hmenke · January 21, 2021 21:32 · afix-space · Jan 20, 2021
diff --git a/cgit.nix b/cgit.nix
 { config, lib, pkgs, ... }:

 with lib;
 let
  globalConfig = config;
  settingsFormat = {
    type = with lib.types; let
      value = oneOf [ int str ] // {
        description = "INI-like atom (int or string)";
      };
      values = coercedTo value lib.singleton (listOf value) // {
        description = value.description + " or a list of them for duplicate keys";
      };
    in
    attrsOf (values);
    generate = name: values:
      pkgs.writeText name (lib.generators.toKeyValue { listsAsDuplicateKeys = true; } values);
  };
 in
 {
  options.services.nginx.virtualHosts = mkOption {
    type = types.attrsOf (types.submodule ({ config, ... }:
      let
        cfg = config.cgit;

        # These are the global options for this submodule, but for nicer UX they
        # are inlined into the freeform settings.  Hence they MUST NOT INTERSECT
        # with any settings from cgitrc!
        options = {
          enable = mkEnableOption "cgit";

          location = mkOption {
            default = "/";
            type = types.str;
            description = ''
              Location to serve cgit on.
            '';
          };
        };

        # Remove the global options for serialization into cgitrc
        settings = removeAttrs cfg (attrNames options);
      in
      {
        options.cgit = mkOption {
          type = types.submodule {
            freeformType = settingsFormat.type;
            inherit options;
            config = {
              css = mkDefault "/cgit.css";
              logo = mkDefault "/cgit.png";
              favicon = mkDefault "/favicon.ico";
            };
          };
          default = { };
          example = literalExample ''
            {
              enable = true;
              virtual-root = "/";
              source-filter = "''${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py";
              about-filter = "''${pkgs.cgit}/lib/cgit/filters/about-formatting.sh";
              cache-size = 1000;
              scan-path = "/srv/git";
              include = [
                (builtins.toFile "cgitrc-extra-1" '''
                  # Anything that has to be in a particular order
                ''')
                (builtins.toFile "cgitrc-extra-2" '''
                  # Anything that has to be in a particular order
                ''')
              ];
            }
          '';
          description = ''
            Verbatim contents of the cgit runtime configuration file. Documentation
            (with cgitrc example file) is available in "man cgitrc". Or online:
            http://git.zx2c4.com/cgit/tree/cgitrc.5.txt
          '';
        };

        config = let
          location = removeSuffix "/" cfg.location;
        in mkIf cfg.enable {

          locations."${location}/" = {
            root = "${pkgs.cgit}/cgit/";
            tryFiles = "$uri @cgit";
          };
          locations."~ ^${location}/(cgit.(css|png)|favicon.ico|robots.txt)$" = {
            alias = "${pkgs.cgit}/cgit/$1";
          };
          locations."@cgit" = {
            extraConfig = ''
              include ${pkgs.nginx}/conf/fastcgi_params;
              fastcgi_param   CGIT_CONFIG     ${settingsFormat.generate "cgitrc" settings};
              fastcgi_param   SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi;
              fastcgi_param   QUERY_STRING    $args;
              fastcgi_param   HTTP_HOST       $server_name;
              fastcgi_pass    unix:${globalConfig.services.fcgiwrap.socketAddress};
            '' + (
              if cfg.location == "/"
              then
                ''
                  fastcgi_param   PATH_INFO   $uri;
                ''
              else
                ''
                  fastcgi_split_path_info  ^(${location}/)(/?.+)$;
                  fastcgi_param  PATH_INFO  $fastcgi_path_info;
                ''
            );
          };
        };

      }));
  };

  config =
    let
      vhosts = config.services.nginx.virtualHosts;
    in
    mkIf (any (name: vhosts.${name}.cgit.enable) (attrNames vhosts)) {
      # make the cgitrc manpage available
      environment.systemPackages = [ pkgs.cgit ];

      services.fcgiwrap.enable = true;
    };

  meta = {
    maintainers = with lib.maintainers; [ afix-space hmenke ];
  };
 }
diff --git a/test.nix b/test.nix
 # nix-build test.nix -A driver
 # ./result/bin/nixos-test-driver
 # >>> test_script()

