diff options
Diffstat (limited to 'modules/tv/git/default.nix')
-rw-r--r-- | modules/tv/git/default.nix | 33 |
1 files changed, 30 insertions, 3 deletions
diff --git a/modules/tv/git/default.nix b/modules/tv/git/default.nix index d264125dc..50e2f9206 100644 --- a/modules/tv/git/default.nix +++ b/modules/tv/git/default.nix @@ -2,8 +2,8 @@ let inherit (builtins) - attrNames attrValues concatLists filter hasAttr head lessThan removeAttrs - tail toJSON typeOf; + attrNames attrValues concatLists getAttr filter hasAttr head lessThan + removeAttrs tail toJSON typeOf; inherit (lib) concatMapStringsSep concatStringsSep escapeShellArg hasPrefix literalExample makeSearchPath mapAttrsToList mkIf mkOption optionalString @@ -16,6 +16,8 @@ let getName = x: x.name; + isPublicRepo = getAttr "public"; # TODO this is also in ./cgit.nix + makeAuthorizedKey = command-script: user@{ name, pubkey }: # TODO assert name # TODO assert pubkey @@ -78,12 +80,21 @@ in # (or kill already connected users somehow) { + imports = [ + ./cgit.nix + ]; + options.services.git = { enable = mkOption { type = types.bool; default = false; description = "Enable Git repository hosting."; }; + cgit = mkOption { + type = types.bool; + default = true; + description = "Enable cgit."; # TODO better desc; talk about nginx + }; dataDir = mkOption { type = types.str; default = "/var/lib/git"; @@ -99,6 +110,13 @@ in repos = mkOption { type = types.attrsOf (types.submodule ({ options = { + desc = mkOption { + type = types.nullOr types.str; + default = null; + description = '' + Repository description. + ''; + }; name = mkOption { type = types.str; description = '' @@ -111,6 +129,14 @@ in Repository-specific hooks. ''; }; + public = mkOption { + type = types.bool; + default = false; + description = '' + Allow everybody to read the repository via HTTP if cgit enabled. + ''; + # TODO allow every configured user to fetch the repository via SSH. + }; }; })); @@ -230,8 +256,9 @@ in '' reponame=${escapeShellArg repo.name} repodir=$dataDir/$reponame + mode=${toString (if isPublicRepo repo then 0711 else 0700)} if ! test -d "$repodir"; then - mkdir -m 0700 "$repodir" + mkdir -m "$mode" "$repodir" git init --bare --template=/var/empty "$repodir" chown -R git: "$repodir" fi |