--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ cfg = config.myServices.gitolite;
+in {
+ options.myServices.gitolite = {
+ enable = lib.mkEnableOption "my gitolite service";
+ gitoliteDir = lib.mkOption {
+ type = lib.types.string;
+ default = "/var/lib/gitolite";
+ };
+ };
+
+ config = lib.mkIf cfg.enable {
+ networking.firewall.allowedTCPPorts = [ 9418 ];
+
+ services.gitDaemon = {
+ enable = true;
+ user = "gitolite";
+ group = "gitolite";
+ basePath = "${cfg.gitoliteDir}/repositories";
+ };
+
+ system.activationScripts.gitolite = let
+ gitolite_ldap_groups = pkgs.mylibs.wrap {
+ name = "gitolite_ldap_groups.sh";
+ file = ./gitolite_ldap_groups.sh;
+ vars = {
+ LDAP_PASS = myconfig.env.tools.gitolite.ldap.password;
+ };
+ paths = [ pkgs.openldap pkgs.stdenv.shellPackage pkgs.gnugrep pkgs.coreutils ];
+ };
+ in {
+ deps = [ "users" ];
+ text = ''
+ if [ -d ${cfg.gitoliteDir} ]; then
+ ln -sf ${gitolite_ldap_groups} ${cfg.gitoliteDir}/gitolite_ldap_groups.sh
+ chmod g+rx ${cfg.gitoliteDir}
+ fi
+ if [ -f ${cfg.gitoliteDir}/projects.list ]; then
+ chmod g+r ${cfg.gitoliteDir}/projects.list
+ fi
+ '';
+ };
+
+ users.users.wwwrun.extraGroups = [ "gitolite" ];
+
+ users.users.gitolite.packages = let
+ python-packages = python-packages: with python-packages; [
+ simplejson
+ urllib3
+ sleekxmpp
+ ];
+ in
+ [
+ (pkgs.python3.withPackages python-packages)
+ ];
+ # Installation: https://git.immae.eu/mantisbt/view.php?id=93
+ services.gitolite = {
+ enable = true;
+ adminPubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDXqRbiHw7QoHADNIEuo4nUT9fSOIEBMdJZH0bkQAxXyJFyCM1IMz0pxsHV0wu9tdkkr36bPEUj2aV5bkYLBN6nxcV2Y49X8bjOSCPfx3n6Own1h+NeZVBj4ZByrFmqCbTxUJIZ2bZKcWOFncML39VmWdsVhNjg0X4NBBehqXRIKr2gt3E/ESAxTYJFm0BnU0baciw9cN0bsRGqvFgf5h2P48CIAfwhVcGmPQnnAwabnosYQzRWxR0OygH5Kd8mePh6FheIRIigfXsDO8f/jdxwut8buvNIf3m5EBr3tUbTsvM+eV3M5vKGt7sk8T64DVtepTSdOOWtp+47ktsnHOMh immae@immae.eu";
+ };
+ };
+}