From 405b7ec95b8dd0c06caa0e4030760821aff370bc Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Sun, 12 Jul 2020 14:02:50 +0100 Subject: feat(whitby): Enable Gerrit & cgit deployments Change-Id: Ic701552e130252cfff005938d9c4e98423a7a96a Reviewed-on: https://cl.tvl.fyi/c/depot/+/1069 Reviewed-by: lukegb Tested-by: BuildkiteCI --- ops/nixos/whitby/default.nix | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'ops/nixos/whitby/default.nix') diff --git a/ops/nixos/whitby/default.nix b/ops/nixos/whitby/default.nix index 7c10719450a8..0c348e0f1165 100644 --- a/ops/nixos/whitby/default.nix +++ b/ops/nixos/whitby/default.nix @@ -17,13 +17,17 @@ in { imports = [ "${depot.depotPath}/ops/nixos/clbot.nix" "${depot.depotPath}/ops/nixos/depot.nix" + "${depot.depotPath}/ops/nixos/monorepo-gerrit.nix" "${depot.depotPath}/ops/nixos/smtprelay.nix" "${depot.depotPath}/ops/nixos/sourcegraph.nix" "${depot.depotPath}/ops/nixos/tvl-slapd/default.nix" "${depot.depotPath}/ops/nixos/tvl-sso/default.nix" + "${depot.depotPath}/ops/nixos/www/cl.tvl.fyi.nix" + "${depot.depotPath}/ops/nixos/www/code.tvl.fyi.nix" "${depot.depotPath}/ops/nixos/www/cs.tvl.fyi.nix" "${depot.depotPath}/ops/nixos/www/login.tvl.fyi.nix" "${depot.depotPath}/ops/nixos/www/tvl.fyi.nix" + "${depot.third_party.nixpkgsSrc}/nixos/modules/services/web-apps/gerrit.nix" ]; hardware = { @@ -110,7 +114,7 @@ in { interface = "enp196s0"; }; - firewall.allowedTCPPorts = [ 22 80 443 4238 ]; + firewall.allowedTCPPorts = [ 22 80 443 4238 29418 ]; interfaces.enp196s0.useDHCP = true; interfaces.enp196s0.ipv6.addresses = [ @@ -204,6 +208,18 @@ in { zfstools ]; + # Run cgit for the depot. The onion here is nginx(thttpd(cgit)). + systemd.services.cgit = { + wantedBy = [ "multi-user.target" ]; + script = "${depot.web.cgit-taz}/bin/cgit-launch"; + + serviceConfig = { + Restart = "on-failure"; + User = "git"; + Group = "git"; + }; + }; + security.sudo.extraRules = [ { groups = ["wheel"]; -- cgit 1.4.1