about summary refs log tree commit diff
path: root/ops/modules
diff options
context:
space:
mode:
Diffstat (limited to 'ops/modules')
-rw-r--r--ops/modules/git-serving.nix54
-rw-r--r--ops/modules/www/code.tvl.fyi.nix14
2 files changed, 66 insertions, 2 deletions
diff --git a/ops/modules/git-serving.nix b/ops/modules/git-serving.nix
new file mode 100644
index 000000000000..7601ba1d6184
--- /dev/null
+++ b/ops/modules/git-serving.nix
@@ -0,0 +1,54 @@
+# Configures public git-serving infrastructure for TVL, this involves:
+#
+# 1. cgit (running at code.tvl.fyi) for web views of the repository
+# 2. josh (for cloning the repository and its distinct subtrees)
+#
+# We also run Sourcegraph for browsing the repository, but this is
+# currently configured in a separate module
+# (//ops/modules/sourcegraph.nix)
+#
+# TODO(tazjin): Move //web/cgit-taz configuration in here instead.
+{ config, depot, lib, pkgs, ... }:
+
+let
+  cfg = config.services.depot.git-serving;
+in {
+  options.services.depot.git-serving = with lib; {
+    enable = mkEnableOption "Enable cgit & josh configuration";
+
+    joshPort = mkOption {
+      description = "Port on which josh should listen";
+      type = types.int;
+      default = 5674;
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    # Run cgit for the depot. The onion here is nginx(thttpd(cgit)).
+    systemd.services.cgit = {
+      wantedBy = [ "multi-user.target" ];
+      script = "${depot.web.cgit-taz}/bin/cgit-launch";
+
+      serviceConfig = {
+        Restart = "on-failure";
+        User = "git";
+        Group = "git";
+      };
+    };
+
+    # Run josh for the depot.
+    systemd.services.josh = {
+      description = "josh - partial cloning of monorepos";
+      wantedBy = [ "multi-user.target" ];
+      path = [ pkgs.git pkgs.bash ];
+
+      serviceConfig = {
+        DynamicUser = true;
+        StateDirectory = "josh";
+        Restart = "always";
+        ExecStart = "${depot.third_party.josh}/bin/josh-proxy --no-background --local /var/lib/josh --port ${toString cfg.joshPort} --remote https://cl.tvl.fyi/";
+      };
+    };
+
+  };
+}
diff --git a/ops/modules/www/code.tvl.fyi.nix b/ops/modules/www/code.tvl.fyi.nix
index c8a4b27b1b52..4c182d34f28d 100644
--- a/ops/modules/www/code.tvl.fyi.nix
+++ b/ops/modules/www/code.tvl.fyi.nix
@@ -1,4 +1,4 @@
-{ depot, ... }:
+{ depot, config, ... }:
 
 {
   imports = [
@@ -20,12 +20,22 @@
             alias ${depot.tvix.docs.svg}/component-flow.svg;
         }
 
+        # Git operations on depot.git hit josh
+        location /depot.git {
+            proxy_pass http://localhost:${toString config.services.depot.git-serving.joshPort};
+        }
+
+        # Git clone operations on '/' should be redirected to josh now.
+        location = /info/refs {
+            return 302 https://code.tvl.fyi/depot.git/info/refs$is_args$args;
+        }
+
         # Static assets must always hit the root.
         location ~ ^/(favicon\.ico|cgit\.(css|png))$ {
            proxy_pass http://localhost:2448;
         }
 
-        # Everything else hits the depot directly.
+        # Everything else is forwarded to cgit for the web view
         location / {
             proxy_pass http://localhost:2448/cgit.cgi/depot/;
         }