ugit @main -
refs -
log -
-
https://git.jolheiser.com/ugit.git
The code powering this h*ckin' site
feat: split out nix package/module
Signed-off-by: jolheiser <git@jolheiser.com>
Signature
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgBTEvCQk6VqUAdN2RuH6bj1dNkY
oOpbPWj+jw4ua1B1cAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
AAAAQIvYV9j5vtr2DsQMnLRC61y2+OZJbCAaURVN2Qpe1YldvExJqWykfry5PEIJBW2Bif
wtk4zS8yunOp0gJbwpgwo=
-----END SSH SIGNATURE-----
8 changed files, 295 additions(+), 614 deletions(-)
diff --git a/flake.lock b/flake.lock
index 6e136355501a7bd20ed340e161b8a9c3bb6f2232..401c49c1b22e48b7a61e6369c038b8dce12c0711 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,44 +1,5 @@
{
"nodes": {
- "flake-utils": {
- "inputs": {
- "systems": "systems"
- },
- "locked": {
- "lastModified": 1694529238,
- "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
- "owner": "numtide",
- "repo": "flake-utils",
- "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "flake-utils",
- "type": "github"
- }
- },
- "gomod2nix": {
- "inputs": {
- "flake-utils": "flake-utils",
- "nixpkgs": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1717050755,
- "narHash": "sha256-C9IEHABulv2zEDFA+Bf0E1nmfN4y6MIUe5eM2RCrDC0=",
- "owner": "nix-community",
- "repo": "gomod2nix",
- "rev": "31b6d2e40b36456e792cd6cf50d5a8ddd2fa59a1",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "repo": "gomod2nix",
- "type": "github"
- }
- },
"nixpkgs": {
"locked": {
"lastModified": 1719379843,
@@ -58,26 +19,9 @@ },
"root": {
"inputs": {
"flake-utils": {
- "systems": "systems"
- "flake-utils": {
},
"tailwind-ctp": "tailwind-ctp",
"tailwind-ctp-lsp": "tailwind-ctp-lsp"
- }
- },
- "systems": {
- "locked": {
- "lastModified": 1681028828,
- "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
- "owner": "nix-systems",
- "repo": "default",
- "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
- "type": "github"
- },
- "original": {
- "owner": "nix-systems",
- "repo": "default",
- "type": "github"
}
},
"tailwind-ctp": {
diff --git a/flake.nix b/flake.nix
index a7aedde25dd2d58ef845a996061106319e23ae97..cad65fe16198ecb1284d5246af9d2186eb90e6fa 100644
--- a/flake.nix
+++ b/flake.nix
@@ -3,10 +3,6 @@ description = "Minimal git server";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
- gomod2nix = {
- url = "github:nix-community/gomod2nix";
- inputs.nixpkgs.follows = "nixpkgs";
- };
tailwind-ctp = {
url = "git+https://git.jolheiser.com/tailwind-ctp";
inputs.nixpkgs.follows = "nixpkgs";
@@ -18,238 +14,112 @@ };
};
{
- nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
-{
+ inputs = {
gomod2nix = {
{
+ inputs = {
url = "github:nix-community/gomod2nix";
{
+ inputs = {
inputs.nixpkgs.follows = "nixpkgs";
{
+ inputs = {
};
- tailwind-ctp-lsp,
- description = "Minimal git server";
{
- system = "x86_64-linux";
- pkgs = nixpkgs.legacyPackages.${system};
- tailwind-ctp = inputs.tailwind-ctp.packages.${system}.default;
- description = "Minimal git server";
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
- ugit = gomod2nix.legacyPackages.${system}.buildGoApplication rec {
- name = "ugitd";
- src = pkgs.nix-gitignore.gitignoreSource [] (builtins.path {
- inherit name;
-
-
{
- pwd = ./.;
- subPackages = ["cmd/ugitd" "cmd/ugit-uci"];
- CGO_ENABLED = 0;
-
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
- "-trimpath"
- ];
- ldflags = [
- "-s"
- "-w"
- inputs = {
{
- ];
- meta = with pkgs.lib; {
- description = "Minimal git server";
- homepage = "https://git.jolheiser.com/ugit";
- maintainers = with maintainers; [jolheiser];
- mainProgram = "ugitd";
- };
- };
- in {
- packages.${system}.default = ugit;
- devShells.${system}.default = pkgs.mkShell {
- nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
{
go
+{
gopls
+{
gomod2nix.legacyPackages.${system}.gomod2nix
+{
templ
+{
tailwind-ctp
+{
tailwind-ctp-lsp
+{
vscode-langservers-extracted
- ];
- };
- nixosModules.default = {
- pkgs,
- gomod2nix = {
{
- config,
- ...
