{ config, pkgs, ... }: let domain = "git.${config.customOps.domain.fqdn}"; cgitPatched = pkgs.fetchpatch2 { url = "https://git.zx2c4.com/cgit/patch/?id=601ba0f25d6d9df488a5a37c7877818ac47966b0"; sha256 = "sha256-yW54g40Bj2QxUwj4KZUjHMT1JGvVKW7o16NM83XDqsQ="; }; in { programs.git = { enable = true; lfs.enable = true; config = { init = { defaultBranch = "main"; }; }; }; services.gitolite = { enable = true; user = "git"; group = "git"; adminPubkey = config.customOps.owner.pubkey; extraGitoliteRc = '' %RC = ( UMASK => 0027, GIT_CONFIG_KEYS => '.*', LOG_EXTRA => 1, ROLES => { READERS => 1, WRITERS => 1, }, ENABLE => [ 'help', 'desc', 'info', 'perms', 'writable', 'ssh-authkeys', 'git-config', 'daemon', 'gitweb', ], ); ''; }; services.cgit.${domain} = { enable = true; package = pkgs.cgit.overrideAttrs (old: { patches = (old.patches or []) ++ [cgitPatched]; }); user = "git"; group = "git"; gitHttpBackend = { enable = true; checkExportOkFiles = true; }; scanPath = "${config.services.gitolite.dataDir}/repositories"; settings = { root-title = domain; root-desc = "toufy's project repositories"; snapshots = "tar.gz zip"; clone-url = "https://${domain}/$CGIT_REPO_URL"; enable-index-owner = true; enable-index-links = true; remove-suffix = true; enable-blame = true; enable-commit-graph = true; enable-log-filecount = true; enable-log-linecount = true; strict-export = "git-daemon-export-ok"; branch-sort = "age"; virtual-root = "/"; enable-git-config = true; "mimetype.gif" = "image/gif"; "mimetype.html" = "text/html"; "mimetype.jpg" = "image/jpeg"; "mimetype.jpeg" = "image/jpeg"; "mimetype.pdf" = "application/pdf"; "mimetype.png" = "image/png"; "mimetype.svg" = "image/svg+xml"; readme = ":README.md"; project-list = "${config.services.gitolite.dataDir}/projects.list"; }; }; services.nginx.virtualHosts.${domain} = { forceSSL = true; enableACME = true; }; }