add a barebones git server with cgit-ping as a web frontend

The serves works as a mirror for my github account, a shell script
resyncs the mirror every day

1 files changed, 33 insertions, 0 deletions

diff --git a/modules/git/git.nix b/modules/git/git.nix
new file mode 100644
index 0000000..f39ed38
--- /dev/null
+++ b/modules/git/git.nix
@@ -0,0 +1,33 @@
+{ pkgs, libs, config, ... }:
+{
+
+  users.users.git = {
+    isSystemUser = true;
+    group = "git";
+    home = "/var/lib/git-server";
+    createHome = true;
+    shell = "${pkgs.git}/bin/git-shell";
+    openssh.authorizedKeys.keys = config.users.users.admin.openssh.authorizedKeys.keys;
+  };
+
+  users.groups.git = {};
+
+  services.openssh.extraConfig = ''
+    Match user git
+      AllowTcpForwarding no
+      AllowAgentForwarding no
+      PasswordAuthentication no
+      PermitTTY no
+      X11Forwarding no
+  '';
+
+  systemd.services.github-mirror = {
+    enable = true;
+    wantedBy = ["multi-user.target"];
+    serviceConfig = {
+      ExecStart = ''/run/current-system/sw/bin/bash /var/lib/git-server/mirror-script.sh'';
+      User = ''git'';
+      Group = ''git'';
+    };
+  };
+}