fcfd097e65
on whitby, cgit runs as the gerrit user to get access to serving gerrit's repositories directly. on other machines (e.g. sanduny) this isn't necessary, as we have a world-readable depot replica. Change-Id: Ibf7e7cc08e5909e0fa182e561ab0cb472188edcb Reviewed-on: https://cl.tvl.fyi/c/depot/+/5932 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
55 lines
1.2 KiB
Nix
55 lines
1.2 KiB
Nix
# Configuration for running the TVL cgit instance using thttpd.
|
|
{ config, depot, lib, pkgs, ... }:
|
|
|
|
let
|
|
cfg = config.services.depot.cgit;
|
|
|
|
userConfig =
|
|
if builtins.isNull cfg.user then {
|
|
DynamicUser = true;
|
|
} else {
|
|
User = cfg.user;
|
|
Group = cfg.user;
|
|
};
|
|
in
|
|
{
|
|
options.services.depot.cgit = with lib; {
|
|
enable = mkEnableOption "Run cgit web interface for depot";
|
|
|
|
port = mkOption {
|
|
description = "Port on which cgit should listen";
|
|
type = types.int;
|
|
default = 2448;
|
|
};
|
|
|
|
repo = mkOption {
|
|
description = "Path to depot's .git folder on the machine";
|
|
type = types.str;
|
|
default = "/var/lib/gerrit/git/depot.git/";
|
|
};
|
|
|
|
user = mkOption {
|
|
description = ''
|
|
User to use for the cgit service. It is expected that this is
|
|
also the name of the user's primary group.
|
|
'';
|
|
|
|
type = with types; nullOr str;
|
|
default = null;
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
systemd.services.cgit = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
serviceConfig = {
|
|
Restart = "on-failure";
|
|
|
|
ExecStart = depot.web.cgit-tvl.override {
|
|
inherit (cfg) port repo;
|
|
};
|
|
} // userConfig;
|
|
};
|
|
};
|
|
}
|