- }: let
- gomod2nix = {
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
- yamlFormat = pkgs.formats.yaml {};
- configFile = pkgs.writeText "ugit.yaml" (builtins.readFile (yamlFormat.generate "ugit-yaml" cfg.config));
- authorizedKeysFile = pkgs.writeText "ugit_keys" (builtins.concatStringsSep "\n" cfg.authorizedKeys);
- gomod2nix = {
};
- options = let
- url = "github:nix-community/gomod2nix";
{
- in {
- services.ugit = {
- enable = mkEnableOption "Enable ugit";
-
- package = mkOption {
- url = "github:nix-community/gomod2nix";
gomod2nix = {
- description = "ugit package to use";
- default = ugit;
- };
-
- inputs.nixpkgs.follows = "nixpkgs";
- type = types.str;
- description = "Tailscale one-time auth-key";
- inputs.nixpkgs.follows = "nixpkgs";
url = "github:nix-community/gomod2nix";
- };
-
- repoDir = mkOption {
- inputs.nixpkgs.follows = "nixpkgs";
{
- description = "where ugit stores repositories";
- inputs.nixpkgs.follows = "nixpkgs";
gomod2nix = {
- };
-
- authorizedKeys = mkOption {
- type = types.listOf types.str;
- description = "list of keys to use for authorized_keys";
- default = [];
- };
-
- };
{
- inputs.nixpkgs.follows = "nixpkgs";
{
- };
+ gomod2nix = {
description = "Minimal git server";
- default = "/var/lib/ugit/authorized_keys";
- };
-
- hostKeyFile = mkOption {
- inputs.nixpkgs.follows = "nixpkgs";
{
- description = "path to host key file (will be created if it doesn't exist)";
- };
gomod2nix = {
- };
- config = mkOption {
- type = types.attrs;
- default = {};
{
- };
-
- user = mkOption {
- type = types.str;
- default = "ugit";
+ }: let
{
-
- };
-
- tailwind-ctp = {
inputs = {
- type = types.str;
- default = "ugit";
- description = "Group account under which ugit runs";
url = "github:nix-community/gomod2nix";
- };
-
{
gomod2nix = {
- type = types.bool;
- default = false;
- };
- };
- };
- config = lib.mkIf cfg.enable {
- users.users."${cfg.user}" = {
- home = "/var/lib/ugit";
- createHome = true;
- group = "${cfg.group}";
- url = "git+https://git.jolheiser.com/tailwind-ctp";
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
{
-{
+ gomod2nix = {
gomod2nix = {
{
-{
+ gomod2nix = {
url = "github:nix-community/gomod2nix";
{
- };
- url = "git+https://git.jolheiser.com/tailwind-ctp";
+ gomod2nix = {
inputs.nixpkgs.follows = "nixpkgs";
{
-{
+ gomod2nix = {
};
{
- description = "Minimal git server";
+ url = "github:nix-community/gomod2nix";
{
- };
-
- tailwind-ctp-lsp = {
+ url = "github:nix-community/gomod2nix";
{
{
- description = "Minimal git server";
+ url = "github:nix-community/gomod2nix";
description = "Minimal git server";
{
- description = "Minimal git server";
+ url = "github:nix-community/gomod2nix";
{
- description = "Minimal git server";
+ url = "github:nix-community/gomod2nix";
inputs = {
{
- description = "Minimal git server";
+ url = "github:nix-community/gomod2nix";
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
{
- description = "Minimal git server";
+ url = "github:nix-community/gomod2nix";
gomod2nix = {
{
- description = "Minimal git server";
+ url = "github:nix-community/gomod2nix";
url = "github:nix-community/gomod2nix";
{
- description = "Minimal git server";
+ url = "github:nix-community/gomod2nix";
inputs.nixpkgs.follows = "nixpkgs";
{
- description = "Minimal git server";
+ url = "github:nix-community/gomod2nix";
};
url = "git+https://git.jolheiser.com/tailwind-ctp-intellisense";
-{
-{
- "--ssh.host-key=${cfg.hostKeyFile}"
- ];
- in "${cfg.package}/bin/ugitd ${builtins.concatStringsSep " " args}";
- wantedBy = ["multi-user.target"];
- after = ["network.target"];
- url = "git+https://git.jolheiser.com/tailwind-ctp-intellisense";
url = "github:nix-community/gomod2nix";
+ };
{
-
inputs.nixpkgs.follows = "nixpkgs";
- User = cfg.user;
