ugit @main -
refs -
log -
-
https://git.jolheiser.com/ugit.git
feat: allow enabling of each service individually
Signed-off-by: jolheiser <git@jolheiser.com>
Signature
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgBTEvCQk6VqUAdN2RuH6bj1dNkY
oOpbPWj+jw4ua1B1cAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
AAAAQNw4X4ypMEXZeH9ySIJOf8N5P1wrWrXXRb6AhJ//qtrV0aaFVdvjGyGz9KoUycxkJD
mzWDnqKVbC05M/fcH7dgE=
-----END SSH SIGNATURE-----
diff --git a/cmd/ugitd/args.go b/cmd/ugitd/args.go
index 865deecb7c64f8b59fd2c17a601c5d9cc2ea466b..b16fc0f40628e9b990ce045c15e1ab37584fa469 100644
--- a/cmd/ugitd/args.go
+++ b/cmd/ugitd/args.go
@@ -21,6 +21,7 @@ Tailscale tailscaleArgs
}
type sshArgs struct {
+ Enable bool
AuthorizedKeys string
CloneURL string
Port int
@@ -28,6 +29,7 @@ HostKey string
}
type httpArgs struct {
+ Enable bool
CloneURL string
Port int
}
@@ -54,6 +56,7 @@ JSON bool
}
type tailscaleArgs struct {
+ Enable bool
Hostname string
DataDir string
}
@@ -65,12 +68,14 @@
c = cliArgs{
RepoDir: ".ugit",
SSH: sshArgs{
+ Enable: true,
AuthorizedKeys: ".ssh/authorized_keys",
CloneURL: "ssh://localhost:8448",
Port: 8448,
HostKey: ".ssh/ugit_ed25519",
},
HTTP: httpArgs{
+ Enable: true,
CloneURL: "http://localhost:8449",
Port: 8449,
},
@@ -82,6 +87,7 @@ Log: logArgs{
Level: log.InfoLevel,
},
Tailscale: tailscaleArgs{
+ Enable: false,
Hostname: "ugit",
DataDir: ".tsnet",
},
@@ -97,10 +103,12 @@ return nil
})
fs.BoolVar(&c.Log.JSON, "log.json", c.Log.JSON, "Print logs in JSON(L) format")
fs.StringVar(&c.RepoDir, "repo-dir", c.RepoDir, "Path to directory containing repositories")
+ fs.BoolVar(&c.SSH.Enable, "ssh.enable", c.SSH.Enable, "Enable SSH server")
fs.StringVar(&c.SSH.AuthorizedKeys, "ssh.authorized-keys", c.SSH.AuthorizedKeys, "Path to authorized_keys")
fs.StringVar(&c.SSH.CloneURL, "ssh.clone-url", c.SSH.CloneURL, "SSH clone URL base")
fs.IntVar(&c.SSH.Port, "ssh.port", c.SSH.Port, "SSH port")
fs.StringVar(&c.SSH.HostKey, "ssh.host-key", c.SSH.HostKey, "SSH host key (created if it doesn't exist)")
+ fs.BoolVar(&c.HTTP.Enable, "http.enable", c.HTTP.Enable, "Enable HTTP server")
fs.StringVar(&c.HTTP.CloneURL, "http.clone-url", c.HTTP.CloneURL, "HTTP clone URL base")
fs.IntVar(&c.HTTP.Port, "http.port", c.HTTP.Port, "HTTP port")
fs.StringVar(&c.Meta.Title, "meta.title", c.Meta.Title, "App title")
@@ -118,6 +126,7 @@ URL: parts[1],
})
return nil
})
+ fs.BoolVar(&c.Tailscale.Enable, "tailscale.enable", c.Tailscale.Enable, "Enable Tailscale")
fs.StringVar(&c.Tailscale.Hostname, "tailscale.hostname", c.Tailscale.Hostname, "Tailscale host to show private repos on")
fs.StringVar(&c.Tailscale.DataDir, "tailscale.data-dir", c.Tailscale.DataDir, "Tailscale data/state directory")
diff --git a/cmd/ugitd/main.go b/cmd/ugitd/main.go
index 0526a409744d994524911e58c79ed3e89f40cc24..f968711e64f1a8f8ff42e48d118e5c2dd266e2bb 100644
--- a/cmd/ugitd/main.go
+++ b/cmd/ugitd/main.go
@@ -62,23 +62,25 @@ if err := requiredFS(args.RepoDir); err != nil {
panic(err)
}
- sshSettings := ssh.Settings{
- AuthorizedKeys: args.SSH.AuthorizedKeys,
