{ flake.modules.nixos.gitserver-ui = { config, pkgs, ... }: let cgitrc = pkgs.writeText "cgitrc" '' cache-size=1000 cache-static-ttl=60 enable-commit-graph=1 enable-http-clone=0 enable-index-links=1 enable-log-filecount=1 enable-log-linecount=1 enable-subject-links=1 repo.name=monorepo repo.url=monorepo-public repo.path=/var/lib/git/monorepo-public repo.desc=an attempt at managing everything in a single repo repo.defbranch=main repo.readme=:README.md ''; in { users = { groups.cgit = { }; users.cgit = { group = "cgit"; isSystemUser = true; extraGroups = [ "git" ]; }; }; services.fcgiwrap.instances.cgit = { process = { user = "cgit"; group = "cgit"; }; socket = { user = config.services.caddy.user; group = config.services.caddy.group; }; }; services.caddy.virtualHosts."code.vkcku.com" = { extraConfig = '' @static path /cgit.css /cgit.png /favicon.ico /robots.txt handle @static { root * ${pkgs.cgit}/cgit file_server } handle / { redir * /monorepo-public } handle { reverse_proxy unix/${config.services.fcgiwrap.instances.cgit.socket.address} { transport fastcgi { env SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi env CGIT_CONFIG ${cgitrc} env PATH_INFO {http.request.uri.path} env HTTP_HOST {http.request.host} } } } ''; }; assertions = [ { assertion = config.services.caddy.enable; message = "Caddy must be enabled for gitserver-ui to work."; } { assertion = config.infra.gitserver.enablePublic; message = "public monorepo is not being served on this machine"; } ]; }; }