aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorWojtek Kosior <koszko@koszko.org>2022-12-10 20:48:57 +0100
committerWojtek Kosior <koszko@koszko.org>2022-12-10 20:48:57 +0100
commit70018fdd7ab23047a97196cb0e6f2d5b2079ff5e (patch)
treea17bdf961dcbe7ea84783b3f6858bc536933920b
parent9167ab3e7961164aa2bb580be5ca6f2aa822e61b (diff)
downloadkoszko-org-server-70018fdd7ab23047a97196cb0e6f2d5b2079ff5e.tar.gz
koszko-org-server-70018fdd7ab23047a97196cb0e6f2d5b2079ff5e.zip
add git.koszko.org virtualhost
-rw-r--r--Makefile8
-rw-r--r--container.scm131
-rwxr-xr-xguix-container.sh3
-rw-r--r--hosts-extra4
4 files changed, 135 insertions, 11 deletions
diff --git a/Makefile b/Makefile
index 25558e3..27034d7 100644
--- a/Makefile
+++ b/Makefile
@@ -69,6 +69,7 @@ sample-malcontent:
HYDRILLA_WEBSITE_ETC_DIR = $(TEST_ROOT_DIR)/etc/guix-container/hydrilla-website
MALCONTENT_DIR = $(TEST_ROOT_DIR)/var/lib/hydrilla/malcontent_dirs
+GITOLITE_DIR = $(TEST_ROOT_DIR)/var/lib/gitolite3
prepare-test-root: sample-malcontent
rm -rf $(TEST_ROOT_DIR)
@@ -94,6 +95,13 @@ prepare-test-root: sample-malcontent
mkdir -p $(MALCONTENT_DIR)/api_v2
ln -sf api_v2 $(MALCONTENT_DIR)/api_v1
cp -r $</* $(MALCONTENT_DIR)/api_v2/
+ @# Prepare replacement `/var/lib/gitolite3`
+ mkdir -p $(GITOLITE_DIR)/repositories
+ git clone --bare ./subrepos/sheets-websites/ \
+ $(GITOLITE_DIR)/repositories/sheets-websites.git
+ printf "sheets-websites.git\n" > $(GITOLITE_DIR)/projects.list
+ chmod -R o-rwx,g-w $(GITOLITE_DIR)
+ chgrp -R 118 $(GITOLITE_DIR)
GUIX_CONTAINER_FLAGS = -e ./container-runner -p ./pidfile -r $(TEST_ROOT_DIR)
diff --git a/container.scm b/container.scm
index 6f389be..2b1aa81 100644
--- a/container.scm
+++ b/container.scm
@@ -19,6 +19,7 @@
(guix modules))
(use-package-modules web)
(use-package-modules python)
+(use-package-modules version-control)
(use-service-modules web)
(use-service-modules shepherd)
@@ -42,7 +43,7 @@
arg))
((? symbol?)
(httpd-conf-token (symbol->string arg)))
- ((? gexp?)