- CloneURL: args.SSH.CloneURL,
- Port: args.SSH.Port,
- HostKey: args.SSH.HostKey,
- RepoDir: args.RepoDir,
- }
- sshSrv, err := ssh.New(sshSettings)
- if err != nil {
- panic(err)
- }
- go func() {
- log.Debugf("SSH listening on ssh://localhost:%d\n", sshSettings.Port)
- if err := sshSrv.ListenAndServe(); err != nil {
+ if args.SSH.Enable {
+ sshSettings := ssh.Settings{
+ AuthorizedKeys: args.SSH.AuthorizedKeys,
+ CloneURL: args.SSH.CloneURL,
+ Port: args.SSH.Port,
+ HostKey: args.SSH.HostKey,
+ RepoDir: args.RepoDir,
+ }
+ sshSrv, err := ssh.New(sshSettings)
+ if err != nil {
panic(err)
}
- }()
+ go func() {
+ log.Debugf("SSH listening on ssh://localhost:%d\n", sshSettings.Port)
+ if err := sshSrv.ListenAndServe(); err != nil {
+ panic(err)
+ }
+ }()
+ }
httpSettings := http.Settings{
Title: args.Meta.Title,
@@ -98,15 +100,17 @@ Name: link.Name,
URL: link.URL,
})
}
- httpSrv := http.New(httpSettings)
- go func() {
- log.Debugf("HTTP listening on http://localhost:%d\n", httpSettings.Port)
- if err := httpSrv.ListenAndServe(); err != nil {
- panic(err)
- }
- }()
+ if args.HTTP.Enable {
+ httpSrv := http.New(httpSettings)
+ go func() {
+ log.Debugf("HTTP listening on http://localhost:%d\n", httpSettings.Port)
+ if err := httpSrv.ListenAndServe(); err != nil {
+ panic(err)
+ }
+ }()
+ }
- if _, ok := os.LookupEnv("TS_AUTHKEY"); ok {
+ if args.Tailscale.Enable {
tailnetSettings := httpSettings
tailnetSettings.ShowPrivate = true
tailnetSrv := http.New(tailnetSettings)
diff --git a/flake.nix b/flake.nix
index bf67a0f284186c24abc2176f46d84a9553f74779..b693a7a25666ae29a9f945bb776b84f42e8f4801 100644
--- a/flake.nix
+++ b/flake.nix
@@ -76,7 +76,9 @@ yamlFormat = pkgs.formats.yaml {};
configFile = pkgs.writeText "ugit.yaml" (builtins.readFile (yamlFormat.generate "ugit-yaml" cfg.config));
authorizedKeysFile = pkgs.writeText "ugit_keys" (builtins.concatStringsSep "\n" cfg.authorizedKeys);
in {
- options = with lib; {
+ options = let
+ inherit (lib) mkEnableOption mkOption types;
+ in {
services.ugit = {
enable = mkEnableOption "Enable ugit";
@@ -84,6 +86,12 @@ package = mkOption {
type = types.package;
description = "ugit package to use";
default = ugit;
+ };
+
+ tsAuthKey = mkOption {
+ type = types.str;
+ description = "Tailscale one-time auth-key";
+ default = "";
};
repoDir = mkOption {
@@ -155,7 +163,12 @@ authorizedKeysPath =
if (builtins.length cfg.authorizedKeys) > 0
then authorizedKeysFile
else cfg.authorizedKeysFile;
- args = ["--config=${configFile}" "--repo-dir=${cfg.repoDir}" "--ssh.authorized-keys=${authorizedKeysPath}" "--ssh.host-key=${cfg.hostKeyFile}"];
+ args = [
+ "--config=${configFile}"
+ "--repo-dir=${cfg.repoDir}"
+ "--ssh.authorized-keys=${authorizedKeysPath}"
+ "--ssh.host-key=${cfg.hostKeyFile}"
+ ];
in "${cfg.package}/bin/ugitd ${builtins.concatStringsSep " " args}";
wantedBy = ["multi-user.target"];
after = ["network.target"];
@@ -166,6 +179,7 @@ Group = cfg.group;
Restart = "always";
RestartSec = "15";
WorkingDirectory = "/var/lib/ugit";
+ Environment = ["TS_AUTHKEY=${cfg.tsAuthKey}"];
};
};
};