--- /dev/null
+{ lib, pkgs, config, myconfig, mylibs, ... }:
+let
+ cfg = config.services.myGitolite;
+in {
+ options.services.myGitolite = {
+ enable = lib.mkEnableOption "my gitolite service";
+ gitoliteDir = lib.mkOption {
+ type = lib.types.string;
+ default = "/var/lib/gitolite";
+ };
+ };
+
+ config = lib.mkIf cfg.enable {
+ nixpkgs.config.packageOverrides = oldpkgs: rec {
+ gitolite = oldpkgs.gitolite.overrideAttrs(old: rec {
+ name = "gitolite-${version}";
+ version = "3.6.10";
+ src = pkgs.fetchFromGitHub {
+ owner = "sitaramc";
+ repo = "gitolite";
+ rev = "v${version}";
+ sha256 = "0p2697mn6rwm03ndlv7q137zczai82n41aplq1g006ii7f12xy8h";
+ };
+ });
+ };
+
+ networking.firewall.allowedTCPPorts = [ 9418 ];
+
+ services.gitDaemon = {
+ enable = true;
+ user = "gitolite";
+ group = "gitolite";
+ basePath = "${cfg.gitoliteDir}/repositories";
+ };
+
+ system.activationScripts.gitolite = let
+ gitolite_ldap_groups = mylibs.wrap {
+ name = "gitolite_ldap_groups.sh";
+ file = ./gitolite_ldap_groups.sh;
+ vars = {
+ LDAP_PASS = myconfig.env.tools.gitolite.ldap.password;
+ };
+ paths = [ pkgs.openldap pkgs.stdenv.shellPackage pkgs.gnugrep pkgs.coreutils ];
+ };
+ in {
+ deps = [ "users" ];
+ text = ''
+ if [ -d ${cfg.gitoliteDir} ]; then
+ ln -sf ${gitolite_ldap_groups} ${cfg.gitoliteDir}/gitolite_ldap_groups.sh
+ chmod g+rx ${cfg.gitoliteDir}
+ fi
+ if [ -f ${cfg.gitoliteDir}/projects.list ]; then
+ chmod g+r ${cfg.gitoliteDir}/projects.list
+ fi
+ '';
+ };
+
+ users.users.wwwrun.extraGroups = [ "gitolite" ];
+
+ users.users.gitolite.packages = let
+ python-packages = python-packages: with python-packages; [
+ simplejson
+ urllib3
+ ];
+ in
+ [
+ (pkgs.python3.withPackages python-packages)
+ ];
+ # Installation: https://git.immae.eu/mantisbt/view.php?id=93
+ services.gitolite = {
+ enable = true;
+ adminPubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDXqRbiHw7QoHADNIEuo4nUT9fSOIEBMdJZH0bkQAxXyJFyCM1IMz0pxsHV0wu9tdkkr36bPEUj2aV5bkYLBN6nxcV2Y49X8bjOSCPfx3n6Own1h+NeZVBj4ZByrFmqCbTxUJIZ2bZKcWOFncML39VmWdsVhNjg0X4NBBehqXRIKr2gt3E/ESAxTYJFm0BnU0baciw9cN0bsRGqvFgf5h2P48CIAfwhVcGmPQnnAwabnosYQzRWxR0OygH5Kd8mePh6FheIRIigfXsDO8f/jdxwut8buvNIf3m5EBr3tUbTsvM+eV3M5vKGt7sk8T64DVtepTSdOOWtp+47ktsnHOMh immae@immae.eu";
+ };
+ };
+}