diff options
| author | Wojtek Kosior <koszko@koszko.org> | 2022-12-10 20:48:57 +0100 |
|---|---|---|
| committer | Wojtek Kosior <koszko@koszko.org> | 2022-12-10 20:48:57 +0100 |
| commit | 70018fdd7ab23047a97196cb0e6f2d5b2079ff5e (patch) | |
| tree | a17bdf961dcbe7ea84783b3f6858bc536933920b /container.scm | |
| parent | 9167ab3e7961164aa2bb580be5ca6f2aa822e61b (diff) | |
| download | koszko-org-server-70018fdd7ab23047a97196cb0e6f2d5b2079ff5e.tar.gz koszko-org-server-70018fdd7ab23047a97196cb0e6f2d5b2079ff5e.zip | |
add git.koszko.org virtualhost
Diffstat (limited to 'container.scm')
| -rw-r--r-- | container.scm | 131 |
1 files changed, 120 insertions, 11 deletions
diff --git a/container.scm b/container.scm index 6f389be..2b1aa81 100644 --- a/container.scm +++ b/container.scm @@ -19,6 +19,7 @@ (guix modules)) (use-package-modules web) (use-package-modules python) +(use-package-modules version-control) (use-service-modules web) (use-service-modules shepherd) @@ -42,7 +43,7 @@ arg)) ((? symbol?) (httpd-conf-token (symbol->string arg))) - ((? gexp?) + (_ #~(let ((gexp-value #$arg)) (if (string-contains gexp-value " ") (format #f "~s" gexp-value) @@ -102,6 +103,94 @@ (define %koszkonutek-tmp-virtualhost (koszko-httpd-virtualhost-redirect "koszkonutek-tmp.pl.eu.org" "koszko.org")) +(define %cgitrc-text + (g-string-join + `("css=/cgit-static/cgit.css" + "logo=/cgit-static/cgit.png" + "favicon=/cgit-static/favicon.ico" + + ,(g-string-append "source-filter=" + cgit "/lib/cgit/filters/syntax-highlighting.sh") + "snapshots=tar.gz zip" + "project-list=/var/lib/gitolite3/projects.list" + "remove-suffix=1" + "virtual-root=/" + + "enable-index-links=1" + "enable-index-owner=0" + "footer=/var/lib/gitolite3/cgit-footer" + "max-blob-size=100" + "root-desc=repositories of Wojtek" + + "mimetype.gif=image/gif" + "mimetype.html=text/html" + "mimetype.jpg=image/jpeg" + "mimetype.jpeg=image/jpeg" + "mimetype.pdf=application/pdf" + "mimetype.png=image/png" + "mimetype.svg=image/svg+xml" + + ,(g-string-append "about-filter=" + cgit "/lib/cgit/filters/about-formatting.sh") + + ,@(apply append + (map (lambda (file-name) + (map (lambda (suffix) + (string-append "readme=" file-name suffix)) + '(".md" ".mkd" ".rst" ".html" ".htm" ".txt" ""))) + '("readme" "README" "install" "INSTALL"))) + + "scan-path=/var/lib/gitolite3/repositories") + "\n")) + +(define %cgitrc-file + (computed-file "cgitrc" + #~(with-output-to-file #$output + (lambda () (display #$%cgitrc-text))))) + +(define %git-virtualhost + (httpd-virtualhost + "*:80" + `(,@(koszko-httpd-server-meta "git.koszko.org") + + ,(koszko-httpd-redirect-if-other-host "git.koszko.org") + + ;; Hachette got renamed to "Haketilo", repo moved + ,(httpd-directive + 'Redirect 'permanent "/hachette-fixes-demo" "/haketilo-fixes-demo") + + ;; Make HTTP clone happen through git-core instead of through CGit. CGit + ;; only supports old HTTP "dumb" cloning protocol while we want the new + ;; "smart" protocol. + ,(httpd-tag 'Directory (list (g-package-file git "/libexec/git-core")) + (httpd-directive 'Require 'all 'granted) + (httpd-directive + 'SetEnv "GIT_PROJECT_ROOT" "/var/lib/gitolite3/repositories") + (httpd-directive + 'SetEnv "GIT_HTTP_EXPORT_ALL")) + + ,(httpd-directive + 'ScriptAliasMatch + "^/(.*/(HEAD|info/refs|objects/info/[^/]+|git-upload-pack))$" + (g-package-file git "/libexec/git-core/git-http-backend/$1")) + + ;; Once all git-http-backend paths got handled, handle CGit ones. + ,(httpd-directive + 'Alias "/cgit-static" (g-package-file cgit "/share/cgit")) + + ,(httpd-directive + 'SetEnv "CGIT_CONFIG" %cgitrc-file) + + ,(httpd-directive + 'ScriptAlias "/" (g-package-file cgit "/lib/cgit/cgit.cgi/")) + + ,(httpd-tag 'Directory (list (g-package-file cgit "/lib/cgit/")) + (httpd-directive 'Options '+ExecCGI))))) + +(define %git-koszkonutek-tmp-virtualhost + (koszko-httpd-virtualhost-redirect "git.koszkonutek-tmp.pl.eu.org" + "git.koszko.org")) + (define %sheets-virtualhosts (map (lambda (name) @@ -213,6 +302,11 @@ ,(httpd-directive 'Options '+Indexes)))) +(define %cgid-module + (httpd-module + (name "cgid_module") + (file (file-append httpd "/modules/mod_cgid.so")))) + (define %wsgi-module (httpd-module (name "wsgi_module") @@ -243,7 +337,8 @@ (httpd-config-file (server-name "koszko.org") (error-log "/var/log/httpd/error.log") - (modules `(,%wsgi-module + (modules `(,%cgid-module + ,%wsgi-module ,@%proxy-http-modules ,%logio-module ,@%default-httpd-modules)) @@ -251,19 +346,31 @@ (list (string-join `("LogFormat" ,%logformat-combined "combined")) "\n" "CustomLog /var/log/httpd/access.log combined" "\n" - ))))))) + "ScriptSock /var/run/cgid.sock" "\n"))))))) (operating-system (host-name "koszko") (timezone "Europe/Warsaw") - (groups (cons* (user-group - ;; The `httpd` group must have an explicit id so that the host - ;; can provide files that are readable by Apache and not - ;; readable by the world. - (name "httpd") - (id 133) - (system? #t)) - %base-groups)) + (groups (cons* + ;; The `httpd` and `gitolite3` groups must have explicit ids so that + ;; the host can provide files that are readable by Apache and not + ;; readable by the world. + (user-group + (name "httpd") + (id 133) + (system? #t)) + (user-group + (name "gitolite3") + (id 118) + (system? #t)) + %base-groups)) + (users (cons* + (user-account + (name "httpd") + (group "httpd") + (supplementary-groups '("gitolite3")) + (system? #t)) + %base-user-accounts)) (file-systems (cons (file-system (device (file-system-label "does-not-matter")) (mount-point "/") @@ -277,6 +384,8 @@ (simple-service 'koszko-org-website httpd-service-type `(,%koszko-org-virtualhost ,%koszkonutek-tmp-virtualhost + ,%git-virtualhost + ,%git-koszkonutek-tmp-virtualhost ,@%sheets-virtualhosts ,%hydrillabugs-virtualhost ,%hachettebugs-virtualhost |