diff options
| author | vkcku <[email protected]> | 2026-06-01 20:12:58 +0530 |
|---|---|---|
| committer | vkcku <[email protected]> | 2026-06-01 20:12:58 +0530 |
| commit | 1c4c830ae014fe3bfdf8c9dede790c7db90d45b5 (patch) | |
| tree | e89506515cd59411fb3a321fccc5d9773b2ae454 /infra/modules/gitserver.nix | |
| parent | infra: bootstrap plato (diff) | |
infra: add gitserver module
monorepo-revid: ace9205ea0f11551543596362900c48f705b8fb3
Diffstat (limited to 'infra/modules/gitserver.nix')
| -rw-r--r-- | infra/modules/gitserver.nix | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/infra/modules/gitserver.nix b/infra/modules/gitserver.nix new file mode 100644 index 0000000..f22d248 --- /dev/null +++ b/infra/modules/gitserver.nix @@ -0,0 +1,75 @@ +{ + flake.modules.nixos.gitserver = + { + config, + pkgs, + lib, + ... + }: + let + cfg = config.infra.gitserver; + workingDirectory = "/var/lib/git"; + in + { + options.infra.gitserver = { + user = lib.mkOption { + type = lib.types.str; + description = "The name of the user and group for managing the gitserver."; + default = "git"; + }; + + monorepoDir = lib.mkOption { + type = lib.types.str; + description = "The directory that contains the monorepo."; + }; + }; + + config = { + infra.persist.directories = [ + "${workingDirectory}" + ]; + + infra.gitserver.monorepoDir = "${workingDirectory}/monorepo"; + + users = { + groups."${cfg.user}" = { }; + users."${cfg.user}" = { + group = cfg.user; + description = "git user"; + isSystemUser = true; + home = workingDirectory; + shell = "${pkgs.git}/bin/git-shell"; + }; + }; + + systemd.services.infra-gitserver-monorepo = { + description = "Initialize the monorepo if it has not already been done so."; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + Type = "oneshot"; + User = cfg.user; + Group = cfg.user; + StateDirectory = "git"; + WorkingDirectory = "~"; + }; + + path = [ pkgs.git ]; + enableStrictShellChecks = true; + script = '' + if [ ! -d "${cfg.monorepoDir}" ]; then + git init --bare monorepo + fi + ''; + }; + + assertions = [ + { + assertion = config.infra.tailscale.ssh; + message = "Tailscale SSH must be enabled when using gitserver."; + } + ]; + + }; + }; +} |