 {
  "http-clone" = import <nixpkgs/nixos/tests/make-test-python.nix> ({ lib, ... }: {
    name = "nginx-cgit-http-clone";
    meta = {
      maintainers = with lib.maintainers; [ afix-space hmenke ];
    };
  
    machine = { pkgs, ... }: {
      imports = [
        ./cgit.nix
      ];
  
      environment.systemPackages = [ pkgs.git ];
  
      services.nginx.enable = true;
      services.nginx.virtualHosts."localhost" = {
        cgit = {
          enable = true;
          virtual-root = "/";
          include = [
            (builtins.toFile "cgitrc-extra-1" ''
              repo.url=test-repo.git
              repo.path=/srv/git/test-repo.git
              repo.desc=the master foo repository
              [email protected]
            '')
            (builtins.toFile "cgitrc-extra-2" ''
              # Allow http transport git clone
              enable-http-clone=1
            '')
          ];
        };
      };
    };
  
    testScript = ''
      # Set up a test repository with only a single file that contains the string
      # "Hello World!".
      machine.succeed(
          """
          git config --global user.name "NixOS Test"
          git config --global user.email "NixOS Test"
          git init
          echo -n "Hello world!" > test.txt
          git add test.txt
          git commit -am "Test commit"
          git init --bare /srv/git/test-repo.git
          git push /srv/git/test-repo.git master
          """
      )
  
      machine.wait_for_unit("nginx.service")
  
      # Clone the repo on the client through cgit's http clone interface and
      # verify that the test file string is correct.
      text = machine.succeed(
          """
          git clone http://127.0.0.1/test-repo.git /tmp/test-repo
          cat /tmp/test-repo/test.txt
          """
      )
      assert text == "Hello world!", "Defective clone from cgit"
    '';
  });

  "location" = import <nixpkgs/nixos/tests/make-test-python.nix> ({ lib, ... }: {
    name = "nginx-cgit-location";
    meta = {
      maintainers = with lib.maintainers; [ afix-space hmenke ];
    };
  
    machine = { pkgs, ... }: {
      imports = [
        ./cgit.nix
      ];
  
      environment.systemPackages = [ pkgs.git ];
  
      services.nginx.enable = true;
      services.nginx.virtualHosts."localhost" = {
        cgit = {
          enable = true;
          location = "/somewhere/else/";
        };
      };
    };
  
    testScript = ''
      machine.wait_for_unit("nginx.service")
      machine.succeed("curl -fo /dev/null http://127.0.0.1/somewhere/else/cgit.png")
      machine.succeed("curl -fo /dev/null http://127.0.0.1/somewhere/else/cgit.css")
      machine.succeed("curl -fo /dev/null http://127.0.0.1/somewhere/else/favicon.ico")
      machine.succeed("curl -fo /dev/null http://127.0.0.1/somewhere/else/robots.txt")
    '';
  });

 }
	{ config, lib, pkgs, ... }:

	with lib;
	let
	globalConfig = config;
	settingsFormat = {
	type = with lib.types; let
	value = oneOf [ int str ] // {
	description = "INI-like atom (int or string)";
	};
	values = coercedTo value lib.singleton (listOf value) // {
	description = value.description + " or a list of them for duplicate keys";
	};
	in
	attrsOf (values);
	generate = name: values:
	pkgs.writeText name (lib.generators.toKeyValue { listsAsDuplicateKeys = true; } values);
	};
	in
	{
	options.services.nginx.virtualHosts = mkOption {
	type = types.attrsOf (types.submodule ({ config, ... }:
	let
	cfg = config.cgit;

	# These are the global options for this submodule, but for nicer UX they
	# are inlined into the freeform settings. Hence they MUST NOT INTERSECT
	# with any settings from cgitrc!
	options = {
	enable = mkEnableOption "cgit";

	location = mkOption {
	default = "/";
	type = types.str;
	description = ''
	Location to serve cgit on.
	'';
	};
	};

	# Remove the global options for serialization into cgitrc
	settings = removeAttrs cfg (attrNames options);
	in
	{
	options.cgit = mkOption {
	type = types.submodule {
	freeformType = settingsFormat.type;
	inherit options;
	config = {
	css = mkDefault "/cgit.css";
	logo = mkDefault "/cgit.png";
	favicon = mkDefault "/favicon.ico";
	};
	};
	default = { };
	example = literalExample ''
	{
	enable = true;
	virtual-root = "/";
	source-filter = "''${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py";
	about-filter = "''${pkgs.cgit}/lib/cgit/filters/about-formatting.sh";
	cache-size = 1000;
	scan-path = "/srv/git";
	include = [
	(builtins.toFile "cgitrc-extra-1" '''
	# Anything that has to be in a particular order
	''')
	(builtins.toFile "cgitrc-extra-2" '''
	# Anything that has to be in a particular order
	''')
	];
	}
	'';
	description = ''
	Verbatim contents of the cgit runtime configuration file. Documentation
	(with cgitrc example file) is available in "man cgitrc". Or online:
	http://git.zx2c4.com/cgit/tree/cgitrc.5.txt
	'';
	};

