]> Git — Sourcephile - sourcephile-nix.git/blob - servers/mermet/nginx/sourcephile.fr/git.nix
sourcephile / git / sourcephile-nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
nix: remove networking.domainAliases
[sourcephile-nix.git] / servers / mermet / nginx / sourcephile.fr / git.nix
1 { pkgs, lib, config, ... }:
2 let inherit (config) networking;
3 inherit (config.services) gitweb gitolite nginx;
4 domain = "sourcephile.fr";
5 package = pkgs.gitweb.override (lib.optionalAttrs gitweb.gitwebTheme {
6 gitwebTheme = true;
7 });
8 RuntimeDirectory = "gitweb";
9 gitwebSocket = "/run/${RuntimeDirectory}/gitweb.sock";
10 static-custom = pkgs.writeTextFile {
11 name = "static-custom";
12 destination = "/static-custom/style.css";
13 text = ''
14 .project_list {
15 width:100%;
16 }
17 '';
18 };
19 in
20 {
21 services.nginx = {
22 virtualHosts."git" = {
23 serverName = "git.${domain}";
24 forceSSL = true;
25 useACMEHost = domain;
26 locations = {
27 "/" = {
28 extraConfig = ''
29 include ${pkgs.nginx}/conf/fastcgi_params;
30 fastcgi_param PATH_INFO $fastcgi_script_name;
31 # NOTE: used by gitweb's pathinfo feature.
32 fastcgi_param GITWEB_CONFIG ${gitweb.gitwebConfigFile};
33 fastcgi_pass unix:${gitwebSocket};
34 '';
35 };
36 "/static/" = {
37 alias = "${pkgs.gitweb}/static/";
38 };
39 "/static-custom/" = {
40 alias = "${static-custom}/static-custom/";
41 };
42 "/robots.txt" = {
43 root = pkgs.writeTextDir "robots.txt" ''
44 User-agent: *
45 Disallow: /*/blame/*
46 Disallow: /*/blobdiff/*
47 Disallow: /*/commitdiff/*
48 Disallow: /*/search/*
49 Disallow: /*/snapshot/*
50 '';
51 extraConfig = ''
52 allow all;
53 access_log off;
54 '';
55 };
56 };
57 };
58 };
59 systemd.services.gitweb = {
60 description = "GitWeb FastCGI service";
61 script = "${pkgs.gitweb}/gitweb.cgi --fastcgi --nproc=1";
62 environment = {
63 FCGI_SOCKET_PATH = gitwebSocket;
64 FCGI_SOCKET_PERM = "432"; # decimal of 660 in octal, since current CGI::Fast doesn't use perl's oct()
65 };
66 serviceConfig = {
67 User = gitolite.user;
68 Group = nginx.group;
69 RuntimeDirectory = [ RuntimeDirectory ];
70 Restart = "always";
71 RestartSec = 10;
72 };
73 wantedBy = [ "multi-user.target" ];
74 };
75 services.gitweb = {
76 gitwebTheme = false;
77 projectroot = "${gitolite.dataDir}/repositories";
78 extraConfig = ''
79 use utf8;
80 my $s = $cgi->https() ? "s" : "";
81 @extra_breadcrumbs = (["${networking.domainBase}" => "http''${s}://${domain}"]);
82 $site_name = "Git — Sourcephile";
83 $home_link_str = "git";
84 $projects_list = "${gitolite.dataDir}/projects.list";
85 $projects_list_description_width = 50;
86 $projects_list_group_categories = 1;
87 $default_projects_order = "age";
88 $omit_owner = 1;
89 $export_ok = "git-daemon-export-ok";
90 $prevent_xss = 0;
91 @git_base_url_list =
92 ( "git://git.${domain}"
93 , "git\@git.${domain}:"
94 );
95 # NOTE: more readable URL.
96 $feature{'pathinfo'}{'default'} = [1];
97 @stylesheets = ( "/static/gitweb.css"
98 , "/static-custom/style.css"
99 );
100 $logo = "/static/git-logo.png";
101 $favicon = "/static/git-favicon.png";
102 $javascript = "/static/gitweb.js";
103 $feature{'highlight'}{'default'} = [1];
104 # FIX: gitweb bug: FCGI is not Unicode aware.
105 if ($first_request) {
106 my $enc = Encode::find_encoding('UTF-8');
107 my $org = \&FCGI::Stream::PRINT;
108 no warnings 'redefine';
109 *FCGI::Stream::PRINT = sub {
110 my @OUTPUT = @_;
111 for (my $i = 1; $i < @_; $i++) {
112 $OUTPUT[$i] = $enc->encode($_[$i], Encode::FB_CROAK|Encode::LEAVE_SRC);
113 }
114 @_ = @OUTPUT;
115 goto $org;
116 };
117 };
118 '';
119 };
120 }
NixOS configurations for Sourcephile's infrastructure