- };
{
- inputs = {
+ inputs.nixpkgs.follows = "nixpkgs";
{
{
- inputs = {
+ inputs.nixpkgs.follows = "nixpkgs";
description = "Minimal git server";
- WorkingDirectory = "/var/lib/ugit";
- Environment = ["TS_AUTHKEY=${cfg.tsAuthKey}"];
- url = "github:nix-community/gomod2nix";
};
- };
- };
- };
- };
}
diff --git a/go.mod.sri b/go.mod.sri
new file mode 100644
index 0000000000000000000000000000000000000000..0b80bc88828f5c9249871e9ec9d93c694830401f
--- /dev/null
+++ b/go.mod.sri
@@ -0,0 +1 @@
+sha256-F0NrjQA92ckDdEzlvXsycXLMOF/995CyzsSrR3j08Gs=
\ No newline at end of file
diff --git a/gomod2nix.toml b/gomod2nix.toml
deleted file mode 100644
index 53153eb6db6f04c40480a5c63abbfa6b3be50a92..0000000000000000000000000000000000000000
--- a/gomod2nix.toml
+++ /dev/null
@@ -1,399 +0,0 @@
-schema = 3
-
-[mod]
- [mod."dario.cat/mergo"]
- version = "v1.0.0"
- hash = "sha256-jlpc8dDj+DmiOU4gEawBu8poJJj9My0s9Mvuk9oS8ww="
- [mod."filippo.io/edwards25519"]
- version = "v1.1.0"
- hash = "sha256-9ACANrgWZSd5HYPfDZHY8DVbPSC9LOMgy8deq3rDOoc="
- [mod."github.com/Microsoft/go-winio"]
- version = "v0.6.1"
- hash = "sha256-BL0BVaHtmPKQts/711W59AbHXjGKqFS4ZTal0RYnR9I="
- [mod."github.com/ProtonMail/go-crypto"]
- version = "v1.0.0"
- hash = "sha256-Gflazvyv+457FpUTtPafJ+SdolYSalpsU0tragTxNi8="
- [mod."github.com/a-h/templ"]
- version = "v0.2.543"
- hash = "sha256-1BvIj9UPZJp8SOXMPIGdHyZLIvjORHg2UY3pRZJM01s="
- [mod."github.com/akutz/memconn"]
- version = "v0.1.0"
- hash = "sha256-WOs/RQYjQbn41ui8ztHgWSd4jxydE+fvIrl/0dmHD9Y="
- [mod."github.com/alecthomas/chroma/v2"]
- version = "v2.12.0"
- hash = "sha256-w3gKGPwsoayknuU4ifPaF0JOMNqnKjIEutbIkR9c2Ag="
- [mod."github.com/alexbrainman/sspi"]
- version = "v0.0.0-20231016080023-1a75b4708caa"
- hash = "sha256-Joa/NfBofK7lRlknQ5LVYD4M/dpd9xaCqsvYUBhKW0I="
- [mod."github.com/anmitsu/go-shlex"]
- version = "v0.0.0-20200514113438-38f4b401e2be"
- hash = "sha256-L3Ak4X2z7WXq7vMKuiHCOJ29nlpajUQ08Sfb9T0yP54="
- [mod."github.com/aws/aws-sdk-go-v2"]
- version = "v1.24.1"
- hash = "sha256-qZDUrodVDWWtdQ6zYuNHxpXt2quK56pPoZsKdRGmYzk="
- [mod."github.com/aws/aws-sdk-go-v2/config"]
- version = "v1.26.5"
- hash = "sha256-RAXQlnUAsxgi2BndS+Uh2Cw+TCbtUx9BB0Tqqz50rLE="
- [mod."github.com/aws/aws-sdk-go-v2/credentials"]
- version = "v1.16.16"
- hash = "sha256-qjtE3/VxNAEtS68nLXULgjO+LO3EkayGkr2iU300xdA="
- [mod."github.com/aws/aws-sdk-go-v2/feature/ec2/imds"]
- version = "v1.14.11"
- hash = "sha256-j8LHZYM+rBmWHV1PT/H6lDL/3vgBqvQxoY2bVuOi7zo="
- [mod."github.com/aws/aws-sdk-go-v2/internal/configsources"]
- version = "v1.2.10"
- hash = "sha256-fhrws72g+ecgXnkiip0GQ206XfVdxDA7/Rz9X3nvgd8="
- [mod."github.com/aws/aws-sdk-go-v2/internal/endpoints/v2"]
- version = "v2.5.10"
- hash = "sha256-Rbj+matn96a/3Nj8EpLgrTycSV+331+WWJd5Lpk1LlQ="
- [mod."github.com/aws/aws-sdk-go-v2/internal/ini"]
- version = "v1.7.2"
- hash = "sha256-6ev22rRSz4TuoX1AoCDr67qA15kg+cHMuQeTXwp8AFg="
- [mod."github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding"]
- version = "v1.10.4"
- hash = "sha256-Wvbil3pNKlCyn0SWNXCobxzJGeE+2Eb7GNP2OZATTfY="
- [mod."github.com/aws/aws-sdk-go-v2/service/internal/presigned-url"]
- version = "v1.10.10"
- hash = "sha256-vUSnrZzo3mzfZsthjjZRmGNrXkQ4D2B7Glzu66N5MrQ="
- [mod."github.com/aws/aws-sdk-go-v2/service/ssm"]
- version = "v1.44.7"
- hash = "sha256-U7XGN5O0Ksp6O3a2Nkb0WinTwuIHjCw5UNSwPjrMo8k="
- [mod."github.com/aws/aws-sdk-go-v2/service/sso"]
- version = "v1.18.7"
- hash = "sha256-+1q43+9Cx/K3/T+LJJLV1h2PLHsG/YKHUSgwC5r3uNQ="
- [mod."github.com/aws/aws-sdk-go-v2/service/ssooidc"]
- version = "v1.21.7"
- hash = "sha256-aoolSWOU3Sb3weV2yf2wACuh3fYaUmyGXCZ2dTvcg4A="
- [mod."github.com/aws/aws-sdk-go-v2/service/sts"]
- version = "v1.26.7"
