diff options
-rw-r--r-- | config/cgit.nix | 35 | ||||
-rw-r--r-- | config/fcgiwrap.nix | 15 | ||||
-rw-r--r-- | config/users.nix | 4 | ||||
-rw-r--r-- | data/aliases.nix | 2 |
4 files changed, 56 insertions, 0 deletions
diff --git a/config/cgit.nix b/config/cgit.nix new file mode 100644 index 0000000..4f36e6a --- /dev/null +++ b/config/cgit.nix @@ -0,0 +1,35 @@ +{ config, lib, pkgs, ... }: +let + fcgiPort = (import ../data/aliases.nix).services.fcgi.port; + gitPort = (import ../data/aliases.nix).services.git.port; + gitPath = "/storage/projects/"; + configFile = pkgs.writeText "cgitrc" '' + scan-path=${gitPath} + ''; +in +{ + imports = [ ./fcgiwrap.nix ]; + + networking.firewall.allowedTCPPorts = [ gitPort ]; + + services.nginx = { + enable = true; + virtualHosts = { + "git.orbekk.com" = { + root = "${pkgs.cgit}/cgit"; + extraConfig = "try_files $uri @cgit;"; + locations."@cgit" = { + extraConfig = '' + include "${pkgs.nginx}/conf/fastcgi_params"; + fastcgi_param CGIT_CONFIG "${configFile}"; + fastcgi_param SCRIPT_FILENAME "${pkgs.cgit}/cgit/cgit.cgi"; + fastcgi_param PATH_INFO $uri; + fastcgi_param QUERY_STRING $args; + fastcgi_param HTTP_HOST $server_name; + fastcgi_pass localhost:${toString fcgiPort}; + ''; + }; + }; + }; + }; +} diff --git a/config/fcgiwrap.nix b/config/fcgiwrap.nix new file mode 100644 index 0000000..ab08436 --- /dev/null +++ b/config/fcgiwrap.nix @@ -0,0 +1,15 @@ +{ config, lib, pkgs, ... }: +let + fcgiPort = (import ../data/aliases.nix).services.fcgi.port; +in +{ + networking.firewall.allowedTCPPorts = [ fcgiPort ]; + + services.fcgiwrap = { + enable = true; + socketType = "tcp"; + socketAddress = "0.0.0.0:${toString fcgiPort}"; + user = "fcgi"; + group = "fcgi"; + }; +} diff --git a/config/users.nix b/config/users.nix index 8dce076..d23323b 100644 --- a/config/users.nix +++ b/config/users.nix @@ -12,6 +12,10 @@ useDefaultShell = true; openssh.authorizedKeys.keyFiles = [ ../data/pincer_rsa.pub ]; }; + fcgi = { name = "fcgi"; group = "fcgi"; uid = 500; }; + }; + extraGroups = { + fcgi = { name = "fcgi"; gid = 500; }; }; }; } diff --git a/data/aliases.nix b/data/aliases.nix index 13a93d5..77eb7e0 100644 --- a/data/aliases.nix +++ b/data/aliases.nix @@ -6,5 +6,7 @@ rec { hydra = { address = ip.shape; port = 11101; }; matrix = { address = ip.shape; port = 11102; }; matrixFederation = { address = ip.shape; port = 8448; }; + git = { address = ip.shape; port = 11103; }; + fcgi = { address = ip.shape; port = 11104; }; }; } |