3 files changed, 54 insertions, 0 deletions
diff --git a/config/cgit.nix b/config/cgit.nix
new file mode 100644
index 0000000..4f36e6a
--- /dev/null
+++ b/config/cgit.nix
@@ -0,0 +1,35 @@
+{ config, lib, pkgs, ... }:
+let
+  fcgiPort = (import ../data/aliases.nix).services.fcgi.port;
+  gitPort = (import ../data/aliases.nix).services.git.port;
+  gitPath = "/storage/projects/";
+  configFile = pkgs.writeText "cgitrc" ''
+    scan-path=${gitPath}
+  '';
+in
+{
+  imports = [ ./fcgiwrap.nix ];
+
+  networking.firewall.allowedTCPPorts = [ gitPort ];
+
+  services.nginx = {
+    enable = true;
+    virtualHosts = {
+      "git.orbekk.com" = {
+        root = "${pkgs.cgit}/cgit";
+        extraConfig = "try_files $uri @cgit;";
+        locations."@cgit" = {
+          extraConfig = ''
+            include "${pkgs.nginx}/conf/fastcgi_params";
+            fastcgi_param CGIT_CONFIG "${configFile}";
+            fastcgi_param SCRIPT_FILENAME "${pkgs.cgit}/cgit/cgit.cgi";
+            fastcgi_param PATH_INFO       $uri;
+            fastcgi_param QUERY_STRING    $args;
+            fastcgi_param HTTP_HOST       $server_name;
+            fastcgi_pass  localhost:${toString fcgiPort};
+          '';
+        };
+      };
+    };
+  };
+}
diff --git a/config/fcgiwrap.nix b/config/fcgiwrap.nix
new file mode 100644
index 0000000..ab08436
--- /dev/null
+++ b/config/fcgiwrap.nix
@@ -0,0 +1,15 @@
+{ config, lib, pkgs, ... }:
+let
+  fcgiPort = (import ../data/aliases.nix).services.fcgi.port;
+in
+{
+  networking.firewall.allowedTCPPorts = [ fcgiPort ];
+
+  services.fcgiwrap = {
+    enable = true;
+    socketType = "tcp";
+    socketAddress = "0.0.0.0:${toString fcgiPort}";
+    user = "fcgi";
+    group = "fcgi";
+  };
+}
diff --git a/config/users.nix b/config/users.nix
index 8dce076..d23323b 100644
--- a/config/users.nix
+++ b/config/users.nix
@@ -12,6 +12,10 @@
         useDefaultShell = true;
         openssh.authorizedKeys.keyFiles = [ ../data/pincer_rsa.pub ];
       };
+      fcgi = { name = "fcgi"; group = "fcgi"; uid = 500; };
+    };
+    extraGroups = {
+      fcgi = { name = "fcgi"; gid = 500; };
     };
   };
 }