feat(ops/nixos/camden): Set up cgit service
Adds a user & group which are configured to own the local depot copy, and a cgit service to serve it. The depot checkout was configured as: mkdir -p /var/git && chown git: /var/git # now, as the git user, in /var/git git clone --bare ... depot chmod -R g+rw /var/git chmod g+s (find /var/git -type d) git init --bare --shared=all depot My personal user is a member of the git group, which means that after the above configuration I can push to the bare repo as my user and things work. Also, crucially, the `post-update` hook must be enabled as cgit uses the dumb HTTP transport.
This commit is contained in:
		
							parent
							
								
									f60eb6c3c7
								
							
						
					
					
						commit
						8e52e74bd3
					
				
					 1 changed files with 27 additions and 5 deletions
				
			
		|  | @ -93,11 +93,21 @@ in pkgs.lib.fix(self: { | |||
|       curl emacs26-nox gnupg pass pciutils direnv | ||||
|     ]); | ||||
| 
 | ||||
|   users.users.tazjin = { | ||||
|     isNormalUser = true; | ||||
|     uid = 1000; | ||||
|     extraGroups = [ "wheel" ]; | ||||
|     shell = nixpkgs.fish; | ||||
|   users = { | ||||
|     # Set up my own user for logging in and doing things ... | ||||
|     users.tazjin = { | ||||
|       isNormalUser = true; | ||||
|       uid = 1000; | ||||
|       extraGroups = [ "git" "wheel" ]; | ||||
|       shell = nixpkgs.fish; | ||||
|     }; | ||||
| 
 | ||||
|     # Set up a user & group for general git shenanigans | ||||
|     groups.git = {}; | ||||
|     users.git = { | ||||
|       group = "git"; | ||||
|       isNormalUser = false; | ||||
|     }; | ||||
|   }; | ||||
| 
 | ||||
|   # Services setup | ||||
|  | @ -121,6 +131,18 @@ in pkgs.lib.fix(self: { | |||
|     } ; | ||||
|   }; | ||||
| 
 | ||||
|   # Run cgit for the depot. The onion here is nginx(thttpd(cgit)). | ||||
|   systemd.services.cgit = { | ||||
|     wantedBy = [ "multi-user.target" ]; | ||||
|     script = "${pkgs.web.cgit-taz}/bin/cgit-launch"; | ||||
| 
 | ||||
|     serviceConfig = { | ||||
|       Restart = "on-failure"; | ||||
|       User = "git"; | ||||
|       Group = "git"; | ||||
|     }; | ||||
|   }; | ||||
| 
 | ||||
|   # serve my website | ||||
|   services.nginx = { | ||||
|     enable = true; | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue