diff options
Diffstat (limited to 'virtual/eldiron.nix')
| -rw-r--r-- | virtual/eldiron.nix | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix index 292b31a..c8536c6 100644 --- a/virtual/eldiron.nix +++ b/virtual/eldiron.nix | |||
| @@ -91,6 +91,8 @@ | |||
| 91 | AuthorizedKeysCommandUser nobody | 91 | AuthorizedKeysCommandUser nobody |
| 92 | ''; | 92 | ''; |
| 93 | 93 | ||
| 94 | users.users.wwwrun.extraGroups = [ "gitolite" ]; | ||
| 95 | |||
| 94 | # FIXME: after initial install, need to | 96 | # FIXME: after initial install, need to |
| 95 | # (1) copy rc file (adjust gitolite_ldap_groups.sh) | 97 | # (1) copy rc file (adjust gitolite_ldap_groups.sh) |
| 96 | # (2) (mark old readonly and) sync repos except gitolite-admin | 98 | # (2) (mark old readonly and) sync repos except gitolite-admin |
| @@ -154,6 +156,10 @@ | |||
| 154 | text = '' | 156 | text = '' |
| 155 | if [ -d /var/lib/gitolite ]; then | 157 | if [ -d /var/lib/gitolite ]; then |
| 156 | ln -sf ${gitolite_ldap_groups} /var/lib/gitolite/gitolite_ldap_groups.sh | 158 | ln -sf ${gitolite_ldap_groups} /var/lib/gitolite/gitolite_ldap_groups.sh |
| 159 | chmod g+rx /var/lib/gitolite | ||
| 160 | fi | ||
| 161 | if [ -f /var/lib/gitolite/projects.list ]; then | ||
| 162 | chmod g+r /var/lib/gitolite/projects.list | ||
| 157 | fi | 163 | fi |
| 158 | ''; | 164 | ''; |
| 159 | }; | 165 | }; |
| @@ -245,6 +251,7 @@ | |||
| 245 | mypkgs.connexionswing_dev.apache.modules ++ | 251 | mypkgs.connexionswing_dev.apache.modules ++ |
| 246 | mypkgs.connexionswing_prod.apache.modules ++ | 252 | mypkgs.connexionswing_prod.apache.modules ++ |
| 247 | mypkgs.ympd.apache.modules ++ | 253 | mypkgs.ympd.apache.modules ++ |
| 254 | mypkgs.git.web.apache.modules ++ | ||
| 248 | pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++ | 255 | pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++ |
| 249 | [ "macro" ]); | 256 | [ "macro" ]); |
| 250 | extraConfig = builtins.concatStringsSep "\n" | 257 | extraConfig = builtins.concatStringsSep "\n" |
| @@ -292,6 +299,18 @@ | |||
| 292 | mypkgs.nextcloud.apache.vhostConf | 299 | mypkgs.nextcloud.apache.vhostConf |
| 293 | ]; | 300 | ]; |
| 294 | }) | 301 | }) |
| 302 | (withSSL "eldiron" // { | ||
| 303 | listen = [ { ip = "*"; port = 443; } ]; | ||
| 304 | hostName = "git.immae.eu"; | ||
| 305 | documentRoot = mypkgs.git.web.webRoot; | ||
| 306 | extraConfig = builtins.concatStringsSep "\n" [ | ||
| 307 | mypkgs.git.web.apache.vhostConf | ||
| 308 | ] + '' | ||
| 309 | RewriteEngine on | ||
| 310 | RewriteCond %{REQUEST_URI} ^/releases | ||
| 311 | RewriteRule /releases(.*) https://release.immae.eu$1 [P,L] | ||
| 312 | ''; | ||
| 313 | }) | ||
| 295 | { # Should go last, default fallback | 314 | { # Should go last, default fallback |
| 296 | listen = [ { ip = "*"; port = 80; } ]; | 315 | listen = [ { ip = "*"; port = 80; } ]; |
| 297 | hostName = "redirectSSL"; | 316 | hostName = "redirectSSL"; |