From: Dominik Kaiser Date: Sun, 16 Feb 2025 21:21:31 +0000 (+0100) Subject: Setup git-server on antares X-Git-Url: https://git.dkaiser.de/?a=commitdiff_plain;h=679e6dd2d7d3c64cf1c33be9565423a29a5acdc8;p=config%2Fnixos.git Setup git-server on antares --- diff --git a/hosts/antares/configuration.nix b/hosts/antares/configuration.nix index 494af51..5151125 100644 --- a/hosts/antares/configuration.nix +++ b/hosts/antares/configuration.nix @@ -22,6 +22,14 @@ PasswordAuthentication = false; PermitRootLogin = "no"; }; + extraConfig = '' + Match user git + AllowTcpForwarding no + AllowAgentForwarding no + PasswordAuthentication no + PermitTTY no + X11Forwarding no + ''; }; networking.hostName = "antares"; @@ -43,7 +51,13 @@ }; services.gitweb = { - projectroot = "/home/git"; + projectroot = "/srv/git"; + gitwebTheme = true; + extraConfig = '' + our $site_name = 'git.dkaiser.de'; + $omit_owner = true; + $projects_list_description_width = 25; + ''; }; services.nginx = { @@ -51,17 +65,13 @@ gitweb = { enable = true; - virtualHost = "dkaiser.de"; + location = ""; + virtualHost = "git.dkaiser.de"; }; recommendedGzipSettings = true; recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; - - virtualHosts = "dkaiser.de" = { - forceSSL = true; - enableACME = true; - }; }; environment.systemPackages = map lib.lowPrio [ @@ -79,13 +89,18 @@ ]; }; users.users.git = { - isNormalUser = true; + isSystemUser = true; description = "git"; - extraGroups = [ ]; + group = "git"; + home = "/srv/git"; + createHome = true; + shell = "${pkgs.git}/bin/git-shell"; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICtL2eG098LhkFPR4N5e44XMq60uvCUCOuKMYs5zjg6f" ]; }; + users.groups.git = {}; + system.stateVersion = "24.05"; }