3 files changed,
98 insertions(+),
54 deletions(-)
Author:
Oleksandr Smirnov
olexsmir@gmail.com
Committed at:
2026-02-06 20:56:37 +0200
Parent:
f383433
jump to
| M | nix/flake.lock |
| M | nix/flake.nix |
| M | nix/modules/mugit.nix |
M
nix/flake.lock
@@ -100,6 +100,24 @@ "inputs": {
"systems": "systems_2" }, "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems_3" + }, + "locked": { "lastModified": 1694529238, "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "owner": "numtide",@@ -115,7 +133,7 @@ }
}, "gomod2nix": { "inputs": { - "flake-utils": "flake-utils", + "flake-utils": "flake-utils_2", "nixpkgs": [ "tangled", "nixpkgs"@@ -235,6 +253,27 @@ "type": "tarball",
"url": "https://github.com/lucide-icons/lucide/releases/download/0.536.0/lucide-icons-0.536.0.zip" } }, + "mugit": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1770404159, + "narHash": "sha256-jeHLWDhT8GAgmdTLyveDwgwQM8W5VDRSQo78eCp5N/Q=", + "owner": "olexsmir", + "repo": "mugit", + "rev": "e6fe8220d1822f3b98bb22da5ef766ed759309d0", + "type": "github" + }, + "original": { + "owner": "olexsmir", + "repo": "mugit", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1768323494,@@ -255,6 +294,7 @@ "root": {
"inputs": { "agenix": "agenix", "disko": "disko", + "mugit": "mugit", "nixpkgs": "nixpkgs", "tangled": "tangled" }@@ -288,6 +328,21 @@ "type": "github"
} }, "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_3": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
M
nix/flake.nix
@@ -14,6 +14,10 @@ tangled = {
url = "git+https://tangled.org/@tangled.org/core?ref=refs/tags/v1.11.0-alpha"; inputs.nixpkgs.follows = "nixpkgs"; }; + mugit = { + url = "github:olexsmir/mugit"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs =@@ -22,6 +26,7 @@ nixpkgs,
agenix, disko, tangled, + mugit, ... }: {@@ -33,6 +38,7 @@ agenix.nixosModules.default
disko.nixosModules.disko tangled.nixosModules.knot tangled.nixosModules.spindle + mugit.nixosModules.default ]; }; };
M
nix/modules/mugit.nix
@@ -1,61 +1,44 @@
-{ pkgs, ... }: -let - configFile = "/var/lib/mugit/config.yaml"; - mugitSrc = builtins.fetchGit { - url = "https://github.com/olexsmir/mugit.git"; - ref = "main"; - }; - buildScript = pkgs.writeShellScript "build-mugit" '' - set -e - - BUILD_DIR="/tmp/mugit-build-$$" - - export GOCACHE="$BUILD_DIR/.cache" - export GOPATH="$BUILD_DIR/.go" - export HOME="$BUILD_DIR" - - mkdir -p "$BUILD_DIR" - - cp -r ${mugitSrc}/* "$BUILD_DIR/" - chmod -R u+w "$BUILD_DIR" - - cd "$BUILD_DIR" - ${pkgs.go}/bin/go build -o /var/lib/mugit/mugit . - chmod -R u+w "$BUILD_DIR" 2>/dev/null || true - rm -rf "$BUILD_DIR" - ''; -in +{ ... }: { services.caddy.virtualHosts."git.olexsmir.xyz".extraConfig = '' reverse_proxy localhost:8008 ''; - systemd.tmpfiles.rules = [ "d /var/lib/mugit 0755 git git -" ]; - - systemd.services.mugit = { - wantedBy = [ "multi-user.target" ]; - after = [ "network-online.target" ]; - wants = [ "network-online.target" ]; - path = [ - pkgs.git - pkgs.go - pkgs.gcc - ]; - serviceConfig = { - Type = "simple"; - User = "git"; - WorkingDirectory = "/var/lib/mugit"; - Restart = "on-failure"; - RestartSec = 2; - ExecStartPre = "${buildScript}"; - ExecStart = "/var/lib/mugit/mugit --config ${configFile} serve"; - ReadOnlyPaths = [ configFile ]; - NoNewPrivileges = true; - ReadWritePaths = [ "/var/lib/mugit" ]; - AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]; - CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ]; - TimeoutStartSec = "5min"; - ProtectHome = true; + services.mugit = { + enable = true; + openFirewall = true; + config = { + server.port = 8008; + meta = { + description = "hey kid, come get your free software"; + title = "git.olexsmir.xyz"; + host = "git.olexsmir.xyz"; + }; + ssh = { + enable = true; + port = 22; + host_key = "/var/lib/mugit/mugit-key"; + keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLLJdkVYKZgsayw+sHanKPKZbI0RMS2CakqBCEi5Trz" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMPQ0Qz0DFB+rGrD8ScUqbUTZ1/O8FHrOBF5bIAGQgMj" + ]; + }; + repo = { + dir = "/var/lib/mugit/"; + readmes = [ + "README.md" + "readme" + "readme.txt" + ]; + masters = [ + "master" + "main" + ]; + }; + mirror = { + enable = true; + interval = "8h"; + }; }; }; }