losurdo: transmission: use transmission_4
[sourcephile-nix.git] / hosts / mermet / nginx / sourcephile.fr / git.nix
index 84a1ec972c508e9c88786a46c6054c414bb8dd06..2eca8aab823d378b06e9f437f973976bf6b1d6ba 100644 (file)
 { domain, ... }:
 { pkgs, lib, config, ... }:
 let
-  inherit (config) networking;
   inherit (config.services) gitweb gitolite nginx;
   srv = "git";
   gitwebSocket = "/run/gitweb/gitweb.sock";
 in
 {
-services.nginx = {
-  commonHttpConfig = ''
-    fastcgi_cache_path /var/cache/nginx/fastcgi_cache:${domain}:${srv}
-                       keys_zone=${domain}/${srv}:2M
-                       inactive=10m
-                       levels=1:2
-                       max_size=32M;
-  '';
-  virtualHosts."${srv}.${domain}" = {
-    serverAliases = [ "code.${domain}" ];
-    forceSSL = true;
-    useACMEHost = domain;
-    extraConfig = ''
-      access_log /var/log/nginx/${domain}/${srv}/access.log json buffer=32k;
-      error_log  /var/log/nginx/${domain}/${srv}/error.log warn;
+  services.nginx = {
+    commonHttpConfig = ''
+      fastcgi_cache_path /var/cache/nginx/${domain}/${srv}/fastcgi
+        keys_zone=${domain}/${srv}/fastcgi:2M
+        inactive=10m
+        levels=1:2
+        max_size=32M
+        use_temp_path=off;
     '';
-    locations = {
-      "/" = {
-        extraConfig = ''
-          include ${pkgs.nginx}/conf/fastcgi_params;
-          ${nginx.configs.https_add_headers}
-          add_header X-Cache $upstream_cache_status;
-          fastcgi_cache ${domain}/${srv};
-          fastcgi_cache_valid 200 1m;
-          fastcgi_cache_valid 404 3m;
-          fastcgi_max_temp_file_size 1M;
-          # Used by gitweb's pathinfo feature
-          fastcgi_param PATH_INFO $fastcgi_script_name;
-          fastcgi_param GITWEB_CONFIG ${gitweb.gitwebConfigFile};
-          fastcgi_pass unix:${gitwebSocket};
-        '';
-      };
-      "/static/" = {
-        alias = "${pkgs.gitweb}/static/";
-        extraConfig = ''
-          access_log off;
-        '';
-      };
-      "/static-custom/" = {
-        root = pkgs.writeTextDir "static-custom/style.css" ''
-          .project_list {
-            width:100%;
-          }
-        '';
-        extraConfig = ''
-          access_log off;
-        '';
-      };
-      "/robots.txt" = {
-        root = pkgs.writeTextDir "robots.txt" ''
-          User-agent: *
-          Disallow: /*/blame/*
-          Disallow: /*/blobdiff/*
-          Disallow: /*/commitdiff/*
-          Disallow: /*/commitdiff_plain/*
-          Disallow: /*/patch/*
-          Disallow: /*/search/*
-          Disallow: /*/snapshot/*
-          Disallow: /*a=blame*
-          Disallow: /*a=blobdiff*
-          Disallow: /*a=commitdiff*
-          Disallow: /*a=commitdiff_plain*
-          Disallow: /*a=patch*
-          Disallow: /*a=search*
-          Disallow: /*a=snapshot*
-        '';
-        extraConfig = ''
-          access_log off;
-        '';
+    virtualHosts."${srv}.${domain}" = {
+      forceSSL = true;
+      useACMEHost = domain;
+      extraConfig = ''
+        access_log /var/log/nginx/${domain}/${srv}/access.log json buffer=32k;
+        error_log  /var/log/nginx/${domain}/${srv}/error.log warn;
+      '';
+      locations = {
+        "/" = {
+          extraConfig = ''
+            include ${pkgs.nginx}/conf/fastcgi_params;
+            ${nginx.configs.https_add_headers}
+            add_header X-Cache $upstream_cache_status;
+            fastcgi_cache ${domain}/${srv}/fastcgi;
+            fastcgi_cache_valid 200 1m;
+            fastcgi_cache_valid 404 3m;
+            fastcgi_max_temp_file_size 1M;
+            # Used by gitweb's pathinfo feature
+            fastcgi_param PATH_INFO $fastcgi_script_name;
+            fastcgi_param GITWEB_CONFIG ${gitweb.gitwebConfigFile};
+            fastcgi_pass unix:${gitwebSocket};
+          '';
+        };
+        "/static/" = {
+          alias = "${pkgs.gitweb}/static/";
+          extraConfig = ''
+            access_log off;
+          '';
+        };
+        "/static-custom/" = {
+          root = pkgs.writeTextDir "static-custom/style.css" ''
+            .project_list {
+              width:100%;
+            }
+          '';
+          extraConfig = ''
+            access_log off;
+          '';
+        };
+        "/robots.txt" = {
+          root = pkgs.writeTextDir "robots.txt" ''
+            User-agent: *
+            Disallow: /*/blame/*
