about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2022-05-26 08:11:28 -0700
committerFranck Cuny <franck@fcuny.net>2022-05-26 08:14:38 -0700
commitf4fbea2c6a9838d4f117822d56691ad5456b1130 (patch)
treea739f92c645c8778b9f4b545fa3f5574101049cc
parentref(dnsupdate): move under tools (diff)
downloadworld-f4fbea2c6a9838d4f117822d56691ad5456b1130.tar.gz
feat(gerrit): add the gerrit server
Gerrit is a tool for doing code review for git. It will be running at
cl.fcuny.net and will be the main way to interact with my git
repositories.
-rw-r--r--modules/services/default.nix1
-rw-r--r--modules/services/gerrit/default.nix50
2 files changed, 51 insertions, 0 deletions
diff --git a/modules/services/default.nix b/modules/services/default.nix
index 538e564..ae9be9c 100644
--- a/modules/services/default.nix
+++ b/modules/services/default.nix
@@ -6,6 +6,7 @@
     ./backup
     ./drone
     ./fwupd
+    ./gerrit
     ./gitea
     ./gnome
     ./grafana
diff --git a/modules/services/gerrit/default.nix b/modules/services/gerrit/default.nix
new file mode 100644
index 0000000..3d0e3df
--- /dev/null
+++ b/modules/services/gerrit/default.nix
@@ -0,0 +1,50 @@
+{ config, pkgs, lib, ... }:
+let cfg = config.my.services.gerrit;
+in {
+  options.my.services.gerrit = with lib; {
+    enable = mkEnableOption "gerrit git server";
+    vhostName = mkOption {
+      type = types.str;
+      example = "cl.fcuny.net";
+      description = "Name for the virtual host";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.gerrit = {
+      enable = true;
+      listenAddress = "[::]:4778";
+      builtinPlugins = [ "download-commands" "hooks" ];
+      jvmHeapLimit = "4g";
+
+      settings = {
+        core.packedGitLimit = "100m";
+        log.jsonLogging = true;
+        log.textLogging = false;
+        sshd.advertisedAddress = "git.fcuny.net:29418";
+        cache.web_sessions.maxAge = "3 months";
+        plugins.allowRemoteAdmin = false;
+        change.enableAttentionSet = true;
+        change.enableAssignee = false;
+
+        gerrit = {
+          canonicalWebUrl = "https://${cfg.vhostName}";
+          docUrl = "/Documentation";
+        };
+
+        httpd.listenUrl = "proxy-https://${cfg.listenAddress}";
+
+        download.command = [ "checkout" "cherry_pick" "format_patch" "pull" ];
+
+        # Receiving email is not currently supported.
+        sendemail = { enable = false; };
+      };
+    };
+
+    services.nginx.virtualHosts."${cfg.vhostName}}" = {
+      forceSSL = true;
+      enableACME = true;
+      locations."/" = { proxyPass = "http://127.0.0.1:4778"; };
+    };
+  };
+}