5 files changed,
49 insertions(+),
19 deletions(-)
Author:
Oleksandr Smirnov
olexsmir@gmail.com
Committed at:
2026-02-18 00:03:19 +0200
Authored at:
2026-02-12 23:53:03 +0200
Parent:
4871b57
M
nix/flake.lock
··· 261 261 ] 262 262 }, 263 263 "locked": { 264 - "lastModified": 1770404159, 265 - "narHash": "sha256-jeHLWDhT8GAgmdTLyveDwgwQM8W5VDRSQo78eCp5N/Q=", 264 + "lastModified": 1770934049, 265 + "narHash": "sha256-K/FIuS/yj+ZHWnjia2g3hQV8BzBBu+MsoMmFiqBA478=", 266 266 "owner": "olexsmir", 267 267 "repo": "mugit", 268 - "rev": "e6fe8220d1822f3b98bb22da5ef766ed759309d0", 268 + "rev": "cce3826a6adee0abf65f5a7878cfa484972a84ae", 269 269 "type": "github" 270 270 }, 271 271 "original": {
M
nix/modules/mugit.nix
··· 1 -{ ... }: 1 +{ config, ... }: 2 2 { 3 3 services.caddy.virtualHosts."git.olexsmir.xyz".extraConfig = '' 4 4 reverse_proxy localhost:8008 5 5 ''; 6 6 7 - networking.firewall.allowedTCPPorts = [ 22 ]; 7 + age.secrets.github_token = { 8 + file = ../secrets/github_token.age; 9 + owner = "mugit"; 10 + group = "mugit"; 11 + }; 12 + 13 + age.secrets.mugit_host = { 14 + file = ../secrets/mugit_host.age; 15 + owner = "mugit"; 16 + group = "mugit"; 17 + }; 18 + 8 19 services.mugit = { 9 20 enable = true; 10 21 openFirewall = true; 11 22 config = { 12 23 server.port = 8008; 24 + repo.dir = "/var/lib/mugit/"; 13 25 meta = { 14 26 description = "hey kid, come get your free software"; 15 27 title = "git.olexsmir.xyz"; ··· 18 30 ssh = { 19 31 enable = true; 20 32 port = 22; 21 - host_key = "/var/lib/mugit/mugit-key"; 33 + host_key = config.age.secrets.mugit_host.path; 22 34 keys = [ 23 35 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLLJdkVYKZgsayw+sHanKPKZbI0RMS2CakqBCEi5Trz" 24 36 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMPQ0Qz0DFB+rGrD8ScUqbUTZ1/O8FHrOBF5bIAGQgMj" 25 37 ]; 26 38 }; 27 - repo = { 28 - dir = "/var/lib/mugit/"; 29 - readmes = [ 30 - "README.md" 31 - "readme" 32 - "readme.txt" 33 - ]; 34 - masters = [ 35 - "master" 36 - "main" 37 - ]; 38 - }; 39 39 mirror = { 40 40 enable = true; 41 - interval = "8h"; 41 + interval = "6h"; 42 + github_token = "$file:" + config.age.secrets.github_token.path; 42 43 }; 43 44 }; 44 45 };
A
nix/secrets/github_token.age
··· 1 +-----BEGIN AGE ENCRYPTED FILE----- 2 +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6a3czUlpIWHc0MjY3SFdY 3 +S0hOZTJMc0hjTDl6UUxpc2QzOExmZlVWYUdRCm1rSTV4MmxNeEN6WnVwU1h3d3pk 4 +d2dsenhtTzNtQy9BdG5idDQzajk3blkKLT4gc3NoLWVkMjU1MTkgamdqdlV3IHQz 5 +L2syKzNVamhmZTZESEdLSXFCQ1Z1WGZmdlIxd2dRSmdSZUZiWHg3MFEKaEJiYUxu 6 +dEFCVktCcVhPbFk1aFNsUXVtK3djMTZ0QWZWbVlpUGFXQzhwQQotLS0gazlESEkz 7 +Rk9yM0gxNmwzRlR5M2xhNE40MjhycmlLWkZRMnBaTm1aTUJGSQr1sD6C6Hji6bWM 8 +ghNJzoPoZoJP72Zc6ESPnjPpa8AShx9BZyXJ0PaotWXY6hETM9oa+G45KXaMQnpM 9 +E64f06EwUam+F3fLsnz/ 10 +-----END AGE ENCRYPTED FILE-----
A
nix/secrets/mugit_host.age
··· 1 +-----BEGIN AGE ENCRYPTED FILE----- 2 +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCS0dUUU0rU0NJQWlRK1Zu 3 +RXRjSXZ6cktTcUpPOWthZHpVVy9FNkEwTDBFCjN0SnNqZUN5Y21JbG14ZGM1dEcz 4 +M3hCSjRhWXozVmZ1b1RMeGRpVGpqcFEKLT4gc3NoLWVkMjU1MTkgamdqdlV3IGVS 5 +WE04WkpQTGZjRlNpcERDSG9PY2RlVnpDbTBkcGFuYUl2VXNFdytlbjQKQm9zOXpu 6 +dlp4cUQzelkxYW1ydFNhSitrOGRXbjJTejR6cTNjd0dzaG90UQotLS0gdGxudFhm 7 +dzlWOTNRdWczMERzOTg5cE9TdmZleHlOcDRIZTdTT1U3WHdMbwo4KG4BZ56tdonj 8 +E+gaQusXsctkbU4E275qhqNb6N8hlvSUCyR1Ri2taICfrXIgo6fXBvG4ErzAgJjM 9 +8C3+pbTm6pa4Y1r9zcQVU9CUH5WRhwYyft7IJg8LfGTcxPrFpcJqNR9X04EGNHnk 10 +F2et1+sKdifC/CZL5V/Ggj7niDYks8AghzVWJgB+a7XeoZrfQyS8+q6AXq7jG/pp 11 +qpzf5uDotCPmBOqkE8u3hDJfv5abAP6mnhIHs9Jt5/uB5v3VKrgODv92wP7kd67l 12 +ORS8EBBleVev5Kaw2yrYrY+eO64uXZAtCykO+KIt7rs9+yakQjQ0s3CL3jFAADQI 13 ++j63e5zvXDMugJFbB6bSNx2ycoayFboqu2jE3KDarkzx8Pnwtl2QKkLPM6rEkRBx 14 +Sa+E7MRGS63MRPjjCYrhbaCQNTIv24iZ5HFdTKFZHJYrQHd+avGhLY7ayQkhvVQi 15 +lCph00RZLXp5T5Ei/k5mgsMdzTDCPpqwRNqt1OJpXu+38gl6G70ywtEiTOhPEOwp 16 +9dnIiFhED3Y+y+GG3LmsOz1IpwRLyCq1CE84miUFHyjVcvHqQA== 17 +-----END AGE ENCRYPTED FILE-----