diff --git a/mastus/gitblit.nix b/mastus/gitblit.nix deleted file mode 100644 index 9f79c30..0000000 --- a/mastus/gitblit.nix +++ /dev/null @@ -1,77 +0,0 @@ -{ config, pkgs, ... }: - -let - gitblitWar = pkgs.fetchurl { - url = "http://dl.bintray.com/gitblit/releases/gitblit-1.6.2.war"; - sha256 = "01gqarpwqbx1ix5zycfxw4172q5l8hhxvb7f92y3lz8l6x42l7i9"; - }; - - gitHome = "/srv/git.gebner.org"; -in -{ - containers.gitblit = { - config = { config, pkgs, ... }: { - users.extraUsers.git = { home = gitHome; extraGroups = [ "git" ]; }; - users.extraGroups.git = { }; - - systemd.services.createGitDir = { - wantedBy = [ "winstone-gitblit.service" ]; - serviceConfig.Type = "oneshot"; - script = '' - mkdir -p ${gitHome} - chown git:git -R ${gitHome} - ''; - }; - - services.winstone.gitblit = { - user = "git"; - group = "git"; - warFile = "${gitblitWar}"; - extraJavaOptions = [ "-DGITBLIT_HOME=${gitHome}" ]; - }; - }; - - privateNetwork = true; - hostAddress = "192.168.100.10"; - localAddress = "192.168.101.10"; - }; - - services.nginx.appendConfig = '' - http { - server { - listen [::]:80; - listen 80; - server_name git.gebner.org; - - rewrite ^(.*) https://$host$1 permanent; - } - - server { - listen [::]:443; - listen 443; - server_name git.gebner.org; - - ssl on; - ssl_certificate_key /var/lib/acme/gebner.org/mastus.key; - ssl_certificate /var/lib/acme/gebner.org/git.cert; - - location / { - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Server $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_redirect off; - proxy_buffering off; - proxy_pass http://gitblit; - client_max_body_size 30M; - break; - } - } - - upstream gitblit { - server 192.168.100.10:8080; - } - } - ''; -}