hosts/ivy: serve git repos w legit; init bare repo on push
vi did:web:vt3e.cat
Tue, 05 May 2026 21:48:02 +0100
2 files changed,
63 insertions(+),
4 deletions(-)
M
hosts/ivy/ports.nix
→
hosts/ivy/ports.nix
@@ -5,8 +5,8 @@ ports = {
vaultwarden = 8222; immich = 8081; navidrome = 4051; - tranquil = 8091; + legit = 5555; }; in {
M
hosts/ivy/services/git.nix
→
hosts/ivy/services/git.nix
@@ -1,12 +1,36 @@
-{ pkgs, ... }: +{ config, pkgs, ... }: +let + gitshell = pkgs.writeShellScriptBin "gitshell" '' + if [ "$1" = "-c" ]; then + CMD="$2" + + if [[ $CMD =~ ^git-receive-pack\ (.*)$ ]]; then + REPO="''${BASH_REMATCH[1]}" + + REPO="''${REPO#\'}" + REPO="''${REPO%\'}" + + REPO_PATH="/var/lib/git-server/$REPO" + + # init as bare repo if it doesnt exist + if [ ! -d "$REPO_PATH" ]; then + echo "Initializing new bare repository: $REPO" >&2 + ${pkgs.git}/bin/git init --bare -b main "$REPO_PATH" >&2 + fi + fi + fi + + exec ${pkgs.git}/bin/git-shell "$@" + ''; +in { - groups.git = { }; + users.groups.git = { }; users.users.git = { isSystemUser = true; group = "git"; home = "/var/lib/git-server"; createHome = true; - shell = "${pkgs.git}/bin/git-shell"; + shell = "${gitshell}/bin/git-auto-init-shell"; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDXt8vkpi9jOp9dCjoS8u0dC4fDdgb73w8z7VNI42FB did:web:vt3e.cat" ];@@ -20,4 +44,39 @@ PasswordAuthentication no
PermitTTY no X11Forwarding no ''; + + services.legit = { + enable = true; + + user = "git"; + group = "git"; + + settings = { + server = { + name = "192.168.1.107"; + host = "0.0.0.0"; + port = config.svports.legit; + }; + + meta = { + title = "git"; + description = "bweh"; + }; + + repo = { + scanPath = "/var/lib/git-server"; + ignore = [ + ".vscode-server" + ]; + mainBranch = [ + "main" + "master" + ]; + readme = [ + "README.md" + "README" + ]; + }; + }; + }; }