blob: eb61a10bd3cafce306e905b20f6e5c32a2e57310 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
{ pkgs, lib, config, ... }:
let
root = "/var/git";
in {
services = {
gitolite = {
enable = true;
enableGitAnnex = true;
dataDir = root;
user = "git";
group = "git";
# the umask is necessary to give the git group read permissions, otherwise
# git-daemon et al can't access the repos
extraGitoliteRc = ''
$RC{SITE_INFO} = 'a computer is a bicycle for the mind.';
$RC{UMASK} = 0027;
'';
adminPubkey = lib.trivial.pipe ../Keys/Ben.pub [
builtins.readFile
(lib.strings.splitString "\n")
lib.lists.head
];
# TODO: this is broken
# commonHooks = [ ./git-hooks ];
};
gitDaemon = {
enable = true;
basePath = "${root}/repositories";
listenAddress = "simatime.com";
user = "gitDaemon";
group = "gitDaemon";
};
};
# need to specify that these users can access git files by being part of the
# git group
users.users = {
gitDaemon = {
isSystemUser = true;
description = "Git daemon user";
extraGroups = [ "git" ];
};
"nginx".extraGroups = [ "git" ];
};
users.groups = {
gitDaemon = {};
};
}
|