Use cgit instead

1 files changed, 25 insertions, 21 deletions

diff --git a/server/server.nix b/server/server.nix
index 956bf5c..f751083 100644
--- a/server/server.nix
+++ b/server/server.nix
@@ -14,8 +14,10 @@
 
   users.users.git = {
     isNormalUser = true;
+    group = "git";
     home = "/var/git";
     createHome = true;
+    homeMode = "750";
     description = "Git repository hosting user";
     packages = [ pkgs.git ];
     openssh.authorizedKeys.keys = [
@@ -23,6 +25,15 @@
     ];
   };
 
+  users.groups.git = {
+    members = [ "cgit" ];
+  };
+
+  systemd.tmpfiles.rules = [
+    "d /var/git 0750 git git -"
+    "Z /var/git - git git -"
+  ];
+
   sops = {
     defaultSopsFile = ./secrets/secrets.yaml;
     defaultSopsFormat = "yaml";
@@ -40,26 +51,25 @@
     ];
   };
 
-  services.gitweb = {
-    projectroot = "/var/git";
-    extraConfig = ''
-      $site_name = "jake's git host";
-      $feature{'highlight'}{'default'} = [1];
-      $projects_list_description_width = 50;
-    '';
+  services.cgit.main = {
+    enable = true;
+
+    nginx.virtualHost = "git.jakezerrer.com";
+    nginx.location = "/";
+
+    scanPath = "/var/git";
+
+    settings = {
+      root-title = "jake's git host";
+      enable-git-config = true;
+      source-filter = "${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py";
+      enable-index-owner = false;
+    };
   };
 
   services.nginx = {
     enable = true;
 
-    gitweb = {
-      enable = true;
-      location = "";
-      virtualHost = "git.jakezerrer.com";
-      user = "git";
-      group = "nginx";
-    };
-
     virtualHosts."git.jakezerrer.com" = {
       enableACME = true;
       forceSSL = true;
@@ -70,10 +80,4 @@
     acceptTerms = true;
     defaults.email = "him@jakezerrer.com";
   };
-
-  systemd.services.gitweb = {
-    serviceConfig = {
-      UMask = "0007";
-    };
-  };
 }