2 { pkgs, lib, config, ... }:
4 inherit (config.services) gitweb gitolite nginx;
6 gitwebSocket = "/run/gitweb/gitweb.sock";
11 fastcgi_cache_path /var/cache/nginx/${domain}/${srv}/fastcgi
12 keys_zone=${domain}/${srv}/fastcgi:2M
17 limit_req_zone $binary_remote_addr zone=${domain}_git:10m rate=10r/s;
19 virtualHosts."${srv}.${domain}" = {
23 access_log /var/log/nginx/${domain}/${srv}/access.log json buffer=32k;
24 error_log /var/log/nginx/${domain}/${srv}/error.log warn;
29 include ${pkgs.nginx}/conf/fastcgi_params;
30 ${nginx.configs.https_add_headers}
31 add_header X-Cache $upstream_cache_status;
32 fastcgi_cache ${domain}/${srv}/fastcgi;
33 fastcgi_cache_valid 200 1m;
34 fastcgi_cache_valid 404 3m;
35 fastcgi_max_temp_file_size 1M;
36 # Used by gitweb's pathinfo feature
37 fastcgi_param PATH_INFO $fastcgi_script_name;
38 fastcgi_param GITWEB_CONFIG ${gitweb.gitwebConfigFile};
39 fastcgi_pass unix:${gitwebSocket};
40 limit_req zone=${domain}_git burst=12 delay=8;
44 alias = "${pkgs.gitweb}/static/";
50 root = pkgs.writeTextDir "static-custom/style.css" ''
60 root = pkgs.writeTextDir "robots.txt" ''
63 Disallow: /*/blobdiff/*
64 Disallow: /*/commitdiff/*
65 Disallow: /*/commitdiff_plain/*
68 Disallow: /*/snapshot/*
70 Disallow: /*a=blobdiff*
71 Disallow: /*a=commitdiff*
72 Disallow: /*a=commitdiff_plain*
75 Disallow: /*a=snapshot*
84 systemd.services.nginx.serviceConfig.LogsDirectory = lib.mkForce [ "nginx/${domain}/${srv}" ];
85 systemd.services.gitweb = {
86 description = "GitWeb FastCGI service";
87 script = "${pkgs.gitweb}/gitweb.cgi --fastcgi --nproc=1";
89 FCGI_SOCKET_PATH = gitwebSocket;
90 FCGI_SOCKET_PERM = "432"; # decimal of 660 in octal, since current CGI::Fast doesn't use perl's oct()
95 RuntimeDirectory = [ "gitweb" ];
99 wantedBy = [ "multi-user.target" ];
103 projectroot = "${gitolite.dataDir}/repositories";
106 my $s = $cgi->https() ? "s" : "";
107 @extra_breadcrumbs = (["sourcephile" => "http''${s}://${domain}"]);
108 $site_name = "Git — Sourcephile";
109 $home_link_str = "git";
110 $projects_list = "${gitolite.dataDir}/projects.list";
111 $projects_list_description_width = 50;
112 $projects_list_group_categories = 1;
113 $default_projects_order = "age";
114 $default_text_plain_charset = "utf-8";
115 $fallback_encoding = "utf-8";
116 $mimetypes_file = "${pkgs.runCommand "mime.types" {} ''
117 substitute ${pkgs.mailcap}/etc/nginx/mime.types $out \
118 --replace text/html "text/html;charset=utf-8"
121 $export_ok = "git-daemon-export-ok";
124 ( "git://${srv}.${domain}"
125 , "git\@${srv}.${domain}:"
127 # NOTE: more readable URL.
128 $feature{'pathinfo'}{'default'} = [1];
129 @stylesheets = ( "/static/gitweb.css"
130 , "/static-custom/style.css"
132 $logo = "/static/git-logo.png";
133 $favicon = "/static/git-favicon.png";
134 $javascript = "/static/gitweb.js";
135 $feature{'highlight'}{'default'} = [1];
sourcephile / git / sourcephile-nix.git / blob