summary refs log tree commit diff stats
path: root/modules/git/git.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/git/git.nix')
-rw-r--r--modules/git/git.nix33
1 files changed, 33 insertions, 0 deletions
diff --git a/modules/git/git.nix b/modules/git/git.nix
new file mode 100644
index 0000000..f39ed38
--- /dev/null
+++ b/modules/git/git.nix
@@ -0,0 +1,33 @@
+{ pkgs, libs, config, ... }:
+{
+
+  users.users.git = {
+    isSystemUser = true;
+    group = "git";
+    home = "/var/lib/git-server";
+    createHome = true;
+    shell = "${pkgs.git}/bin/git-shell";
+    openssh.authorizedKeys.keys = config.users.users.admin.openssh.authorizedKeys.keys;
+  };
+
+  users.groups.git = {};
+
+  services.openssh.extraConfig = ''
+    Match user git
+      AllowTcpForwarding no
+      AllowAgentForwarding no
+      PasswordAuthentication no
+      PermitTTY no
+      X11Forwarding no
+  '';
+
+  systemd.services.github-mirror = {
+    enable = true;
+    wantedBy = ["multi-user.target"];
+    serviceConfig = {
+      ExecStart = ''/run/current-system/sw/bin/bash /var/lib/git-server/mirror-script.sh'';
+      User = ''git'';
+      Group = ''git'';
+    };
+  };
+}