+ (_
#~(let ((gexp-value #$arg))
(if (string-contains gexp-value " ")
(format #f "~s" gexp-value)
@@ -102,6 +103,94 @@
(define %koszkonutek-tmp-virtualhost
(koszko-httpd-virtualhost-redirect "koszkonutek-tmp.pl.eu.org" "koszko.org"))
+(define %cgitrc-text
+ (g-string-join
+ `("css=/cgit-static/cgit.css"
+ "logo=/cgit-static/cgit.png"
+ "favicon=/cgit-static/favicon.ico"
+
+ ,(g-string-append "source-filter="
+ cgit "/lib/cgit/filters/syntax-highlighting.sh")
+ "snapshots=tar.gz zip"
+ "project-list=/var/lib/gitolite3/projects.list"
+ "remove-suffix=1"
+ "virtual-root=/"
+
+ "enable-index-links=1"
+ "enable-index-owner=0"
+ "footer=/var/lib/gitolite3/cgit-footer"
+ "max-blob-size=100"
+ "root-desc=repositories of Wojtek"
+
+ "mimetype.gif=image/gif"
+ "mimetype.html=text/html"
+ "mimetype.jpg=image/jpeg"
+ "mimetype.jpeg=image/jpeg"
+ "mimetype.pdf=application/pdf"
+ "mimetype.png=image/png"
+ "mimetype.svg=image/svg+xml"
+
+ ,(g-string-append "about-filter="
+ cgit "/lib/cgit/filters/about-formatting.sh")
+
+ ,@(apply append
+ (map (lambda (file-name)
+ (map (lambda (suffix)
+ (string-append "readme=" file-name suffix))
+ '(".md" ".mkd" ".rst" ".html" ".htm" ".txt" "")))
+ '("readme" "README" "install" "INSTALL")))
+
+ "scan-path=/var/lib/gitolite3/repositories")
+ "\n"))
+
+(define %cgitrc-file
+ (computed-file "cgitrc"
+ #~(with-output-to-file #$output
+ (lambda () (display #$%cgitrc-text)))))
+
+(define %git-virtualhost
+ (httpd-virtualhost
+ "*:80"
+ `(,@(koszko-httpd-server-meta "git.koszko.org")
+
+ ,(koszko-httpd-redirect-if-other-host "git.koszko.org")
+
+ ;; Hachette got renamed to "Haketilo", repo moved
+ ,(httpd-directive
+ 'Redirect 'permanent "/hachette-fixes-demo" "/haketilo-fixes-demo")
+
+ ;; Make HTTP clone happen through git-core instead of through CGit. CGit
+ ;; only supports old HTTP "dumb" cloning protocol while we want the new
+ ;; "smart" protocol.
+ ,(httpd-tag 'Directory (list (g-package-file git "/libexec/git-core"))
+ (httpd-directive 'Require 'all 'granted)
+ (httpd-directive
+ 'SetEnv "GIT_PROJECT_ROOT" "/var/lib/gitolite3/repositories")
+ (httpd-directive
+ 'SetEnv "GIT_HTTP_EXPORT_ALL"))
+
+ ,(httpd-directive
+ 'ScriptAliasMatch
+ "^/(.*/(HEAD|info/refs|objects/info/[^/]+|git-upload-pack))$"
+ (g-package-file git "/libexec/git-core/git-http-backend/$1"))
+
+ ;; Once all git-http-backend paths got handled, handle CGit ones.
+ ,(httpd-directive
+ 'Alias "/cgit-static" (g-package-file cgit "/share/cgit"))
+
+ ,(httpd-directive
+ 'SetEnv "CGIT_CONFIG" %cgitrc-file)
+
+ ,(httpd-directive
+ 'ScriptAlias "/" (g-package-file cgit "/lib/cgit/cgit.cgi/"))
+
+ ,(httpd-tag 'Directory (list (g-package-file cgit "/lib/cgit/"))
+ (httpd-directive 'Options '+ExecCGI)))))
+
+(define %git-koszkonutek-tmp-virtualhost
+ (koszko-httpd-virtualhost-redirect "git.koszkonutek-tmp.pl.eu.org"
+ "git.koszko.org"))
+
(define %sheets-virtualhosts
(map
(lambda (name)
@@ -213,6 +302,11 @@
,(httpd-directive 'Options '+Indexes))))
+(define %cgid-module
+ (httpd-module
+ (name "cgid_module")
+ (file (file-append httpd "/modules/mod_cgid.so"))))
+
(define %wsgi-module
(httpd-module
(name "wsgi_module")
@@ -243,7 +337,8 @@
(httpd-config-file
(server-name "koszko.org")
(error-log "/var/log/httpd/error.log")
- (modules `(,%wsgi-module
+ (modules `(,%cgid-module
+ ,%wsgi-module
,@%proxy-http-modules
,%logio-module
,@%default-httpd-modules))
@@ -251,19 +346,31 @@
(list
(string-join `("LogFormat" ,%logformat-combined "combined")) "\n"
"CustomLog /var/log/httpd/access.log combined" "\n"
- )))))))
+ "ScriptSock /var/run/cgid.sock" "\n")))))))
(operating-system
(host-name "koszko")
(timezone "Europe/Warsaw")
- (groups (cons* (user-group
- ;; The `httpd` group must have an explicit id so that the host
- ;; can provide files that are readable by Apache and not
- ;; readable by the world.