- hash = "sha256-0LGfjSa65wNKuV/TH66XfN/uF4lZF9bSszbfTFWcLjY="
- [mod."github.com/aws/smithy-go"]
- version = "v1.19.0"
- hash = "sha256-KsQMOHJFIXRF+8c4WxiXA/u1Ok6hEF6eylvnfdRGivg="
- [mod."github.com/aymanbagabas/go-osc52/v2"]
- version = "v2.0.1"
- hash = "sha256-6Bp0jBZ6npvsYcKZGHHIUSVSTAMEyieweAX2YAKDjjg="
- [mod."github.com/bits-and-blooms/bitset"]
- version = "v1.13.0"
- hash = "sha256-1jccFEH9In72Jt3wSn4vi4/MJd/UDfDrC9DlmsGVc9o="
- [mod."github.com/charmbracelet/bubbletea"]
- version = "v0.25.0"
- hash = "sha256-A0WjFRFAUhwO3m7uvCOeefPPIM8ReU+xTtIRxG0aH+Y="
- [mod."github.com/charmbracelet/keygen"]
- version = "v0.5.0"
- hash = "sha256-JFD2SdFL7tq3oVhnBEgiBTrJvjqdUtIuodAJuSFcJoA="
- [mod."github.com/charmbracelet/lipgloss"]
- version = "v0.9.1"
- hash = "sha256-AHbabOymgDRIXsMBgJHS25/GgBWT54oGbd15EBWKeZc="
- [mod."github.com/charmbracelet/log"]
- version = "v0.3.1"
- hash = "sha256-Er60POPID2eNrRZnBHxoI4yHn0mIKnXYftGKSslbXx0="
- [mod."github.com/charmbracelet/ssh"]
- version = "v0.0.0-20240201134204-3f297de25560"
- hash = "sha256-r4h4bym47rs3C2us+sCgVfwAl4TCbm3bDCTsXKYREz8="
- [mod."github.com/charmbracelet/wish"]
- version = "v1.3.0"
- hash = "sha256-3Uq1PDu5DMoWgJykFx/roGk20x8jdb7o5JFPpmEtX/c="
- [mod."github.com/charmbracelet/x/errors"]
- version = "v0.0.0-20240130180102-bafe6fbaee60"
- hash = "sha256-GO8hf0lhVtl00C+xoTzvBtPU2cO0PymSLc2szBRUNtE="
- [mod."github.com/charmbracelet/x/exp/term"]
- version = "v0.0.0-20240130180102-bafe6fbaee60"
- hash = "sha256-hEj/Gj1U1ahk5EFVZVAL52yrdBNO47yXykpiehJICbc="
- [mod."github.com/cloudflare/circl"]
- version = "v1.3.7"
- hash = "sha256-AkOpcZ+evLxLJStvvr01+TLeWDqcLxY3e/AhGggzh40="
- [mod."github.com/containerd/console"]
- version = "v1.0.4-0.20230706203907-8f6c4e4faef5"
- hash = "sha256-mxRERsgS6TmI5I0UYblhzl2FZlbtkJhUkfF1x6mZINw="
- [mod."github.com/coreos/go-iptables"]
- version = "v0.7.1-0.20240112124308-65c67c9f46e6"
- hash = "sha256-kjnry8ld5Keew5q+tX7GSdGVZaXlehs2Lt+z8Rokhns="
- [mod."github.com/creack/pty"]
- version = "v1.1.21"
- hash = "sha256-pjGw6wQlrVhN65XaIxZueNJqnXThGu00u24rKOLzxS0="
- [mod."github.com/cyphar/filepath-securejoin"]
- version = "v0.2.4"
- hash = "sha256-heCD0xMxlwnHCHcRBgTjVexHOLyWI2zRW3E8NFKoLzk="
- [mod."github.com/dblohm7/wingoes"]
- version = "v0.0.0-20240119213807-a09d6be7affa"
- hash = "sha256-zUj7jSZQiX53+4OyRq7LaQXp8nx8+JRpyT6IFdktyw0="
- [mod."github.com/digitalocean/go-smbios"]
- version = "v0.0.0-20180907143718-390a4f403a8e"
- hash = "sha256-Hgx1ML3rigdYXx5ntnEYD5JEk6kJv1cL0+/GDbnPkbo="
- [mod."github.com/dlclark/regexp2"]
- version = "v1.10.0"
- hash = "sha256-Jxzj/O/Q9tIWBOOgCkCibhrgJBzzfVIxYDsabt7O8ow="
- [mod."github.com/dustin/go-humanize"]
- version = "v1.0.1"
- hash = "sha256-yuvxYYngpfVkUg9yAmG99IUVmADTQA0tMbBXe0Fq0Mc="
- [mod."github.com/emirpasic/gods"]
- version = "v1.18.1"
- hash = "sha256-hGDKddjLj+5dn2woHtXKUdd49/3xdsqnhx7VEdCu1m4="
- [mod."github.com/fxamacker/cbor/v2"]
- version = "v2.5.0"
- hash = "sha256-2rhvuNZjeidDP+Og6Q0u4ROiaPrEOjoI5wCb17XRnOQ="
- [mod."github.com/gaissmai/bart"]
- version = "v0.4.1"
- hash = "sha256-Zz+8yx+y6QtF2raJo01ldzKIlqfxLX3eqLr6ub+Byzw="
- [mod."github.com/go-chi/chi/v5"]
- version = "v5.0.11"
- hash = "sha256-95LKg/OVzhik2HUz6cirHH3eAT4qbHSg52bSvkc+XOY="
- [mod."github.com/go-chi/httplog/v2"]
- version = "v2.1.1"
- hash = "sha256-bMpoHUSNk3Uds9NfrStwhDsdCONR4pJso9sVUhqfidk="
- [mod."github.com/go-git/gcfg"]
- version = "v1.5.1-0.20230307220236-3a3c6141e376"
- hash = "sha256-f4k0gSYuo0/q3WOoTxl2eFaj7WZpdz29ih6CKc8Ude8="
- [mod."github.com/go-git/go-billy/v5"]
- version = "v5.5.0"
- hash = "sha256-4XUoD2bOCMCdu83egb/y8kY/Fm0s1rWgPMtiahh38OQ="
- [mod."github.com/go-git/go-git/v5"]
- version = "v5.11.0"
- hash = "sha256-2yUM/FlV+nYxacVynJCnDZeMub4Iu8JL2WBHmlnwOkE="
