad source code yarrr + scan-path=/home/spacekookie/git - ''; - subdir = ""; # be on git.spacekookie.de - }; + ''; + }; + + + services.nginx.virtualHosts."git.spacekookie.de" = { + enableACME = false; + useACMEHost = "spacekookie.de"; + forceSSL = true; }; + services.git-http-backend.instances.main = { + vhost = "git.spacekookie.de"; + projectRoot = "/home/spacekookie/git"; + }; } diff --git a/infra/libkookie/modules/server/cgit/default.nix b/infra/libkookie/modules/server/cgit/default.nix new file mode 100644 index 000000000000..ecb993f8c404 --- /dev/null +++ b/infra/libkookie/modules/server/cgit/default.nix @@ -0,0 +1,98 @@ +/** cgit module taken from git.qyliss.net/nixlib + */ + +{ lib, pkgs, config, ... }: + +let + inherit (builtins) split; + inherit (lib) foldr groupBy head mapAttrs mapAttrsToList mkOption nameValuePair + optionalAttrs types; + + cfg = config.services.cgit; + + instancesByVhost = groupBy ({ value, ... }: value.vhost) + (mapAttrsToList nameValuePair cfg.instances); + + vhostConfigs = mapAttrs (vhost: instances: + foldr (l: r: l // r) {} (map ({ name, value }: let + unslashedPath = head (split "/+$" value.path); + # We'll be dealing almost exclusively with paths ending in /, + # since otherwise Nginx likes to do simple prefix matching. + path = "${unslashedPath}/"; + in { + locations = { + ${path} = { + alias = "${value.package}/cgit/"; + tryFiles = "$uri @${name}-cgit"; + }; + "@${name}-cgit" = { + root = "${value.package}/cgit"; + + fastcgiParams.CGIT_CONFIG = "${value.config}"; + fastcgiParams.SCRIPT_FILENAME = "$document_root/cgit.cgi"; + fastcgiParams.PATH_INFO = "$fastcgi_path_info"; + fastcgiParams.QUERY_STRING = "$args"; + fastcgiParams.HTTP_HOST = "$server_name"; + + extraConfig = '' + fastcgi_split_path_info ^(${path})(.*)$; + fastcgi_pass unix:/run/fcgiwrap.sock; + ''; + }; + } // optionalAttrs (unslashedPath != "") { + ${unslashedPath} = { + return = "301 ${path}"; + }; + }; + }) instances) + ) instancesByVhost; +in + +{ + options.services.cgit = { + instances = mkOption { + type = types.attrsOf (types.submodule { + options = { + vhost = mkOption { + type = types.str; + example = "spectrum-os.org"; + description = "Nginx vhost for the cgit"; + }; + + path = mkOption { + type = types.strMatching "/(.*[^/])?"; + default = "/"; + example = "/git"; + description = '' + Path to be appended to all cgit URLs. + + Leading slashes are mandatory; trailing slashes are forbidden. + ''; + }; + + package = mkOption { + type = types.package; + default = pkgs.cgit; + description = "cgit package to use"; + }; + + config = mkOption { + type = types.package; + description = '' + Configuration file for cgit. See + <citerefentry><refentrytitle>cgitrc</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>. + ''; + }; + }; + }); + default = {}; + description = "List of cgit instances to run"; + }; + }; + + config = { + services.fcgiwrap = optionalAttrs (cfg.instances != {}) { enable = true; }; + services.nginx.virtualHosts = vhostConfigs; + }; +} diff --git a/infra/libkookie/modules/server/cgit/smart-http.nix b/infra/libkookie/modules/server/cgit/smart-http.nix new file mode 100644 index 000000000000..d45eb0d3a27a --- /dev/null +++ b/infra/libkookie/modules/server/cgit/smart-http.nix @@ -0,0 +1,84 @@ +{ lib, pkgs, config, ... }: + +let + inherit (builtins) split; + inherit (lib) foldr groupBy head mapAttrs mapAttrsToList mkOption nameValuePair + optionalAttrs types; + + cfg = config.services.git-http-backend; + + instancesByVhost = groupBy ({ value, ... }: value.vhost) + (mapAttrsToList nameValuePair cfg.instances); + + vhostConfigs = mapAttrs (vhost: instances: + foldr (l: r: l // r) {} (map ({ name, value }: let + path = head (split "/+$" value.path); + pathRegex = + "^${path}(/.*?)(\.git)?/(HEAD|info/refs|git-(upload|receive)-pack)$"; + in { + locations = { + "~ ${pathRegex}" = { + fastcgiParams.SCRIPT_FILENAME = "${cfg.package}/bin/git-http-backend"; + fastcgiParams.GIT_PROJECT_ROOT = value.projectRoot; + fastcgiParams.GIT_HTTP_EXPORT_ALL = ""; + fastcgiParams.PATH_INFO = "$1$2/$3"; + + extraConfig = '' + client_max_body_size 0; + fastcgi_pass unix:/run/fcgiwrap.sock; + ''; + }; + }; + }) instances) + ) instancesByVhost; +in + +{ + options.services.git-http-backend = { + package = mkOption { + type = types.package; + default = pkgs.gitMinimal; + description = "git package to use"; + }; + + instances = mkOption { + type = types.attrsOf (types.submodule { + options = { + vhost = mkOption { + type = types.str; + example = "spectrum-os.org"; + description = "Nginx vhost for the git server"; + }; + + path = mkOption { + type = types.strMatching "/(.*[^/])?"; + default = "/"; + example = "/git"; + description = '' + Path to be prepended to all clone URLs. + + Leading slashes are mandatory; trailing slashes are forbidden. + ''; + }; + + projectRoot = mkOption { + type = types.strMatching "/(.*[^/])?"; + example = "/var/www/git"; + description = '' + Directory in which to look for git repositories. + + Leading slashes are mandatory; trailing slashes are forbidden. + ''; + }; + }; + }); + default = {}; + description = "List of git-http-backend instances to run"; + }; + }; + + config = { + services.fcgiwrap = optionalAttrs (cfg.instances != {}) { enable = true; }; + services.nginx.virtualHosts = vhostConfigs; + }; +} diff --git a/infra/libkookie/modules/server/default.nix b/infra/libkookie/modules/server/default.nix index 27ee9a21737a..bf72b9d6c641 100644 --- a/infra/libkookie/modules/server/default.nix +++ b/infra/libkookie/modules/server/default.nix @@ -2,6 +2,8 @@ { imports = [ + ./cgit + ./cgit/smart-http.nix ./ferm2 ]; } |