+            Disallow: /*/blobdiff/*
+            Disallow: /*/commitdiff/*
+            Disallow: /*/commitdiff_plain/*
+            Disallow: /*/patch/*
+            Disallow: /*/search/*
+            Disallow: /*/snapshot/*
+            Disallow: /*a=blame*
+            Disallow: /*a=blobdiff*
+            Disallow: /*a=commitdiff*
+            Disallow: /*a=commitdiff_plain*
+            Disallow: /*a=patch*
+            Disallow: /*a=search*
+            Disallow: /*a=snapshot*
+          '';
+          extraConfig = ''
+            access_log off;
+          '';
+        };
       };
     };
   };
-};
-systemd.services.nginx.serviceConfig.LogsDirectory = lib.mkForce ["nginx/${domain}/${srv}"];
-systemd.services.gitweb = {
-  description = "GitWeb FastCGI service";
-  script = "${pkgs.gitweb}/gitweb.cgi --fastcgi --nproc=1";
-  environment  = {
-    FCGI_SOCKET_PATH = gitwebSocket;
-    FCGI_SOCKET_PERM = "432"; # decimal of 660 in octal, since current CGI::Fast doesn't use perl's oct()
+  systemd.services.nginx.serviceConfig.LogsDirectory = lib.mkForce [ "nginx/${domain}/${srv}" ];
+  systemd.services.gitweb = {
+    description = "GitWeb FastCGI service";
+    script = "${pkgs.gitweb}/gitweb.cgi --fastcgi --nproc=1";
+    environment = {
+      FCGI_SOCKET_PATH = gitwebSocket;
+      FCGI_SOCKET_PERM = "432"; # decimal of 660 in octal, since current CGI::Fast doesn't use perl's oct()
+    };
+    serviceConfig = {
+      User = gitolite.user;
+      Group = nginx.group;
+      RuntimeDirectory = [ "gitweb" ];
+      Restart = "always";
+      RestartSec = 10;
+    };
+    wantedBy = [ "multi-user.target" ];
   };
-  serviceConfig = {
-    User             = gitolite.user;
-    Group            = nginx.group;
-    RuntimeDirectory = [ "gitweb" ];
-    Restart          = "always";
-    RestartSec       = 10;
+  services.gitweb = {
+    gitwebTheme = false;
+    projectroot = "${gitolite.dataDir}/repositories";
+    extraConfig = ''
+      use utf8;
+      my $s = $cgi->https() ? "s"  : "";
+      @extra_breadcrumbs = (["sourcephile" => "http''${s}://${domain}"]);
+      $site_name = "Git — Sourcephile";
+      $home_link_str = "git";
+      $projects_list = "${gitolite.dataDir}/projects.list";
+      $projects_list_description_width = 50;
+      $projects_list_group_categories = 1;
+      $default_projects_order = "age";
+      $default_text_plain_charset = "utf-8";
+      $fallback_encoding = "utf-8";
+      $mimetypes_file = "${pkgs.runCommand "mime.types" {} ''
+        substitute ${pkgs.mailcap}/etc/nginx/mime.types $out \
+          --replace text/html "text/html;charset=utf-8"
+      ''}";
+      $omit_owner = 1;
+      $export_ok = "git-daemon-export-ok";
+      $prevent_xss = 0;
+      @git_base_url_list =
+       ( "git://${srv}.${domain}"
+       , "git\@${srv}.${domain}:"
+       );
+      # NOTE: more readable URL.
+      $feature{'pathinfo'}{'default'} = [1];
+      @stylesheets = ( "/static/gitweb.css"
+                     , "/static-custom/style.css"
+                     );
+      $logo        =  "/static/git-logo.png";
+      $favicon     =  "/static/git-favicon.png";
+      $javascript  =  "/static/gitweb.js";
+      $feature{'highlight'}{'default'} = [1];
+    '';
   };
-  wantedBy = [ "multi-user.target" ];
-};
-services.gitweb = {
-  gitwebTheme = false;
-  projectroot = "${gitolite.dataDir}/repositories";
-  extraConfig = ''
-    use utf8;
-    my $s = $cgi->https() ? "s"  : "";
-    @extra_breadcrumbs = (["sourcephile" => "http''${s}://${domain}"]);
-    $site_name = "Git — Sourcephile";
-    $home_link_str = "git";
-    $projects_list = "${gitolite.dataDir}/projects.list";
-    $projects_list_description_width = 50;
-    $projects_list_group_categories = 1;
-    $default_projects_order = "age";
-    $default_text_plain_charset = 'utf-8';
-    #$fallback_encoding = "utf-8";
-    $omit_owner = 1;
-    $export_ok = "git-daemon-export-ok";
-    $prevent_xss = 0;
-    @git_base_url_list =
-     ( "git://${srv}.${domain}"
-     , "git\@${srv}.${domain}:"
-     );
-    # NOTE: more readable URL.
-    $feature{'pathinfo'}{'default'} = [1];
-    @stylesheets = ( "/static/gitweb.css"
-                   , "/static-custom/style.css"
-                   );
-    $logo        =  "/static/git-logo.png";
-    $favicon     =  "/static/git-favicon.png";
-    $javascript  =  "/static/gitweb.js";
-    $feature{'highlight'}{'default'} = [1];
-  '';
-};
 }