diff options
| author | vkcku <[email protected]> | 2026-06-02 08:48:25 +0530 |
|---|---|---|
| committer | vkcku <[email protected]> | 2026-06-02 08:48:25 +0530 |
| commit | d7566633b06f30f562ffbaf4908c8d88a3f110d5 (patch) | |
| tree | 6524417b20c5c6d1ff3930cfd89b9dc44c8e3355 /infra | |
| parent | infra: move hosting public monorepo to indra (diff) | |
infra: add gitserver UI module
monorepo-revid: 86bc4004a1d213476e78b585824bf996ecd57452
Diffstat (limited to 'infra')
| -rw-r--r-- | infra/modules/gitserver-ui.nix | 80 | ||||
| -rw-r--r-- | infra/modules/gitserver.nix | 2 | ||||
| -rw-r--r-- | infra/todo.md | 5 |
3 files changed, 87 insertions, 0 deletions
diff --git a/infra/modules/gitserver-ui.nix b/infra/modules/gitserver-ui.nix new file mode 100644 index 0000000..9e1feb5 --- /dev/null +++ b/infra/modules/gitserver-ui.nix @@ -0,0 +1,80 @@ +{ + flake.modules.nixos.gitserver-ui = + { config, pkgs, ... }: + let + cgitrc = pkgs.writeText "cgitrc" '' + cache-size=1000 + cache-static-ttl=60 + enable-commit-graph=1 + enable-http-clone=0 + enable-index-links=1 + enable-log-filecount=1 + enable-log-linecount=1 + enable-subject-links=1 + + repo.name=monorepo + repo.url=monorepo-public + repo.path=/var/lib/git/monorepo-public + repo.desc=an attempt at managing everything in a single repo + repo.defbranch=main + repo.readme=:README.md + ''; + in + { + users = { + groups.cgit = { }; + users.cgit = { + group = "cgit"; + isSystemUser = true; + extraGroups = [ "git" ]; + }; + }; + + services.fcgiwrap.instances.cgit = { + process = { + user = "cgit"; + group = "cgit"; + }; + socket = { + user = config.services.caddy.user; + group = config.services.caddy.group; + }; + }; + + services.caddy.virtualHosts."code.vkcku.com" = { + extraConfig = '' + @static path /cgit.css /cgit.png /favicon.ico /robots.txt + handle @static { + root * ${pkgs.cgit}/cgit + file_server + } + + handle / { + redir * /monorepo-public + } + + handle { + reverse_proxy unix/${config.services.fcgiwrap.instances.cgit.socket.address} { + transport fastcgi { + env SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi + env CGIT_CONFIG ${cgitrc} + env PATH_INFO {http.request.uri.path} + env HTTP_HOST {http.request.host} + } + } + } + ''; + }; + + assertions = [ + { + assertion = config.services.caddy.enable; + message = "Caddy must be enabled for gitserver-ui to work."; + } + { + assertion = config.infra.gitserver.enablePublic; + message = "public monorepo is not being served on this machine"; + } + ]; + }; +} diff --git a/infra/modules/gitserver.nix b/infra/modules/gitserver.nix index f675d2d..426542f 100644 --- a/infra/modules/gitserver.nix +++ b/infra/modules/gitserver.nix @@ -72,6 +72,8 @@ if [ ! -d "${workingDirectory}/monorepo-public" ]; then git init --bare monorepo-public fi + + touch "${workingDirectory}/monorepo-public/git-daemon-export-ok"; ''} ''; }; diff --git a/infra/todo.md b/infra/todo.md new file mode 100644 index 0000000..874af27 --- /dev/null +++ b/infra/todo.md @@ -0,0 +1,5 @@ +# TODO + +- [ ] setup encrypted clienthello with caddy (is it needed since I can just + enable this on Cloudflare?) +- [ ] monitoring Caddy (<https://caddyserver.com/docs/metrics>) |