- [mod."github.com/go-json-experiment/json"]
- version = "v0.0.0-20231102232822-2e55bd4e08b0"
- hash = "sha256-ltOLec3r0dGA/k1TTrQjuMuHxdxBlALkfLbdKuUNvmg="
- [mod."github.com/go-logfmt/logfmt"]
- version = "v0.6.0"
- hash = "sha256-RtIG2qARd5sT10WQ7F3LR8YJhS8exs+KiuUiVf75bWg="
- [mod."github.com/go-ole/go-ole"]
- version = "v1.3.0"
- hash = "sha256-tF8t3VcV71jQ4jbPL91BwR59AKDpUAFV1waIKzkXJu8="
- [mod."github.com/godbus/dbus/v5"]
- version = "v5.1.1-0.20230522191255-76236955d466"
- hash = "sha256-OdcyeoGQ4xWUpl21WKXkbAm8yZHMDp8giY02arupjb4="
- [mod."github.com/golang/groupcache"]
- version = "v0.0.0-20210331224755-41bb18bfe9da"
- hash = "sha256-7Gs7CS9gEYZkbu5P4hqPGBpeGZWC64VDwraSKFF+VR0="
- [mod."github.com/google/btree"]
- version = "v1.1.2"
- hash = "sha256-K7V2obq3pLM71Mg0vhhHtZ+gtaubwXPQx3xcIyZDCjM="
- [mod."github.com/google/go-cmp"]
- version = "v0.6.0"
- hash = "sha256-qgra5jze4iPGP0JSTVeY5qV5AvEnEu39LYAuUCIkMtg="
- [mod."github.com/google/nftables"]
- version = "v0.2.1-0.20240414091927-5e242ec57806"
- hash = "sha256-OXMzx4Exf++E4UzCUE1gw3TOrfyI187cFu3cDZ9ifKU="
- [mod."github.com/google/uuid"]
- version = "v1.6.0"
- hash = "sha256-VWl9sqUzdOuhW0KzQlv0gwwUQClYkmZwSydHG2sALYw="
- [mod."github.com/gorilla/csrf"]
- version = "v1.7.2"
- hash = "sha256-pzOWbw8AOjhdRJYKlPBfh1j9a8TGNxgrlS4AmZpE1s8="
- [mod."github.com/gorilla/securecookie"]
- version = "v1.1.2"
- hash = "sha256-KeMHNM9emxX+N0WYiZsTii7n8sNsmjWwbnQ9SaJfTKE="
- [mod."github.com/hdevalence/ed25519consensus"]
- version = "v0.2.0"
- hash = "sha256-KTbeKMOT/HCJjDHqyciQjJPPgpNk6H0VyQCCbeGgs7Y="
- [mod."github.com/illarion/gonotify"]
- version = "v1.0.1"
- hash = "sha256-73KDUfk5iNo12u+nNN2H4UTfJ1FlLifahnFNPzV1P/k="
- [mod."github.com/insomniacslk/dhcp"]
- version = "v0.0.0-20231206064809-8c70d406f6d2"
- hash = "sha256-PHiso7HGNjCGbGdZ7TMGnSGzPDUTpvWpqAccoKPAaWM="
- [mod."github.com/jbenet/go-context"]
- version = "v0.0.0-20150711004518-d14ea06fba99"
- hash = "sha256-VANNCWNNpARH/ILQV9sCQsBWgyL2iFT+4AHZREpxIWE="
- [mod."github.com/jmespath/go-jmespath"]
- version = "v0.4.0"
- hash = "sha256-xpT9g2qIXmPq7eeHUXHiDqJeQoHCudh44G/KCSFbcuo="
- [mod."github.com/josharian/native"]
- version = "v1.1.1-0.20230202152459-5c7d0dd6ab86"
- hash = "sha256-dgyrLXuM55z8FAoUjyt5TDlzim6HfphWo5wx1/DHLwE="
- [mod."github.com/jsimonetti/rtnetlink"]
- version = "v1.4.0"
- hash = "sha256-GnrF2yxgm/h1JSTN1PwI4ysTl+oY0AyWzf3Ni7LZqRM="
- [mod."github.com/kevinburke/ssh_config"]
- version = "v1.2.0"
- hash = "sha256-Ta7ZOmyX8gG5tzWbY2oES70EJPfI90U7CIJS9EAce0s="
- [mod."github.com/klauspost/compress"]
- version = "v1.17.4"
- hash = "sha256-5E7dDtDKfL3jy7zJxHBMV57WlHZrP/OoEX5e6cOPba0="
- [mod."github.com/kortschak/wol"]
- version = "v0.0.0-20200729010619-da482cc4850a"
- hash = "sha256-lnr9r/KNv4EeeNohFImC3Vd5E9nJ0N+4ZZ0VHFjwHps="
- [mod."github.com/lucasb-eyer/go-colorful"]
- version = "v1.2.0"
- hash = "sha256-Gg9dDJFCTaHrKHRR1SrJgZ8fWieJkybljybkI9x0gyE="
- [mod."github.com/mattn/go-isatty"]
- version = "v0.0.20"
- hash = "sha256-qhw9hWtU5wnyFyuMbKx+7RB8ckQaFQ8D+8GKPkN3HHQ="
- [mod."github.com/mattn/go-localereader"]
- version = "v0.0.1"
- hash = "sha256-JlWckeGaWG+bXK8l8WEdZqmSiTwCA8b1qbmBKa/Fj3E="
- [mod."github.com/mattn/go-runewidth"]
- version = "v0.0.15"
- hash = "sha256-WP39EU2UrQbByYfnwrkBDoKN7xzXsBssDq3pNryBGm0="
- [mod."github.com/mdlayher/genetlink"]
- version = "v1.3.2"
- hash = "sha256-pgwXkyDY1dlB8tmV1lQ0Bz/2g0zmJOyXvQjacACy924="
- [mod."github.com/mdlayher/netlink"]
- version = "v1.7.2"
- hash = "sha256-08qlkKvG1+XFY3MDx7M1jdvaDMsmF9qv5/xMNaw3snc="
- [mod."github.com/mdlayher/sdnotify"]
- version = "v1.0.0"
- hash = "sha256-O7MJt6Bam2bUoede07Z1T6EtW+kCJ+/4dJtYopZct1s="
- [mod."github.com/mdlayher/socket"]
- version = "v0.5.0"
