1 { pkgs, lib, config, ... }:
3 inherit (config) networking;
4 inherit (config.services) gitweb gitolite nginx;
5 domain = "sourcephile.fr";
7 gitwebSocket = "/run/gitweb/gitweb.sock";
12 fastcgi_cache_path ${nginx.stateDir}/fastcgi_cache:${domain}:${srv}
13 keys_zone=${domain}/${srv}:2M
18 virtualHosts."${srv}" = {
19 serverName = "${srv}.${domain}";
23 access_log ${nginx.logDir}/${domain}/${srv}/access.log json buffer=32k;
24 error_log ${nginx.logDir}/${domain}/${srv}/error.log warn;
29 include ${pkgs.nginx}/conf/fastcgi_params;
30 ${nginx.configs.https_add_headers}
31 add_header X-Cache $upstream_cache_status;
32 fastcgi_cache ${domain}/${srv};
33 fastcgi_cache_valid 200 1m;
34 fastcgi_cache_valid 404 30m;
35 fastcgi_max_temp_file_size 1M;
36 # Used by gitweb's pathinfo feature
37 fastcgi_param PATH_INFO $fastcgi_script_name;
38 fastcgi_param GITWEB_CONFIG ${gitweb.gitwebConfigFile};
39 fastcgi_pass unix:${gitwebSocket};
43 alias = "${pkgs.gitweb}/static/";
49 root = pkgs.writeTextDir "static-custom/style.css" ''
59 root = pkgs.writeTextDir "robots.txt" ''
62 Disallow: /*/blobdiff/*
63 Disallow: /*/commitdiff/*
64 Disallow: /*/commitdiff_plain/*
67 Disallow: /*/snapshot/*
69 Disallow: /*a=blobdiff*
70 Disallow: /*a=commitdiff*
71 Disallow: /*a=commitdiff_plain*
74 Disallow: /*a=snapshot*
83 systemd.services.nginx.preStart = lib.mkBefore ''
84 install -D -d -m 750 -o ${nginx.user} -g ${nginx.group} ${nginx.logDir}/${domain}/${srv}/
86 systemd.services.gitweb = {
87 description = "GitWeb FastCGI service";
88 script = "${pkgs.gitweb}/gitweb.cgi --fastcgi --nproc=1";
90 FCGI_SOCKET_PATH = gitwebSocket;
91 FCGI_SOCKET_PERM = "432"; # decimal of 660 in octal, since current CGI::Fast doesn't use perl's oct()
96 RuntimeDirectory = [ "gitweb" ];
100 wantedBy = [ "multi-user.target" ];
104 projectroot = "${gitolite.dataDir}/repositories";
107 my $s = $cgi->https() ? "s" : "";
108 @extra_breadcrumbs = (["${networking.domainBase}" => "http''${s}://${domain}"]);
109 $site_name = "Git — Sourcephile";
110 $home_link_str = "git";
111 $projects_list = "${gitolite.dataDir}/projects.list";
112 $projects_list_description_width = 50;
113 $projects_list_group_categories = 1;
114 $default_projects_order = "age";
115 $default_text_plain_charset = 'utf-8';
116 #$fallback_encoding = "utf-8";
118 $export_ok = "git-daemon-export-ok";
121 ( "git://${srv}.${domain}"
122 , "git\@${srv}.${domain}:"
124 # NOTE: more readable URL.
125 $feature{'pathinfo'}{'default'} = [1];
126 @stylesheets = ( "/static/gitweb.css"
127 , "/static-custom/style.css"
129 $logo = "/static/git-logo.png";
130 $favicon = "/static/git-favicon.png";
131 $javascript = "/static/gitweb.js";
132 $feature{'highlight'}{'default'} = [1];
136 # Fix a bug in Gitweb: FCGI is not Unicode aware.
137 # However no encoding must be done within git_blob_plain() and git_snapshot()
138 # which must still output in raw binary mode.
139 if ($first_request) {
140 no warnings 'redefine';
141 my $enc = Encode::find_encoding('UTF-8');
142 my $old_PRINT = \&FCGI::Stream::PRINT;
143 my $old_git_blob_plain = \&git_blob_plain;
144 my $old_git_snapshot = \&git_snapshot;
145 *main::git_blob_plain = sub {
146 local *FCGI::Stream::PRINT = $old_PRINT;
147 $old_git_blob_plain->(@_);
149 $actions{blob_plain} = \&main::git_blob_plain;
150 *main::git_snapshot = sub {
151 local *FCGI::Stream::PRINT = $old_PRINT;
152 $old_git_snapshot->(@_);
154 $actions{snapshot} = \&main::git_snapshot;
155 *FCGI::Stream::PRINT = sub {
157 for (my $i = 1; $i < @_; $i++) {
158 $OUTPUT[$i] = $enc->encode($_[$i], Encode::FB_CROAK|Encode::LEAVE_SRC);