From 31cf4df2c68a6cb4c5c701abb790f585a95f5d9d Mon Sep 17 00:00:00 2001 From: Charlotte Van Petegem Date: Sun, 22 Jan 2023 21:42:09 +0100 Subject: [PATCH] Add git server --- machines/lasting-integrity/default.nix | 7 ++ machines/lasting-integrity/hardware.nix | 4 ++ modules/services/default.nix | 1 + modules/services/git/default.nix | 86 +++++++++++++++++++++++++ 4 files changed, 98 insertions(+) create mode 100644 modules/services/git/default.nix diff --git a/machines/lasting-integrity/default.nix b/machines/lasting-integrity/default.nix index c79f72d4..6ab1269b 100644 --- a/machines/lasting-integrity/default.nix +++ b/machines/lasting-integrity/default.nix @@ -41,6 +41,12 @@ fast = true; location = "192.168.0.1"; } + { + path = "zdata/big-apps/git"; + remotePath = "zdata/recv/lasting-integrity/big-apps/git"; + fast = true; + location = "192.168.0.1"; + } { path = "zdata/big-apps/mail"; remotePath = "zdata/recv/lasting-integrity/big-apps/mail"; @@ -69,6 +75,7 @@ }; services = { garmin-scraper.enable = true; + git.enable = true; grafana.enable = true; mail.enable = true; mastodon.enable = true; diff --git a/machines/lasting-integrity/hardware.nix b/machines/lasting-integrity/hardware.nix index bb08297c..6516bd2f 100644 --- a/machines/lasting-integrity/hardware.nix +++ b/machines/lasting-integrity/hardware.nix @@ -58,6 +58,10 @@ device = "zdata/big-apps/mastodon"; fsType = "zfs"; }; + "/var/lib/git" = { + device = "zdata/big-apps/git"; + fsType = "zfs"; + }; "/cache" = { device = "zroot/safe/cache"; fsType = "zfs"; diff --git a/modules/services/default.nix b/modules/services/default.nix index 9b0b7b65..3d1186db 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -7,6 +7,7 @@ ./data-access ./deluge ./garmin-scraper + ./git ./grafana ./mail ./mastodon diff --git a/modules/services/git/default.nix b/modules/services/git/default.nix new file mode 100644 index 00000000..251217af --- /dev/null +++ b/modules/services/git/default.nix @@ -0,0 +1,86 @@ +{ config, lib, pkgs, ... }: + +{ + options.chvp.services.git.enable = lib.mkOption { + default = false; + example = true; + }; + + config = lib.mkIf config.chvp.services.git.enable { + chvp.services.nginx.hosts = [{ + fqdn = "git.chvp.be"; + options = { + root = pkgs.gitea.data; + locations = { + "/".tryFiles = "$uri @proxy"; + "@proxy" = { + proxyPass = "http://unix:/run/gitea/gitea.sock"; + proxyWebsockets = true; + }; + }; + }; + }]; + users = { + users = { + git = { + uid = 963; + home = "/var/lib/git"; + group = "git"; + isSystemUser = true; + useDefaultShell = true; + }; + nginx.extraGroups = [ "git" ]; + }; + groups.git.gid = 963; + }; + services.openssh.settings.AcceptEnv = "GIT_PROTOCOL"; + services.gitea = { + enable = true; + stateDir = "/var/lib/git"; + user = "git"; + database = { + type = "postgres"; + createDatabase = true; + user = "git"; + name = "git"; + }; + dump.enable = true; + lfs.enable = true; + appName = "Charlotte's personal git server"; + domain = "git.chvp.be"; + rootUrl = "https://git.chvp.be/"; + enableUnixSocket = true; + settings = { + repository = { + DEFAULT_PRIVATE = "private"; + ENABLE_PUSH_CREATE_USER = true; + ENABLE_PUSH_CREATE_ORG = true; + }; + "repository.pull-request".DEFAULT_MERGE_STYLE = "squash"; + "repository.mimetype_mapping" = { + ".apk" = "application/vnd.android.package-archive"; + }; + ui.DEFAULT_SHOW_FULL_NAME = true; + security.DISABLE_GIT_HOOKS = false; + service = { + ENABLE_NOTIFY_EMAIL = true; + EMAIL_DOMAIN_WHITELIST = "chvp.be"; + REGISTER_EMAIL_CONFIRM = true; + AUTO_WATCH_ON_CHANGES = true; + }; + mailer = { + ENABLED = true; + FROM = "git@chvp.be"; + PROTOCOL = "smtp"; + SMTP_ADDR = "localhost"; + SMTP_PORT = 25; + }; + session.COOKIE_SECURE = true; + cron = { + ENABLED = true; + SCHEDULE = "@every 1h"; + }; + }; + }; + }; +}