3 files changed,
98 insertions(+),
54 deletions(-)
Author:
Oleksandr Smirnov
olexsmir@gmail.com
Committed at:
2026-02-06 20:56:37 +0200
Parent:
f383433
jump to
| M | nix/flake.lock |
| M | nix/flake.nix |
| M | nix/modules/mugit.nix |
M
nix/flake.lock
··· 100 100 "systems": "systems_2" 101 101 }, 102 102 "locked": { 103 + "lastModified": 1731533236, 104 + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", 105 + "owner": "numtide", 106 + "repo": "flake-utils", 107 + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", 108 + "type": "github" 109 + }, 110 + "original": { 111 + "owner": "numtide", 112 + "repo": "flake-utils", 113 + "type": "github" 114 + } 115 + }, 116 + "flake-utils_2": { 117 + "inputs": { 118 + "systems": "systems_3" 119 + }, 120 + "locked": { 103 121 "lastModified": 1694529238, 104 122 "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", 105 123 "owner": "numtide", ··· 115 133 }, 116 134 "gomod2nix": { 117 135 "inputs": { 118 - "flake-utils": "flake-utils", 136 + "flake-utils": "flake-utils_2", 119 137 "nixpkgs": [ 120 138 "tangled", 121 139 "nixpkgs" ··· 235 253 "url": "https://github.com/lucide-icons/lucide/releases/download/0.536.0/lucide-icons-0.536.0.zip" 236 254 } 237 255 }, 256 + "mugit": { 257 + "inputs": { 258 + "flake-utils": "flake-utils", 259 + "nixpkgs": [ 260 + "nixpkgs" 261 + ] 262 + }, 263 + "locked": { 264 + "lastModified": 1770404159, 265 + "narHash": "sha256-jeHLWDhT8GAgmdTLyveDwgwQM8W5VDRSQo78eCp5N/Q=", 266 + "owner": "olexsmir", 267 + "repo": "mugit", 268 + "rev": "e6fe8220d1822f3b98bb22da5ef766ed759309d0", 269 + "type": "github" 270 + }, 271 + "original": { 272 + "owner": "olexsmir", 273 + "repo": "mugit", 274 + "type": "github" 275 + } 276 + }, 238 277 "nixpkgs": { 239 278 "locked": { 240 279 "lastModified": 1768323494, ··· 255 294 "inputs": { 256 295 "agenix": "agenix", 257 296 "disko": "disko", 297 + "mugit": "mugit", 258 298 "nixpkgs": "nixpkgs", 259 299 "tangled": "tangled" 260 300 } ··· 288 328 } 289 329 }, 290 330 "systems_2": { 331 + "locked": { 332 + "lastModified": 1681028828, 333 + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", 334 + "owner": "nix-systems", 335 + "repo": "default", 336 + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", 337 + "type": "github" 338 + }, 339 + "original": { 340 + "owner": "nix-systems", 341 + "repo": "default", 342 + "type": "github" 343 + } 344 + }, 345 + "systems_3": { 291 346 "locked": { 292 347 "lastModified": 1681028828, 293 348 "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
M
nix/flake.nix
··· 14 14 url = "git+https://tangled.org/@tangled.org/core?ref=refs/tags/v1.11.0-alpha"; 15 15 inputs.nixpkgs.follows = "nixpkgs"; 16 16 }; 17 + mugit = { 18 + url = "github:olexsmir/mugit"; 19 + inputs.nixpkgs.follows = "nixpkgs"; 20 + }; 17 21 }; 18 22 19 23 outputs = ··· 22 26 agenix, 23 27 disko, 24 28 tangled, 29 + mugit, 25 30 ... 26 31 }: 27 32 { ··· 33 38 disko.nixosModules.disko 34 39 tangled.nixosModules.knot 35 40 tangled.nixosModules.spindle 41 + mugit.nixosModules.default 36 42 ]; 37 43 }; 38 44 };
M
nix/modules/mugit.nix
··· 1 -{ pkgs, ... }: 2 -let 3 - configFile = "/var/lib/mugit/config.yaml"; 4 - mugitSrc = builtins.fetchGit { 5 - url = "https://github.com/olexsmir/mugit.git"; 6 - ref = "main"; 7 - }; 8 - buildScript = pkgs.writeShellScript "build-mugit" '' 9 - set -e 10 - 11 - BUILD_DIR="/tmp/mugit-build-$$" 12 - 13 - export GOCACHE="$BUILD_DIR/.cache" 14 - export GOPATH="$BUILD_DIR/.go" 15 - export HOME="$BUILD_DIR" 16 - 17 - mkdir -p "$BUILD_DIR" 18 - 19 - cp -r ${mugitSrc}/* "$BUILD_DIR/" 20 - chmod -R u+w "$BUILD_DIR" 21 - 22 - cd "$BUILD_DIR" 23 - ${pkgs.go}/bin/go build -o /var/lib/mugit/mugit . 24 - chmod -R u+w "$BUILD_DIR" 2>/dev/null || true 25 - rm -rf "$BUILD_DIR" 26 - ''; 27 -in 1 +{ ... }: 28 2 { 29 3 services.caddy.virtualHosts."git.olexsmir.xyz".extraConfig = '' 30 4 reverse_proxy localhost:8008 31 5 ''; 32 6 33 - systemd.tmpfiles.rules = [ "d /var/lib/mugit 0755 git git -" ]; 34 - 35 - systemd.services.mugit = { 36 - wantedBy = [ "multi-user.target" ]; 37 - after = [ "network-online.target" ]; 38 - wants = [ "network-online.target" ]; 39 - path = [ 40 - pkgs.git 41 - pkgs.go 42 - pkgs.gcc 43 - ]; 44 - serviceConfig = { 45 - Type = "simple"; 46 - User = "git"; 47 - WorkingDirectory = "/var/lib/mugit"; 48 - Restart = "on-failure"; 49 - RestartSec = 2; 50 - ExecStartPre = "${buildScript}"; 51 - ExecStart = "/var/lib/mugit/mugit --config ${configFile} serve"; 52 - ReadOnlyPaths = [ configFile ]; 53 - NoNewPrivileges = true; 54 - ReadWritePaths = [ "/var/lib/mugit" ]; 55 - AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]; 56 - CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ]; 57 - TimeoutStartSec = "5min"; 58 - ProtectHome = true; 7 + services.mugit = { 8 + enable = true; 9 + openFirewall = true; 10 + config = { 11 + server.port = 8008; 12 + meta = { 13 + description = "hey kid, come get your free software"; 14 + title = "git.olexsmir.xyz"; 15 + host = "git.olexsmir.xyz"; 16 + }; 17 + ssh = { 18 + enable = true; 19 + port = 22; 20 + host_key = "/var/lib/mugit/mugit-key"; 21 + keys = [ 22 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLLJdkVYKZgsayw+sHanKPKZbI0RMS2CakqBCEi5Trz" 23 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMPQ0Qz0DFB+rGrD8ScUqbUTZ1/O8FHrOBF5bIAGQgMj" 24 + ]; 25 + }; 26 + repo = { 27 + dir = "/var/lib/mugit/"; 28 + readmes = [ 29 + "README.md" 30 + "readme" 31 + "readme.txt" 32 + ]; 33 + masters = [ 34 + "master" 35 + "main" 36 + ]; 37 + }; 38 + mirror = { 39 + enable = true; 40 + interval = "8h"; 41 + }; 59 42 }; 60 43 }; 61 44 }