78 lines
1.8 KiB
Nix
78 lines
1.8 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
let
|
|
gitblitWar = pkgs.fetchurl {
|
|
url = "http://dl.bintray.com/gitblit/releases/gitblit-1.6.2.war";
|
|
sha256 = "01gqarpwqbx1ix5zycfxw4172q5l8hhxvb7f92y3lz8l6x42l7i9";
|
|
};
|
|
|
|
gitHome = "/srv/git.gebner.org";
|
|
in
|
|
{
|
|
containers.gitblit = {
|
|
config = { config, pkgs, ... }: {
|
|
users.extraUsers.git = { home = gitHome; extraGroups = [ "git" ]; };
|
|
users.extraGroups.git = { };
|
|
|
|
systemd.services.createGitDir = {
|
|
wantedBy = [ "winstone-gitblit.service" ];
|
|
serviceConfig.Type = "oneshot";
|
|
script = ''
|
|
mkdir -p ${gitHome}
|
|
chown git:git -R ${gitHome}
|
|
'';
|
|
};
|
|
|
|
services.winstone.gitblit = {
|
|
user = "git";
|
|
group = "git";
|
|
warFile = "${gitblitWar}";
|
|
extraJavaOptions = [ "-DGITBLIT_HOME=${gitHome}" ];
|
|
};
|
|
};
|
|
|
|
privateNetwork = true;
|
|
hostAddress = "192.168.100.10";
|
|
localAddress = "192.168.101.10";
|
|
};
|
|
|
|
services.nginx.appendConfig = ''
|
|
http {
|
|
server {
|
|
listen [::]:80;
|
|
listen 80;
|
|
server_name git.gebner.org;
|
|
|
|
rewrite ^(.*) https://$host$1 permanent;
|
|
}
|
|
|
|
server {
|
|
listen [::]:443;
|
|
listen 443;
|
|
server_name git.gebner.org;
|
|
|
|
ssl on;
|
|
ssl_certificate_key /var/lib/acme/gebner.org/mastus.key;
|
|
ssl_certificate /var/lib/acme/gebner.org/git.cert;
|
|
|
|
location / {
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
proxy_set_header X-Forwarded-Server $host;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header Host $http_host;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_pass http://gitblit;
|
|
client_max_body_size 30M;
|
|
break;
|
|
}
|
|
}
|
|
|
|
upstream gitblit {
|
|
server 192.168.100.10:8080;
|
|
}
|
|
}
|
|
'';
|
|
}
|