- hash = "sha256-3zEbix66G+LQ2xAQW9XmkyubK9R+Vwnm09H5fqqLC7w="
- [mod."github.com/miekg/dns"]
- version = "v1.1.58"
- hash = "sha256-UGvyC1Abh2S5VaAUCV9AUuDMrCvpiWQy/UnYM9DfIB8="
- [mod."github.com/mitchellh/go-ps"]
- version = "v1.0.0"
- hash = "sha256-HzxVHNLHZpnsBuPcub0G+9jjDcDOsxM/6wifbsxf7EY="
- [mod."github.com/muesli/ansi"]
- version = "v0.0.0-20230316100256-276c6243b2f6"
- hash = "sha256-qRKn0Bh2yvP0QxeEMeZe11Vz0BPFIkVcleKsPeybKMs="
- [mod."github.com/muesli/cancelreader"]
- version = "v0.2.2"
- hash = "sha256-uEPpzwRJBJsQWBw6M71FDfgJuR7n55d/7IV8MO+rpwQ="
- [mod."github.com/muesli/reflow"]
- version = "v0.3.0"
- hash = "sha256-Pou2ybE9SFSZG6YfZLVV1Eyfm+X4FuVpDPLxhpn47Cc="
- [mod."github.com/muesli/termenv"]
- version = "v0.15.2"
- hash = "sha256-Eum/SpyytcNIchANPkG4bYGBgcezLgej7j/+6IhqoMU="
- [mod."github.com/peterbourgon/ff/v3"]
- version = "v3.4.0"
- hash = "sha256-rmRl4GSmc2atnMbw6hTs6jwxW5lO4ivYuF2VN3jacZM="
- [mod."github.com/pierrec/lz4/v4"]
- version = "v4.1.21"
- hash = "sha256-u47Lm4tN2ChGDLGyR+Jpi/Mi0bOFBVT6PTpPFdu2rMU="
- [mod."github.com/pjbgf/sha1cd"]
- version = "v0.3.0"
- hash = "sha256-kX9BdLh2dxtGNaDvc24NORO+C0AZ7JzbrXrtecCdB7w="
- [mod."github.com/prometheus-community/pro-bing"]
- version = "v0.4.0"
- hash = "sha256-3TH0wB85OITw3uzTcEva2EcEF6jNf98sAoSOsnL2G9g="
- [mod."github.com/rivo/uniseg"]
- version = "v0.4.6"
- hash = "sha256-zGfzO8FWj03POzo47SzrK1B4yLMKJ7iic6ium76ZLzI="
- [mod."github.com/safchain/ethtool"]
- version = "v0.3.0"
- hash = "sha256-q5bQGHB7cyEejA9tQkrhpvzpfYRvXcmClbWBgfs3Ymc="
- [mod."github.com/sergi/go-diff"]
- version = "v1.3.1"
- hash = "sha256-XLA/BLIPuUU76yikXqIeRSXr7T7A3Uz6I27+mDxGj7w="
- [mod."github.com/skeema/knownhosts"]
- version = "v1.2.1"
- hash = "sha256-u0jB6ahTdGa+SvcIvPNRLnbSHvgmW9X/ThRq0nWQrJs="
- [mod."github.com/tailscale/certstore"]
- version = "v0.1.1-0.20231202035212-d3fa0460f47e"
- hash = "sha256-Q0HLTQPRsIizRqvdBBaLGoLascQiSpQm+X3NW3ytpDQ="
- [mod."github.com/tailscale/go-winio"]
- version = "v0.0.0-20231025203758-c4f33415bf55"
- hash = "sha256-WFW20c02gIk2MhafeVVNydmSfszPZegshDd2Y5abGgY="
- [mod."github.com/tailscale/golang-x-crypto"]
- version = "v0.0.0-20240604161659-3fde5e568aa4"
- hash = "sha256-vIrSd0emexe1lcjJqLbEtg7/TaZDnpGrDs96mxjANyE="
- [mod."github.com/tailscale/goupnp"]
- version = "v1.0.1-0.20210804011211-c64d0f06ea05"
- hash = "sha256-PRMJcYY+wjpbHkC9dQWTPErh2ID29UnFxehxmYR704I="
- [mod."github.com/tailscale/hujson"]
- version = "v0.0.0-20221223112325-20486734a56a"
- hash = "sha256-q9c2IjwbL0IgYPznVpQP1XT/8lrzH1niI3E+wjNcf5Y="
- [mod."github.com/tailscale/netlink"]
- version = "v1.1.1-0.20211101221916-cabfb018fe85"
- hash = "sha256-bMK5qqObMcxIbPy5XhOZP8TGDaXvDAHsE0FR68VMLi8="
- [mod."github.com/tailscale/peercred"]
- version = "v0.0.0-20240214030740-b535050b2aa4"
- hash = "sha256-82cdwvTUr47qMP2MHiMdY5O8vr/hA2aJ/KW2VTu97KI="
- [mod."github.com/tailscale/web-client-prebuilt"]
- version = "v0.0.0-20240226180453-5db17b287bf1"
- hash = "sha256-iE8PCr0At4P75cG7dDa6fwhARJUIUw9pwvgtQNMOjAA="
- [mod."github.com/tailscale/wireguard-go"]
- version = "v0.0.0-20240429185444-03c5a0ccf754"
- hash = "sha256-XhfEG8esndgZDoI2AeRvs95XRYiIrj/0NiVDBpOcacY="
- [mod."github.com/tcnksm/go-httpstat"]
- version = "v0.2.0"
- hash = "sha256-bCWn8E+DcZY6+yPu07AF3hCcDZx3CFdD74qfpDIgVqI="
- [mod."github.com/u-root/u-root"]
- version = "v0.12.0"
- hash = "sha256-B9Qoq1S0l0W6twET54uxiWjh2ulxN/zMLAeWJX4cXW0="
- [mod."github.com/u-root/uio"]
- version = "v0.0.0-20240118234441-a3c409a6018e"
- hash = "sha256-rUjQMG+HprbgHKzrIPFrQ6S3BCEyYQyUbA/D72mY8iU="
- [mod."github.com/vishvananda/netlink"]
- version = "v1.2.1-beta.2"
- hash = "sha256-ePReedgYT0KuAx/HOUgG76zDZ2XpW/u8bGlsWysxKzE="
- [mod."github.com/vishvananda/netns"]
