diff options
author | Franck Cuny <franck@fcuny.net> | 2022-05-26 08:11:28 -0700 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2022-05-26 08:14:38 -0700 |
commit | f4fbea2c6a9838d4f117822d56691ad5456b1130 (patch) | |
tree | a739f92c645c8778b9f4b545fa3f5574101049cc | |
parent | ref(dnsupdate): move under tools (diff) | |
download | world-f4fbea2c6a9838d4f117822d56691ad5456b1130.tar.gz |
feat(gerrit): add the gerrit server
Gerrit is a tool for doing code review for git. It will be running at cl.fcuny.net and will be the main way to interact with my git repositories.
-rw-r--r-- | modules/services/default.nix | 1 | ||||
-rw-r--r-- | modules/services/gerrit/default.nix | 50 |
2 files changed, 51 insertions, 0 deletions
diff --git a/modules/services/default.nix b/modules/services/default.nix index 538e564..ae9be9c 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -6,6 +6,7 @@ ./backup ./drone ./fwupd + ./gerrit ./gitea ./gnome ./grafana diff --git a/modules/services/gerrit/default.nix b/modules/services/gerrit/default.nix new file mode 100644 index 0000000..3d0e3df --- /dev/null +++ b/modules/services/gerrit/default.nix @@ -0,0 +1,50 @@ +{ config, pkgs, lib, ... }: +let cfg = config.my.services.gerrit; +in { + options.my.services.gerrit = with lib; { + enable = mkEnableOption "gerrit git server"; + vhostName = mkOption { + type = types.str; + example = "cl.fcuny.net"; + description = "Name for the virtual host"; + }; + }; + + config = lib.mkIf cfg.enable { + services.gerrit = { + enable = true; + listenAddress = "[::]:4778"; + builtinPlugins = [ "download-commands" "hooks" ]; + jvmHeapLimit = "4g"; + + settings = { + core.packedGitLimit = "100m"; + log.jsonLogging = true; + log.textLogging = false; + sshd.advertisedAddress = "git.fcuny.net:29418"; + cache.web_sessions.maxAge = "3 months"; + plugins.allowRemoteAdmin = false; + change.enableAttentionSet = true; + change.enableAssignee = false; + + gerrit = { + canonicalWebUrl = "https://${cfg.vhostName}"; + docUrl = "/Documentation"; + }; + + httpd.listenUrl = "proxy-https://${cfg.listenAddress}"; + + download.command = [ "checkout" "cherry_pick" "format_patch" "pull" ]; + + # Receiving email is not currently supported. + sendemail = { enable = false; }; + }; + }; + + services.nginx.virtualHosts."${cfg.vhostName}}" = { + forceSSL = true; + enableACME = true; + locations."/" = { proxyPass = "http://127.0.0.1:4778"; }; + }; + }; +} |