Home

ugit @main - refs - log -
- 
https://git.jolheiser.com/ugit.git
The code powering this h*ckin' site
tree log patch
feat: allow enabling of each service individually Signed-off-by: jolheiser <git@jolheiser.com>
Signature
-----BEGIN SSH SIGNATURE----- U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgBTEvCQk6VqUAdN2RuH6bj1dNkY oOpbPWj+jw4ua1B1cAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5 AAAAQNw4X4ypMEXZeH9ySIJOf8N5P1wrWrXXRb6AhJ//qtrV0aaFVdvjGyGz9KoUycxkJD mzWDnqKVbC05M/fcH7dgE= -----END SSH SIGNATURE-----
jolheiser <git@jolheiser.com>
1 year ago
3 changed files, 52 additions(+), 25 deletions(-)
cmd/ugitd/args.gocmd/ugitd/main.goflake.nix
M cmd/ugitd/args.go -> cmd/ugitd/args.go
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

diff --git a/cmd/ugitd/args.go b/cmd/ugitd/args.go
index 865deecb7c64f8b59fd2c17a601c5d9cc2ea466b..b16fc0f40628e9b990ce045c15e1ab37584fa469 100644
--- a/cmd/ugitd/args.go
+++ b/cmd/ugitd/args.go
@@ -21,6 +21,7 @@ 	Tailscale tailscaleArgs
 }
 
 type sshArgs struct {
+	Enable         bool
 	AuthorizedKeys string
 	CloneURL       string
 	Port           int
@@ -28,6 +29,7 @@ 	HostKey        string
 }
 
 type httpArgs struct {
+	Enable   bool
 	CloneURL string
 	Port     int
 }
@@ -54,6 +56,7 @@ 	JSON  bool
 }
 
 type tailscaleArgs struct {
+	Enable   bool
 	Hostname string
 	DataDir  string
 }
@@ -65,12 +68,14 @@
 	c = cliArgs{
 		RepoDir: ".ugit",
 		SSH: sshArgs{
+			Enable:         true,
 			AuthorizedKeys: ".ssh/authorized_keys",
 			CloneURL:       "ssh://localhost:8448",
 			Port:           8448,
 			HostKey:        ".ssh/ugit_ed25519",
 		},
 		HTTP: httpArgs{
+			Enable:   true,
 			CloneURL: "http://localhost:8449",
 			Port:     8449,
 		},
@@ -82,6 +87,7 @@ 		Log: logArgs{
 			Level: log.InfoLevel,
 		},
 		Tailscale: tailscaleArgs{
+			Enable:   false,
 			Hostname: "ugit",
 			DataDir:  ".tsnet",
 		},
@@ -97,10 +103,12 @@ 		return nil
 	})
 	fs.BoolVar(&c.Log.JSON, "log.json", c.Log.JSON, "Print logs in JSON(L) format")
 	fs.StringVar(&c.RepoDir, "repo-dir", c.RepoDir, "Path to directory containing repositories")
+	fs.BoolVar(&c.SSH.Enable, "ssh.enable", c.SSH.Enable, "Enable SSH server")
 	fs.StringVar(&c.SSH.AuthorizedKeys, "ssh.authorized-keys", c.SSH.AuthorizedKeys, "Path to authorized_keys")
 	fs.StringVar(&c.SSH.CloneURL, "ssh.clone-url", c.SSH.CloneURL, "SSH clone URL base")
 	fs.IntVar(&c.SSH.Port, "ssh.port", c.SSH.Port, "SSH port")
 	fs.StringVar(&c.SSH.HostKey, "ssh.host-key", c.SSH.HostKey, "SSH host key (created if it doesn't exist)")
+	fs.BoolVar(&c.HTTP.Enable, "http.enable", c.HTTP.Enable, "Enable HTTP server")
 	fs.StringVar(&c.HTTP.CloneURL, "http.clone-url", c.HTTP.CloneURL, "HTTP clone URL base")
 	fs.IntVar(&c.HTTP.Port, "http.port", c.HTTP.Port, "HTTP port")
 	fs.StringVar(&c.Meta.Title, "meta.title", c.Meta.Title, "App title")
@@ -118,6 +126,7 @@ 			URL:  parts[1],
 		})
 		return nil
 	})
+	fs.BoolVar(&c.Tailscale.Enable, "tailscale.enable", c.Tailscale.Enable, "Enable Tailscale")
 	fs.StringVar(&c.Tailscale.Hostname, "tailscale.hostname", c.Tailscale.Hostname, "Tailscale host to show private repos on")
 	fs.StringVar(&c.Tailscale.DataDir, "tailscale.data-dir", c.Tailscale.DataDir, "Tailscale data/state directory")
M cmd/ugitd/main.go -> cmd/ugitd/main.go
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71

diff --git a/cmd/ugitd/main.go b/cmd/ugitd/main.go
index 0526a409744d994524911e58c79ed3e89f40cc24..f968711e64f1a8f8ff42e48d118e5c2dd266e2bb 100644
--- a/cmd/ugitd/main.go
+++ b/cmd/ugitd/main.go
@@ -62,23 +62,25 @@ 	if err := requiredFS(args.RepoDir); err != nil {
 		panic(err)
 	}
 
