From f56d0691ce292ba7dea1001dc00b7873fc2d112b Mon Sep 17 00:00:00 2001
From: David Wagner <wagdav@gmail.com>
Date: Fri, 9 Feb 2024 18:12:23 +0100
Subject: [PATCH] git: switch to an SSH-based git server and cgit

Drop gitolite and gitweb.

Reference: https://git-scm.com/book/en/v2/Git-on-the-Server-Setting-Up-the-Server
---
 modules/git.nix                       | 60 +++++++++++----------------
 modules/grafana/dashboards/nixos.json |  2 +-
 2 files changed, 25 insertions(+), 37 deletions(-)

diff --git a/modules/git.nix b/modules/git.nix
index 7b0b0ee..90ac836 100644
--- a/modules/git.nix
+++ b/modules/git.nix
@@ -1,53 +1,41 @@
-{ config, ... }:
+{ config, pkgs, ... }:
 let
-  user = "git";
-  group = "gitolite";
   httpPort = 8022;
 
 in
 {
   imports = [ ./consul-catalog.nix ];
 
-  services = {
-    gitolite = {
-      enable = true;
-      adminPubkey = builtins.head (import ./keys.nix).dwagner;
-
-      inherit user group;
-    };
-
-    gitweb = {
-      projectroot = "${config.services.gitolite.dataDir}/repositories";
-    };
+  users.users.git = {
+    isNormalUser = true;
+    shell = "${pkgs.git}/bin/git-shell";
+    openssh.authorizedKeys.keys = (import ./keys.nix).dwagner;
+  };
 
-    nginx = {
+  services = {
+    cgit.git = {
       enable = true;
-
-      recommendedOptimisation = true;
-      recommendedGzipSettings = true;
-      recommendedProxySettings = true;
-
-      virtualHosts."_".listen = [
-        {
-          addr = "0.0.0.0";
-          port = httpPort;
-        }
-        {
-          addr = "[::]";
-          port = httpPort;
-        }
-      ];
-
-      gitweb = {
-        enable = true;
-        inherit group;
-        location = "";
+      scanPath = "/srv/git";
+      settings = {
+        enable-git-config = true;
+        clone-url = "git@nuc:/srv/git/$CGIT_REPO_URL";
       };
     };
 
+    nginx.virtualHosts.git.listen = [
+      {
+        addr = "0.0.0.0";
+        port = httpPort;
+      }
+      {
+        addr = "[::]";
+        port = httpPort;
+      }
+    ];
+
     consul.catalog = [
       {
-        name = "gitweb";
+        name = "cgit";
         port = httpPort;
         tags = (import ./lib/traefik.nix).tagsForHost "git";
       }
diff --git a/modules/grafana/dashboards/nixos.json b/modules/grafana/dashboards/nixos.json
index e43970f..778c133 100644
--- a/modules/grafana/dashboards/nixos.json
+++ b/modules/grafana/dashboards/nixos.json
@@ -56,7 +56,7 @@
           "showLineNumbers": false,
           "showMiniMap": false
         },
-        "content": "* [Alertmanager](http://nuc:9093)\n* [Grafana](http://nuc:3000)\n* [Gitolite](http://nuc:8022)\n* [Node Exporter (nuc)](http://nuc:9100)\n* [Ntfy (nuc)](http://nuc:8080)\n* [Prometheus](http://nuc:9090)",
+        "content": "* [Alertmanager](http://nuc:9093)\n* [Grafana](http://nuc:3000)\n* [Git](http://nuc:8022)\n* [Node Exporter (nuc)](http://nuc:9100)\n* [Ntfy (nuc)](http://nuc:8080)\n* [Prometheus](http://nuc:9090)",
         "mode": "markdown"
       },
       "pluginVersion": "9.4.9",