- version = "v0.0.4"
- hash = "sha256-tEba2cxyk3GdCYvEIttQ8aZCzHcB0ZiUt6fUEARDkWU="
- [mod."github.com/x448/float16"]
- version = "v0.8.4"
- hash = "sha256-VKzMTMS9pIB/cwe17xPftCSK9Mf4Y6EuBEJlB4by5mE="
- [mod."github.com/xanzy/ssh-agent"]
- version = "v0.3.3"
- hash = "sha256-l3pGB6IdzcPA/HLk93sSN6NM2pKPy+bVOoacR5RC2+c="
- [mod."github.com/yuin/goldmark"]
- version = "v1.6.0"
- hash = "sha256-0PeGjGxxM7lUSx2dn8yPUBpilPQzEN9nkgf3s+5zGTY="
- [mod."github.com/yuin/goldmark-emoji"]
- version = "v1.0.2"
- hash = "sha256-RvzhNXlF98fu9SD/Rve9JMtR4bcRh7rN56Twhh/kmt4="
- [mod."github.com/yuin/goldmark-highlighting/v2"]
- version = "v2.0.0-20230729083705-37449abec8cc"
- hash = "sha256-HpiwU7jIeDUAg2zOpTIiviQir8dpRPuXYh2nqFFccpg="
- [mod."go.jolheiser.com/tailroute"]
- version = "v0.0.0-20240726150858-67ef456b46b5"
- hash = "sha256-NJBg8m3ukwBycuXj3lUtTclX1kmdw3xBW+YCKnPuU8g="
- [mod."go4.org/mem"]
- version = "v0.0.0-20220726221520-4f986261bf13"
- hash = "sha256-H2Fsuvzbqp/6JKzC03XPTQTSQBcGs+B5VGsBjrQDY3c="
- [mod."go4.org/netipx"]
- version = "v0.0.0-20231129151722-fdeea329fbba"
- hash = "sha256-qFrVlacz5R3Lpkzqeg1/1MYew3DJzY9hG0Uh/ua+SOU="
- [mod."golang.org/x/crypto"]
- version = "v0.21.0"
- hash = "sha256-Z4k1LvFh4Jai7HUe6TTuXSG3VnuiRpMwdARIdZZqSYk="
- [mod."golang.org/x/exp"]
- version = "v0.0.0-20240119083558-1b970713d09a"
- hash = "sha256-JQ3JLywTjgboNhs12blhOkS3ty7m8sUa/zaWv1k/X28="
- [mod."golang.org/x/mod"]
- version = "v0.16.0"
- hash = "sha256-aN1Cz5Wqd9YCjK8nFW6JWn+n1HfFoEcgYZmGO/FYtbw="
- [mod."golang.org/x/net"]
- version = "v0.23.0"
- hash = "sha256-ZB4504rtgsHbcRfijjlqt4/2ddb8tyQB5IBn126uVTQ="
- [mod."golang.org/x/sync"]
- version = "v0.6.0"
- hash = "sha256-LLims/wjDZtIqlYCVHREewcUOX4hwRwplEuZKPOJ/HI="
- [mod."golang.org/x/sys"]
- version = "v0.19.0"
- hash = "sha256-cmuL31TYLJmDm/fDnI2Sn0wB88cpdOHV1+urorsJWx4="
- [mod."golang.org/x/term"]
- version = "v0.18.0"
- hash = "sha256-lpze9arFZIhBV8Ht3VZyoiUwqPkeH2IwfXt8M3xljiM="
- [mod."golang.org/x/text"]
- version = "v0.14.0"
- hash = "sha256-yh3B0tom1RfzQBf1RNmfdNWF1PtiqxV41jW1GVS6JAg="
- [mod."golang.org/x/time"]
- version = "v0.5.0"
- hash = "sha256-W6RgwgdYTO3byIPOFxrP2IpAZdgaGowAaVfYby7AULU="
- [mod."golang.org/x/tools"]
- version = "v0.19.0"
- hash = "sha256-Xf05Ao398gBzxn5C8H6x+XsLjFLIm+UUfpDekQYA0cw="
- [mod."golang.zx2c4.com/wintun"]
- version = "v0.0.0-20230126152724-0fa3db229ce2"
- hash = "sha256-cjMLNjKnnupVROWmeASORVieAL9ieYdzX3cFzG8bCpo="
- [mod."golang.zx2c4.com/wireguard/windows"]
- version = "v0.5.3"
- hash = "sha256-wcJWS/4Fqbc+1RHSntex0zBdlHiZfzrea4QabYkNKvU="
- [mod."gopkg.in/warnings.v0"]
- version = "v0.1.2"
- hash = "sha256-ATVL9yEmgYbkJ1DkltDGRn/auGAjqGOfjQyBYyUo8s8="
- [mod."gopkg.in/yaml.v2"]
- version = "v2.4.0"
- hash = "sha256-uVEGglIedjOIGZzHW4YwN1VoRSTK8o0eGZqzd+TNdd0="
- [mod."gvisor.dev/gvisor"]
- version = "v0.0.0-20240306221502-ee1e1f6070e3"
- hash = "sha256-veCyTYMx5N/K7xU86GgQupjAjjiL3hlvIjz+jhBFM/0="
- [mod."nhooyr.io/websocket"]
- version = "v1.8.10"
- hash = "sha256-EsUWUFIA2uJTap1DfsYuSxlPMH3UHDpxEohJMalDOcI="
- [mod."tailscale.com"]
- version = "v1.68.2"
- hash = "sha256-GdYdZ/FA2m0dw5maZ9QFkiMo89UZtnzjUoWK+fLLV/c="
diff --git a/nix/default.nix b/nix/default.nix
new file mode 100644
index 0000000000000000000000000000000000000000..07317370bfffc442b384102e32cde32e0f1042de
--- /dev/null
+++ b/nix/default.nix
@@ -0,0 +1,10 @@
+{
+ pkgs ? import <nixpkgs>,
+}:
+let
+ pkg = pkgs.callPackage ./pkg.nix { inherit pkgs; };
+in
+{
+ ugit = pkg;
+ default = pkg;
+}
diff --git a/nix/module.nix b/nix/module.nix
new file mode 100644
index 0000000000000000000000000000000000000000..fd45cccebcfe3581dc2e0ff1e29189985913e59f
--- /dev/null
+++ b/nix/module.nix
@@ -0,0 +1,196 @@
+{
+ pkgs,
+ lib,
+ config,
+ ...