-	sshSettings := ssh.Settings{
-		AuthorizedKeys: args.SSH.AuthorizedKeys,
-		CloneURL:       args.SSH.CloneURL,
-		Port:           args.SSH.Port,
-		HostKey:        args.SSH.HostKey,
-		RepoDir:        args.RepoDir,
-	}
-	sshSrv, err := ssh.New(sshSettings)
-	if err != nil {
-		panic(err)
-	}
-	go func() {
-		log.Debugf("SSH listening on ssh://localhost:%d\n", sshSettings.Port)
-		if err := sshSrv.ListenAndServe(); err != nil {
+	if args.SSH.Enable {
+		sshSettings := ssh.Settings{
+			AuthorizedKeys: args.SSH.AuthorizedKeys,
+			CloneURL:       args.SSH.CloneURL,
+			Port:           args.SSH.Port,
+			HostKey:        args.SSH.HostKey,
+			RepoDir:        args.RepoDir,
+		}
+		sshSrv, err := ssh.New(sshSettings)
+		if err != nil {
 			panic(err)
 		}
-	}()
+		go func() {
+			log.Debugf("SSH listening on ssh://localhost:%d\n", sshSettings.Port)
+			if err := sshSrv.ListenAndServe(); err != nil {
+				panic(err)
+			}
+		}()
+	}
 
 	httpSettings := http.Settings{
 		Title:       args.Meta.Title,
@@ -98,15 +100,17 @@ 			Name: link.Name,
 			URL:  link.URL,
 		})
 	}
-	httpSrv := http.New(httpSettings)
-	go func() {
-		log.Debugf("HTTP listening on http://localhost:%d\n", httpSettings.Port)
-		if err := httpSrv.ListenAndServe(); err != nil {
-			panic(err)
-		}
-	}()
+	if args.HTTP.Enable {
+		httpSrv := http.New(httpSettings)
+		go func() {
+			log.Debugf("HTTP listening on http://localhost:%d\n", httpSettings.Port)
+			if err := httpSrv.ListenAndServe(); err != nil {
+				panic(err)
+			}
+		}()
+	}
 
-	if _, ok := os.LookupEnv("TS_AUTHKEY"); ok {
+	if args.Tailscale.Enable {
 		tailnetSettings := httpSettings
 		tailnetSettings.ShowPrivate = true
 		tailnetSrv := http.New(tailnetSettings)
M flake.nix -> flake.nix
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

diff --git a/flake.nix b/flake.nix
index bf67a0f284186c24abc2176f46d84a9553f74779..b693a7a25666ae29a9f945bb776b84f42e8f4801 100644
--- a/flake.nix
+++ b/flake.nix
@@ -76,7 +76,9 @@       yamlFormat = pkgs.formats.yaml {};
       configFile = pkgs.writeText "ugit.yaml" (builtins.readFile (yamlFormat.generate "ugit-yaml" cfg.config));
       authorizedKeysFile = pkgs.writeText "ugit_keys" (builtins.concatStringsSep "\n" cfg.authorizedKeys);
     in {
-      options = with lib; {
+      options = let
+        inherit (lib) mkEnableOption mkOption types;
+      in {
         services.ugit = {
           enable = mkEnableOption "Enable ugit";
 
@@ -84,6 +86,12 @@           package = mkOption {
             type = types.package;
             description = "ugit package to use";
             default = ugit;
+          };
+
+          tsAuthKey = mkOption {
+            type = types.str;
+            description = "Tailscale one-time auth-key";
+            default = "";
           };
 
           repoDir = mkOption {
@@ -155,7 +163,12 @@             authorizedKeysPath =
               if (builtins.length cfg.authorizedKeys) > 0
               then authorizedKeysFile
               else cfg.authorizedKeysFile;
-            args = ["--config=${configFile}" "--repo-dir=${cfg.repoDir}" "--ssh.authorized-keys=${authorizedKeysPath}" "--ssh.host-key=${cfg.hostKeyFile}"];
+            args = [
+              "--config=${configFile}"
+              "--repo-dir=${cfg.repoDir}"
+              "--ssh.authorized-keys=${authorizedKeysPath}"
+              "--ssh.host-key=${cfg.hostKeyFile}"
+            ];
           in "${cfg.package}/bin/ugitd ${builtins.concatStringsSep " " args}";
           wantedBy = ["multi-user.target"];
           after = ["network.target"];
@@ -166,6 +179,7 @@             Group = cfg.group;
             Restart = "always";
             RestartSec = "15";
             WorkingDirectory = "/var/lib/ugit";
+            Environment = ["TS_AUTHKEY=${cfg.tsAuthKey}"];
           };
         };
       };