diff options
author | Ben Sima <ben@bsima.me> | 2024-12-21 10:40:06 -0400 |
---|---|---|
committer | Ben Sima <ben@bsima.me> | 2024-12-21 09:40:06 -0500 |
commit | 79390d4eea20ca15fd8e088345528f31ed5fad1e (patch) | |
tree | f08b71ffddead23484fd6df9e1aff54d20f12768 /Biz/Cloud | |
parent | 18956baad9cde85bc55bd0113092e51786d9e1ee (diff) |
Upgrade to nixos-24.05
I think this is the only "supported" nixos version now. But in any case scipy
seemed to be broken on the older version, and I couldn't build my code that uses
llm. Also, this allows me to get rid of the bild.os-unstable thing for
Beryllium, which was just a sitting timebomb of breaking stuff.
There are a lot of changes here because ruff updated to the very latest, and it
changed some minor lint things. Also with the new nixos I get a proper cgit
module, and some other breaking changes needed fixing.
Diffstat (limited to 'Biz/Cloud')
-rw-r--r-- | Biz/Cloud/Cgit.nix | 136 | ||||
-rw-r--r-- | Biz/Cloud/Git.nix | 42 |
2 files changed, 19 insertions, 159 deletions
diff --git a/Biz/Cloud/Cgit.nix b/Biz/Cloud/Cgit.nix deleted file mode 100644 index 23fa00f..0000000 --- a/Biz/Cloud/Cgit.nix +++ /dev/null @@ -1,136 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; -let - globalConfig = config; - settingsFormat = { - type = with lib.types; - let - value = oneOf [ int str ] // { - description = "INI-like atom (int or string)"; - }; - values = coercedTo value lib.singleton (listOf value) // { - description = value.description - + " or a list of them for duplicate keys"; - }; - in attrsOf (values); - generate = name: values: - pkgs.writeText name - (lib.generators.toKeyValue { listsAsDuplicateKeys = true; } values); - }; -in { - options.services.nginx.virtualHosts = mkOption { - type = types.attrsOf (types.submodule ({ config, ... }: - let - cfg = config.cgit; - - # These are the global options for this submodule, but for nicer UX they - # are inlined into the freeform settings. Hence they MUST NOT INTERSECT - # with any settings from cgitrc! - options = { - enable = mkEnableOption "cgit"; - - location = mkOption { - default = "/"; - type = types.str; - description = '' - Location to serve cgit on. - ''; - }; - - allowCrawlers = mkOption { - default = true; - type = types.bool; - description = '' - Allow search engines to crawl and index this site. - ''; - }; - }; - - # Remove the global options for serialization into cgitrc - settings = removeAttrs cfg (attrNames options); - in { - options.cgit = mkOption { - type = types.submodule { - freeformType = settingsFormat.type; - inherit options; - config = { - css = mkDefault "/cgit.css"; - logo = mkDefault "/cgit.png"; - favicon = mkDefault "/favicon.ico"; - }; - }; - default = { }; - example = literalExample '' - { - enable = true; - virtual-root = "/"; - source-filter = "''${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py"; - about-filter = "''${pkgs.cgit}/lib/cgit/filters/about-formatting.sh"; - cache-size = 1000; - scan-path = "/srv/git"; - include = [ - (builtins.toFile "cgitrc-extra-1" ''' - # Anything that has to be in a particular order - ''') - (builtins.toFile "cgitrc-extra-2" ''' - # Anything that has to be in a particular order - ''') - ]; - } - ''; - description = '' - Verbatim contents of the cgit runtime configuration file. Documentation - (with cgitrc example file) is available in "man cgitrc". Or online: - http://git.zx2c4.com/cgit/tree/cgitrc.5.txt - ''; - }; - - config = let location = removeSuffix "/" cfg.location; - in mkIf cfg.enable { - - locations."${location}/" = { - root = "${pkgs.cgit}/cgit/"; - tryFiles = "$uri @cgit"; - }; - locations."~ ^${location}/(cgit.(css|png)|favicon.ico|robots.txt)$" = - { - alias = "${pkgs.cgit}/cgit/$1"; - }; - locations."@cgit" = { - extraConfig = '' - include ${pkgs.nginx}/conf/fastcgi_params; - fastcgi_param CGIT_CONFIG ${ - settingsFormat.generate "cgitrc" settings - }; - fastcgi_param SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi; - fastcgi_param QUERY_STRING $args; - fastcgi_param HTTP_HOST $server_name; - fastcgi_pass unix:${globalConfig.services.fcgiwrap.socketAddress}; - '' + (if cfg.location == "/" then '' - fastcgi_param PATH_INFO $uri; - '' else '' - fastcgi_split_path_info ^(${location}/)(/?.+)$; - fastcgi_param PATH_INFO $fastcgi_path_info; - '') + (if !cfg.allowCrawlers then '' - add_header X-Robots-Tag "noindex, follow" always; - '' else - ""); - }; - }; - - })); - }; - - config = let vhosts = config.services.nginx.virtualHosts; - in mkIf (any (name: vhosts.${name}.cgit.enable) (attrNames vhosts)) { - # make the cgitrc manpage available - environment.systemPackages = [ pkgs.cgit ]; - - services.fcgiwrap.enable = true; - }; - - meta = { - maintainers = with lib.maintainers; [ bsima ]; # afix-space hmenke ]; - }; -} diff --git a/Biz/Cloud/Git.nix b/Biz/Cloud/Git.nix index 3ef4530..bc97d23 100644 --- a/Biz/Cloud/Git.nix +++ b/Biz/Cloud/Git.nix @@ -6,6 +6,25 @@ let ports = import ./Ports.nix; in { services = { + cgit.cloud = { + enable = true; + nginx.location = "/git"; + nginx.virtualHost = "/git"; + scanPath = "/var/git/repositories"; + settings = { + strict-export = "git-daemon-export-ok"; + css = "/git/cgit.css"; + logo = "/git/cgit.png"; + root-title = "ben's git repos"; + root-desc = "building"; + enable-git-config = 1; + clone-url = lib.strings.concatStringsSep " " [ + "https://$HTTP_HOST/git/$CGIT_REPO_URL" + "git://$HTTP_HOST/$CGIT_REPO_URL" + "git@$HTTP_HOST:$CGIT_REPO_URL" + ]; + }; + }; gitolite = { enable = true; enableGitAnnex = true; @@ -33,29 +52,6 @@ in { user = "gitDaemon"; group = "gitDaemon"; }; - nginx.virtualHosts.${domain}.cgit = { - enable = true; - location = "/git"; - allowCrawlers = false; - virtual-root = "/git"; - css = "/git/cgit.css"; - logo = "/git/cgit.png"; - root-title = "ben's git repos"; - root-desc = "building"; - enable-git-config = 1; - clone-url = lib.strings.concatStringsSep " " [ - "https://$HTTP_HOST/git/$CGIT_REPO_URL" - "git://$HTTP_HOST/$CGIT_REPO_URL" - "git@$HTTP_HOST:$CGIT_REPO_URL" - ]; - include = [ - # these depend on order, scan-path must come last - (builtins.toFile "cgitrc" '' - strict-export=git-daemon-export-ok - scan-path=${root}/repositories - '') - ]; - }; gerrit = { enable = false; builtinPlugins = [ |