diff options
| author |  Alexander Foremny <aforemny@posteo.de> | 2024-02-23 03:33:41 +0100 |
|---|---|---|
| committer | Alexander Foremny <aforemny@posteo.de> | 2024-02-26 04:36:24 +0100 |
| commit | d2873fe0f6a117d7157c2a6f204a864f9edeb668 (patch) | |
| tree | f05455745906bbc5e20bb78cf74360ade55fdfb9 | |
| parent | 323973ecbb71b6186290a798af1c8a2c91299e18 (diff) | |
apps/cgit: add `users` option
| -rw-r--r-- | apps/cgit/appspec.nix | 8 | ||||
| -rw-r--r-- | apps/cgit/integration.nix | 9 | ||||
| -rw-r--r-- | systems/system1/configuration.nix | 14 |
3 files changed, 23 insertions, 8 deletions
diff --git a/apps/cgit/appspec.nix b/apps/cgit/appspec.nix index 8ea967c..243f477 100644 --- a/apps/cgit/appspec.nix +++ b/apps/cgit/appspec.nix @@ -24,5 +24,13 @@ type = lib.types.attrsOf (lib.types.oneOf [ lib.types.bool lib.types.int lib.types.str ]); default = { }; }; + users = lib.mkOption { + type = lib.types.nullOr (lib.types.attrsOf (lib.types.submodule { + options.publicKeyFile = lib.mkOption { + type = lib.types.str; + }; + })); + default = null; + }; }; } diff --git a/apps/cgit/integration.nix b/apps/cgit/integration.nix index ffa5b3e..8190c2a 100644 --- a/apps/cgit/integration.nix +++ b/apps/cgit/integration.nix @@ -1,13 +1,12 @@ { appConfig, lib, pkgs, ... }: { - # TODO references ../../public users.users.git.home = "/var/lib/git"; users.users.git.createHome = true; users.users.git.shell = "${pkgs.git}/bin/git-shell"; - users.users.git.openssh.authorizedKeys.keyFiles = [ - ../../public/aforemny.id_rsa.pub - ../../public/kirchner.id_rsa.pub - ]; + users.users.git.openssh.authorizedKeys.keyFiles = + lib.optionals (appConfig.users != null) (lib.mapAttrsToList + (name: attrs: attrs.publicKeyFile) + appConfig.users); bindMounts."/var/lib/git".isReadOnly = false; diff --git a/systems/system1/configuration.nix b/systems/system1/configuration.nix index a1889fb..dc9422d 100644 --- a/systems/system1/configuration.nix +++ b/systems/system1/configuration.nix @@ -1,4 +1,4 @@ -{ lib, pkgs, ... }: +{ config, lib, pkgs, ... }: { imports = [ # TODO auto-load config @@ -14,21 +14,27 @@ { networking.hostName = "system1"; } + # enable static users { fysiweb-apps.public.static-users.public.users.aforemny.publicKeyFile = toString ../../public + "/aforemny.id_rsa.pub"; fysiweb-apps.public.static-users.public.users.kirchner.publicKeyFile = toString ../../public + "/kirchner.id_rsa.pub"; } + # enable static website "nomath.org" { fysiweb-apps.public.static-website."nomath-org".domain = "nomath.org"; fysiweb-apps.public.static-website."nomath-org".root = "/var/lib/abuilder/nomath-org/main"; } + # enable static website "static.nomath.org" { fysiweb-apps.public.static-website."static-nomath-org".domain = "static.nomath.org"; fysiweb-apps.public.static-website."static-nomath-org".root = "/var/lib/abuilder/static-nomath-org/main"; } + # enable cgit "code.nomath.org" { fysiweb-apps.public.cgit."code-nomath-org".domain = "code.nomath.org"; - + fysiweb-apps.public.cgit."code-nomath-org".users = config.fysiweb.capabilities.ssh-credentials.public-static-users-public; + } + { fysiweb-apps.public.cgit."code-nomath-org".repositories."abuilder".description = "simple build daemon"; fysiweb-apps.public.cgit."code-nomath-org".repositories."anissue".description = "in-source issue management"; fysiweb-apps.public.cgit."code-nomath-org".repositories."apaperless".description = "document archival system"; @@ -36,13 +42,15 @@ fysiweb-apps.public.cgit."code-nomath-org".repositories."json2sql".description = "simple storage system"; fysiweb-apps.public.cgit."code-nomath-org".repositories."nomath-org".description = "nomath.org website"; fysiweb-apps.public.cgit."code-nomath-org".repositories."static-nomath-org".description = "static.nomath.org website"; - + } + { fysiweb-apps.public.cgit."code-nomath-org".settings.css = "https://static.nomath.org/cgit.css"; fysiweb-apps.public.cgit."code-nomath-org".settings.logo = "https://static.nomath.org/logo_cgit.png"; fysiweb-apps.public.cgit."code-nomath-org".settings.max-stats = "year"; fysiweb-apps.public.cgit."code-nomath-org".settings.root-desc = ""; fysiweb-apps.public.cgit."code-nomath-org".settings.root-title = "code.nomath.org"; } + # enable abuilder { # TODO add abuilder fysiweb app services.abuilder.enable = true; |