summaryrefslogtreecommitdiff
path: root/configuration.nix
diff options
context:
space:
mode:
Diffstat (limited to 'configuration.nix')
-rw-r--r--configuration.nix74
1 files changed, 67 insertions, 7 deletions
diff --git a/configuration.nix b/configuration.nix
index 079b7c7..137dded 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -1,4 +1,4 @@
-{ pkgs, inputs, ... }: {
+{ pkgs, inputs, ... }: {
imports = [
./hardware-configuration.nix
./networking.nix # generated at runtime by nixos-infect
@@ -49,6 +49,44 @@
};
};
+ services.cgit.mccd = {
+ scanPath = "/srv/git/repositories";
+ enable = true;
+ nginx.virtualHost = "git.mccd.space";
+ settings = {
+ css = "/cgit.css";
+ logo = "";
+ favicon = "";
+ enable-index-owner = "0";
+ snapshots = "tar.gz tar.bz2 zip";
+ about-filter = "${pkgs.cgit}/lib/cgit/filters/about-formatting.sh";
+ source-filter = "${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py";
+ clone-url = (pkgs.lib.concatStringsSep " " [
+ "https://git.mccd.space/$CGIT_REPO_URL"
+ "ssh://git@git.mccd.space:$CGIT_REPO_URL"
+ ]);
+ readme = ":README.md";
+ remove-suffix = "1";
+ "mimetype.gif" = "image/gif";
+ "mimetype.html" = "text/html";
+ "mimetype.jpg" = "image/jpeg";
+ "mimetype.jpeg" = "image/jpeg";
+ "mimetype.pdf" = "application/pdf";
+ "mimetype.png" = "image/png";
+ "mimetype.svg" = "image/svg+xml";
+ "repo.owner" = "Marc";
+ enable-log-filecount = 1;
+ enable-follow-links = 1;
+ enable-log-linecount = 1;
+ enable-git-config = 1;
+ enable-commit-graph = 1;
+ project-list = "/srv/git/projects.list";
+ root-title = "git.mccd ߸";
+ root-desc = "";
+ };
+ };
+
+
services.freshrss = {
enable = true;
defaultUser = "freshrss";
@@ -69,6 +107,12 @@
recommendedProxySettings = true;
recommendedTlsSettings = true;
+ virtualHosts."git.mccd.space" = {
+ forceSSL = true;
+ enableACME = true;
+ };
+
+
virtualHosts."rss.mccd.space" = {
forceSSL = true;
enableACME = true;
@@ -93,17 +137,33 @@
defaults.email = "marcc@mccd.space";
};
- environment.systemPackages = with pkgs; [ git vim fd php ];
+ environment.systemPackages = with pkgs; [ git vim fd php python311Packages.markdown ];
+
+ programs.git.enable = true;
+ users.groups.git = {};
+ services.sshguard.enable = true;
+
+ services.gitolite = {
+ enable = true;
+ user = "git";
+ group = "git";
+ extraGitoliteRc = ''
+ $RC{UMASK} = 0077;
+ $RC{GIT_CONFIG_KEYS} = 'gitweb.owner gitweb.description';
+ '';
+ dataDir = "/srv/git";
+ adminPubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDcVScuh69V2OoYvMvPPgg0V2rNOaaEBBKpfsflnb97u1XltWeO9GnjkSfnfkY73M67eWuMwf9VwSjcYuDAguUEtCBlFEiZydmqgA5efqHwTIoxAegXL4Imb/pWnvryFQ7bbpcbY6gCNIskGMsUOv67AVXL5zPcFPmh/gQEOQH+Zp7AaJ264HWkwBuM63OYxuQ4vB/6jxWGW8j6UF9dvqemtRyFytpXW8R7y3B7sbI+tO+vuB2+O5NNguv3KStT00ktfLxoZJ2koAIb0HBOoKlbeoFVR/K3S8NeWbsZQMHY1W519rQm3TN6rDBLjdRDYQS1Y5ECNAfgbdrz5Ed8R1P1AqqzBAfEp0ooFeitN8BDrwbntiMF+qpPWzNIzJkWOgpfU7YBr/JCsSdtnVAMJo4lKC3mu5PKGROUE/rfd0/rn03HD/rgyhPvREtwUrfQTc4VzQP2Ntdw3tsZRpaNk7FZPtXApKu9Wt6TwS74n6ma4Q33opfqyDV0UzpsUCYncx8= marcc@mccd";
+ };
users.users.git = {
- isNormalUser = true;
- home = "/home/git";
- description = "Git User";
- extraGroups = [ "wheel" "networkmanager" "git" ];
+ isSystemUser = true;
+ home = "/srv/git";
+ group = "git";
+ extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDcVScuh69V2OoYvMvPPgg0V2rNOaaEBBKpfsflnb97u1XltWeO9GnjkSfnfkY73M67eWuMwf9VwSjcYuDAguUEtCBlFEiZydmqgA5efqHwTIoxAegXL4Imb/pWnvryFQ7bbpcbY6gCNIskGMsUOv67AVXL5zPcFPmh/gQEOQH+Zp7AaJ264HWkwBuM63OYxuQ4vB/6jxWGW8j6UF9dvqemtRyFytpXW8R7y3B7sbI+tO+vuB2+O5NNguv3KStT00ktfLxoZJ2koAIb0HBOoKlbeoFVR/K3S8NeWbsZQMHY1W519rQm3TN6rDBLjdRDYQS1Y5ECNAfgbdrz5Ed8R1P1AqqzBAfEp0ooFeitN8BDrwbntiMF+qpPWzNIzJkWOgpfU7YBr/JCsSdtnVAMJo4lKC3mu5PKGROUE/rfd0/rn03HD/rgyhPvREtwUrfQTc4VzQP2Ntdw3tsZRpaNk7FZPtXApKu9Wt6TwS74n6ma4Q33opfqyDV0UzpsUCYncx8= marcc@mccd" ];
};
- boot.cleanTmpDir = true;
+ boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
networking.hostName = "nix";
networking.domain = "ann";