- (name "httpd")
- (id 133)
- (system? #t))
- %base-groups))
+ (groups (cons*
+ ;; The `httpd` and `gitolite3` groups must have explicit ids so that
+ ;; the host can provide files that are readable by Apache and not
+ ;; readable by the world.
+ (user-group
+ (name "httpd")
+ (id 133)
+ (system? #t))
+ (user-group
+ (name "gitolite3")
+ (id 118)
+ (system? #t))
+ %base-groups))
+ (users (cons*
+ (user-account
+ (name "httpd")
+ (group "httpd")
+ (supplementary-groups '("gitolite3"))
+ (system? #t))
+ %base-user-accounts))
(file-systems (cons (file-system
(device (file-system-label "does-not-matter"))
(mount-point "/")
@@ -277,6 +384,8 @@
(simple-service 'koszko-org-website httpd-service-type
`(,%koszko-org-virtualhost
,%koszkonutek-tmp-virtualhost
+ ,%git-virtualhost
+ ,%git-koszkonutek-tmp-virtualhost
,@%sheets-virtualhosts
,%hydrillabugs-virtualhost
,%hachettebugs-virtualhost
diff --git a/guix-container.sh b/guix-container.sh
index 4134c29..265691c 100755
--- a/guix-container.sh
+++ b/guix-container.sh
@@ -87,6 +87,7 @@ start() {
LOG_REAL="$LOG_DIR"/container
ETC_REAL="$HOST_SYSTEM_ROOT"/etc/guix-container
VAR_HYDRILLA_REAL="$HOST_SYSTEM_ROOT"/var/lib/hydrilla
+ VAR_GITOLITE_REAL="$HOST_SYSTEM_ROOT"/var/lib/gitolite3
KOSZKO_SIDELOAD_DIR_SHARE_OPT=--share="$KOSZKO_SIDELOAD_REAL"=/srv/http/koszko.org
HYDRILLA_HTTP_DIR_SHARE_OPT=--share="$HYDRILLA_HTTP_REAL"=/srv/http/hydrilla.koszko.org
@@ -94,6 +95,7 @@ start() {
LOG_DIR_SHARE_OPT=--share="$LOG_REAL"=/var/log
ETC_DIR_SHARE_OPT=--share="$ETC_REAL"=/etc
VAR_HYDRILLA_DIR_SHARE_OPT=--share="$VAR_HYDRILLA_REAL"=/var/lib/hydrilla
+ VAR_GITOLITE_DIR_SHARE_OPT=--share="$VAR_GITOLITE_REAL"=/var/lib/gitolite3
mkdir --mode=700 -p "$LOG_DIR"
mkdir --mode=700 -p "$LOG_DIR"/container
@@ -104,6 +106,7 @@ start() {
"$LOG_DIR_SHARE_OPT" \
"$ETC_DIR_SHARE_OPT" \
"$VAR_HYDRILLA_DIR_SHARE_OPT" \
+ "$VAR_GITOLITE_DIR_SHARE_OPT" \
>> "$LOG_DIR"/stdout.log 2>> "$LOG_DIR"/stderr.log &
GUILE_PID=$!
diff --git a/hosts-extra b/hosts-extra
index d15d1e4..c049147 100644
--- a/hosts-extra
+++ b/hosts-extra
@@ -8,6 +8,10 @@
10.207.87.2 www.koszko.org
10.207.87.2 koszkonutek-tmp.pl.eu.org
10.207.87.2 www.koszkonutek-tmp.pl.eu.org
+10.207.87.2 git.koszko.org
+10.207.87.2 www.git.koszko.org
+10.207.87.2 git.koszkonutek-tmp.pl.eu.org
+10.207.87.2 www.git.koszkonutek-tmp.pl.eu.org
10.207.87.2 pray.koszko.org
10.207.87.2 www.pray.koszko.org
10.207.87.2 sheets.koszko.org