	config = let
	location = removeSuffix "/" cfg.location;
	in mkIf cfg.enable {

	locations."${location}/" = {
	root = "${pkgs.cgit}/cgit/";
	tryFiles = "$uri @cgit";
	};
	locations."~ ^${location}/(cgit.(css\|png)\|favicon.ico\|robots.txt)$" = {
	alias = "${pkgs.cgit}/cgit/$1";
	};
	locations."@cgit" = {
	extraConfig = ''
	include ${pkgs.nginx}/conf/fastcgi_params;
	fastcgi_param CGIT_CONFIG ${settingsFormat.generate "cgitrc" settings};
	fastcgi_param SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi;
	fastcgi_param QUERY_STRING $args;
	fastcgi_param HTTP_HOST $server_name;
	fastcgi_pass unix:${globalConfig.services.fcgiwrap.socketAddress};
	'' + (
	if cfg.location == "/"
	then
	''
	fastcgi_param PATH_INFO $uri;
	''
	else
	''
	fastcgi_split_path_info ^(${location}/)(/?.+)$;
	fastcgi_param PATH_INFO $fastcgi_path_info;
	''
	);
	};
	};

	}));
	};

	config =
	let
	vhosts = config.services.nginx.virtualHosts;
	in
	mkIf (any (name: vhosts.${name}.cgit.enable) (attrNames vhosts)) {
	# make the cgitrc manpage available
	environment.systemPackages = [ pkgs.cgit ];

	services.fcgiwrap.enable = true;
	};

	meta = {
	maintainers = with lib.maintainers; [ afix-space hmenke ];
	};
	}
	# nix-build test.nix -A driver
	# ./result/bin/nixos-test-driver
	# >>> test_script()

	{
	"http-clone" = import <nixpkgs/nixos/tests/make-test-python.nix> ({ lib, ... }: {
	name = "nginx-cgit-http-clone";
	meta = {
	maintainers = with lib.maintainers; [ afix-space hmenke ];
	};

	machine = { pkgs, ... }: {
	imports = [
	./cgit.nix
	];

	environment.systemPackages = [ pkgs.git ];

	services.nginx.enable = true;
	services.nginx.virtualHosts."localhost" = {
	cgit = {
	enable = true;
	virtual-root = "/";
	include = [
	(builtins.toFile "cgitrc-extra-1" ''
	repo.url=test-repo.git
	repo.path=/srv/git/test-repo.git
	repo.desc=the master foo repository
	[email protected]
	'')
	(builtins.toFile "cgitrc-extra-2" ''
	# Allow http transport git clone
	enable-http-clone=1
	'')
	];
	};
	};
	};

	testScript = ''
	# Set up a test repository with only a single file that contains the string
	# "Hello World!".
	machine.succeed(
	"""
	git config --global user.name "NixOS Test"
	git config --global user.email "NixOS Test"
	git init
	echo -n "Hello world!" > test.txt
	git add test.txt
	git commit -am "Test commit"
	git init --bare /srv/git/test-repo.git
	git push /srv/git/test-repo.git master
	"""
	)

	machine.wait_for_unit("nginx.service")

	# Clone the repo on the client through cgit's http clone interface and
	# verify that the test file string is correct.
	text = machine.succeed(
	"""
	git clone http://127.0.0.1/test-repo.git /tmp/test-repo
	cat /tmp/test-repo/test.txt
	"""
	)
	assert text == "Hello world!", "Defective clone from cgit"
	'';
	});

	"location" = import <nixpkgs/nixos/tests/make-test-python.nix> ({ lib, ... }: {
	name = "nginx-cgit-location";
	meta = {
	maintainers = with lib.maintainers; [ afix-space hmenke ];
	};

	machine = { pkgs, ... }: {
	imports = [
	./cgit.nix
	];

	environment.systemPackages = [ pkgs.git ];

	services.nginx.enable = true;
	services.nginx.virtualHosts."localhost" = {
	cgit = {
	enable = true;
	location = "/somewhere/else/";
	};
	};
	};

	testScript = ''
	machine.wait_for_unit("nginx.service")
	machine.succeed("curl -fo /dev/null http://127.0.0.1/somewhere/else/cgit.png")
	machine.succeed("curl -fo /dev/null http://127.0.0.1/somewhere/else/cgit.css")
	machine.succeed("curl -fo /dev/null http://127.0.0.1/somewhere/else/favicon.ico")
	machine.succeed("curl -fo /dev/null http://127.0.0.1/somewhere/else/robots.txt")
	'';
	});

	}