+}:
+let
+ cfg = config.services.ugit;
+ pkg = pkgs.callPackage ./pkg.nix { inherit pkgs; };
+ yamlFormat = pkgs.formats.yaml { };
+ configFile = pkgs.writeText "ugit.yaml" (
+ builtins.readFile (yamlFormat.generate "ugit-yaml" cfg.config)
+ );
+ authorizedKeysFile = pkgs.writeText "ugit_keys" (builtins.concatStringsSep "\n" cfg.authorizedKeys);
+in
+{
+ options =
+ let
+ inherit (lib) mkEnableOption mkOption types;
+ in
+ {
+ services.ugit = {
+ enable = mkEnableOption "Enable ugit";
+
+ package = mkOption {
+ type = types.package;
+ description = "ugit package to use";
+ default = pkg;
+ };
+
+ tsAuthKey = mkOption {
+ type = types.str;
+ description = "Tailscale one-time auth-key";
+ default = "";
+ };
+
+ repoDir = mkOption {
+ type = types.str;
+ description = "where ugit stores repositories";
+ default = "/var/lib/ugit/repos";
+ };
+
+ authorizedKeys = mkOption {
+ type = types.listOf types.str;
+ description = "list of keys to use for authorized_keys";
+ default = [ ];
+ };
+
+ authorizedKeysFile = mkOption {
+ type = types.str;
+ description = "path to authorized_keys file ugit uses for auth";
+ default = "/var/lib/ugit/authorized_keys";
+ };
+
+ hostKeyFile = mkOption {
+ type = types.str;
+ description = "path to host key file (will be created if it doesn't exist)";
+ default = "/var/lib/ugit/ugit_ed25519";
+ };
+
+ config = mkOption {
+ type = types.attrs;
+ default = { };
+ description = "config.yaml contents";
+ };
+
+ user = mkOption {
+ type = types.str;
+ default = "ugit";
+ description = "User account under which ugit runs";
+ };
+
+ group = mkOption {
+ type = types.str;
+ default = "ugit";
+ description = "Group account under which ugit runs";
+ };
+
+ openFirewall = mkOption {
+ type = types.bool;
+ default = false;
+ };
+
+ hooks = mkOption {
+ type = types.listOf (
+ types.submodule {
+ options = {
+ name = mkOption {
+ type = types.str;
+ description = "Hook name";
+ };
+ content = mkOption {
+ type = types.str;
+ description = "Hook contents";
+ };
+ };
+ }
+ );
+ description = "A list of pre-receive hooks to run";
+ default = [ ];
+ };
+ };
+ };
+ config = lib.mkIf cfg.enable {
+ users.users."${cfg.user}" = {
+ home = "/var/lib/ugit";
+ createHome = true;
+ group = "${cfg.group}";
+ isSystemUser = true;
+ isNormalUser = false;
+ description = "user for ugit service";
+ };
+ users.groups."${cfg.group}" = { };
+ networking.firewall = lib.mkIf cfg.openFirewall {
+ allowedTCPPorts = [
+ 8448
+ 8449
+ ];
+ };
+
+ systemd.services = {
+ ugit = {
+ enable = true;
+ script =
+ let
+ authorizedKeysPath =
+ if (builtins.length cfg.authorizedKeys) > 0 then authorizedKeysFile else cfg.authorizedKeysFile;
+ args = [
+ "--config=${configFile}"
+ "--repo-dir=${cfg.repoDir}"
+ "--ssh.authorized-keys=${authorizedKeysPath}"
+ "--ssh.host-key=${cfg.hostKeyFile}"
+ ];
+ in
+ "${cfg.package}/bin/ugitd ${builtins.concatStringsSep " " args}";
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network.target" ];
+ path = [
+ cfg.package
+ pkgs.git
+ pkgs.bash
+ ];
+ serviceConfig = {
+ User = cfg.user;
+ Group = cfg.group;
+ Restart = "always";
+ RestartSec = "15";
+ WorkingDirectory = "/var/lib/ugit";
+ Environment = [ "TS_AUTHKEY=${cfg.tsAuthKey}" ];
+ };
+ };
+ ugit-hooks = {
+ wantedBy = [ "multi-user.target" ];
+ after = [ "ugit.service" ];
+ requires = [ "ugit.service" ];
+ serviceConfig = {
+ Type = "oneshot";
+ ExecStart =
+ let
+ script = pkgs.writeShellScript "ugit-hooks-link" (
+ builtins.concatStringsSep "\n" (
+ map (
+ hook:
+ let
+ script = pkgs.writeShellScript hook.name hook.content;
+ path = "${cfg.repoDir}/hooks/pre-receive.d/${hook.name}";
+ in
+ "ln -s ${script} ${path}"
+ ) cfg.hooks
+ )
+ );
+ in
+ "${script}";
+ };
+ };
+ };
+
+ systemd.tmpfiles.settings.ugit = builtins.listToAttrs (
+ map (
+ hook:
+ let
+ script = pkgs.writeShellScript hook.name hook.content;
+ path = "${cfg.repoDir}/hooks/pre-receive.d/${hook.name}";
+ in
+ {
+ name = path;
+ value = {
+ "L" = {
+ argument = "${script}";
+ };
+ };
+ }
+ ) cfg.hooks
+ );
+ };
+}
diff --git a/nix/pkg.nix b/nix/pkg.nix
new file mode 100644
index 0000000000000000000000000000000000000000..1d64f3e79ad253d5a492d985e94ff3236138c122
--- /dev/null
+++ b/nix/pkg.nix
@@ -0,0 +1,33 @@
+{
+ pkgs ? import <nixpkgs>,
+}:
+let
+ name = "ugitd";
+in
+pkgs.buildGoModule {
+ pname = name;
+ version = "main";
+ src = pkgs.nix-gitignore.gitignoreSource [ ] (
+ builtins.path {
+ inherit name;
+ path = ../.;
+ }
+ );
+ subPackages = [
+ "cmd/ugitd"
+ "cmd/ugit-uci"
+ ];
+ vendorHash = pkgs.lib.fileContents ../go.mod.sri;
+ CGO_ENABLED = 0;
+ flags = [ "-trimpath" ];
+ ldflags = [
+ "-s"
+ "-w"
+ "-extldflags -static"
+ ];
+ meta = {
+ description = "Minimal git server";
+ homepage = "https://git.jolheiser.com/ugit";
+ mainProgram = "ugitd";
+ };
+}
diff --git a/nix/test.nix b/nix/test.nix
new file mode 100644
index 0000000000000000000000000000000000000000..9b5e625a43c5b62114b86572cbf29c2abe007bf1
--- /dev/null
+++ b/nix/test.nix
@@ -0,0 +1,26 @@
+{ config, pkgs, ... }:
+{
+ imports = [ ./module.nix ];
+
+ users.users.jolheiser = {
+ isNormalUser = true;
+ extraGroups = [ "wheel" ];
+ initialPassword = "test";
+ };
+
+ services.ugit = {
+ enable = true;
+ hooks = [
+ {
+ name = "pre-receive";
+ content = ''
+ echo "Pre-receive hook executed"
+ '';
+ }
+ {
+ name = "ugit-uci";
+ content = "${config.services.ugit.package}/bin/ugit-uci";
+ }
+ ];
+ };
+}