From cb8f050b9c6322c060af8580bfdac44fbd13cb5e Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Wed, 16 Feb 2022 21:30:17 +0300 Subject: refactor(ops/modules): Move cgit configuration into a module The ancient `//web/cgit-taz` path stems from the time I had code.tazj.in serving my initial version of the depot. I've been meaning to clean this up for forever, so here we go. Note that this leaves the git-serving module in a strange state where it only deals with josh. I'll rename it accordingly. Change-Id: I47ed1e9d90958299b5440a18a1b9075274754e33 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5294 Tested-by: BuildkiteCI Autosubmit: tazjin Reviewed-by: sterni --- ops/machines/whitby/default.nix | 2 + ops/modules/cgit/default.nix | 92 +++++++++++++++++++++++++++++++++++ ops/modules/cgit/thttpd_cgi_idx.patch | 13 +++++ ops/modules/git-serving.nix | 23 +-------- 4 files changed, 108 insertions(+), 22 deletions(-) create mode 100644 ops/modules/cgit/default.nix create mode 100644 ops/modules/cgit/thttpd_cgi_idx.patch (limited to 'ops') diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 11493b930b..66f5890f8b 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -8,6 +8,7 @@ in { imports = [ "${depot.path}/ops/modules/atward.nix" + "${depot.path}/ops/modules/cgit/default.nix" "${depot.path}/ops/modules/clbot.nix" "${depot.path}/ops/modules/gerrit-queue.nix" "${depot.path}/ops/modules/git-serving.nix" @@ -392,6 +393,7 @@ in nixery.enable = true; # Run cgit & josh to serve git + cgit.enable = true; git-serving.enable = true; # Configure backups to GleSYS diff --git a/ops/modules/cgit/default.nix b/ops/modules/cgit/default.nix new file mode 100644 index 0000000000..580b8384bd --- /dev/null +++ b/ops/modules/cgit/default.nix @@ -0,0 +1,92 @@ +# Configuration for running the TVL cgit instance using thttpd. +{ config, depot, lib, pkgs, ... }: + +let + inherit (pkgs) writeText; + + cfg = config.services.depot.cgit; + + cgitConfig = writeText "cgitrc" '' + # Global configuration + virtual-root=/ + enable-http-clone=0 + readme=:README.md + about-filter=${depot.tools.cheddar.about-filter}/bin/cheddar-about + source-filter=${depot.tools.cheddar}/bin/cheddar + enable-log-filecount=1 + enable-log-linecount=1 + enable-follow-links=1 + enable-blame=1 + mimetype-file=${pkgs.mime-types}/etc/mime.types + logo=https://static.tvl.fyi/${depot.web.static.drvHash}/logo-animated.svg + + # Repository configuration + repo.url=depot + repo.path=/var/lib/gerrit/git/depot.git/ + repo.desc=monorepo for the virus lounge + repo.owner=The Virus Lounge + repo.clone-url=https://code.tvl.fyi/depot.git + ''; + + thttpdConfig = writeText "thttpd.conf" '' + port=${toString cfg.port} + dir=${depot.third_party.cgit}/cgit + nochroot + novhost + cgipat=**.cgi + ''; + + # Patched version of thttpd that serves cgit.cgi as the index and + # sets the environment variable for pointing cgit at the correct + # configuration. + # + # Things are done this way because recompilation of thttpd is much + # faster than cgit. + thttpdConfigPatch = writeText "thttpd_cgit_conf.patch" '' + diff --git a/libhttpd.c b/libhttpd.c + index c6b1622..eef4b73 100644 + --- a/libhttpd.c + +++ b/libhttpd.c + @@ -3055,4 +3055,6 @@ make_envp( httpd_conn* hc ) + + envn = 0; + + // force cgit to load the correct configuration + + envp[envn++] = "CGIT_CONFIG=${cgitConfig}"; + envp[envn++] = build_env( "PATH=%s", CGI_PATH ); + #ifdef CGI_LD_LIBRARY_PATH + ''; + + thttpdCgit = pkgs.thttpd.overrideAttrs (old: { + patches = [ + ./thttpd_cgi_idx.patch + thttpdConfigPatch + ]; + }); +in +{ + options.services.depot.cgit = with lib; { + enable = mkEnableOption "Run cgit web interface for depot"; + + port = mkOption { + description = "Port on which cgit should listen"; + type = types.int; + default = 2448; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.services.cgit = { + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + Restart = "on-failure"; + User = "git"; + Group = "git"; + + ExecStart = pkgs.writeShellScript "cgit-launch" '' + exec ${thttpdCgit}/bin/thttpd -D -C ${thttpdConfig} + ''; + }; + }; + }; +} diff --git a/ops/modules/cgit/thttpd_cgi_idx.patch b/ops/modules/cgit/thttpd_cgi_idx.patch new file mode 100644 index 0000000000..67dbc0c7ab --- /dev/null +++ b/ops/modules/cgit/thttpd_cgi_idx.patch @@ -0,0 +1,13 @@ +diff --git a/config.h b/config.h +index 65ab1e3..cde470f 100644 +--- a/config.h ++++ b/config.h +@@ -327,7 +327,7 @@ + /* CONFIGURE: A list of index filenames to check. The files are searched + ** for in this order. + */ +-#define INDEX_NAMES "index.html", "index.htm", "index.xhtml", "index.xht", "Default.htm", "index.cgi" ++#define INDEX_NAMES "cgit.cgi" + + /* CONFIGURE: If this is defined then thttpd will automatically generate + ** index pages for directories that don't have an explicit index file. diff --git a/ops/modules/git-serving.nix b/ops/modules/git-serving.nix index 49af01a0fd..57f08cbc5f 100644 --- a/ops/modules/git-serving.nix +++ b/ops/modules/git-serving.nix @@ -1,13 +1,4 @@ -# Configures public git-serving infrastructure for TVL, this involves: -# -# 1. cgit (running at code.tvl.fyi) for web views of the repository -# 2. josh (for cloning the repository and its distinct subtrees) -# -# We also run Sourcegraph for browsing the repository, but this is -# currently configured in a separate module -# (//ops/modules/sourcegraph.nix) -# -# TODO(tazjin): Move //web/cgit-taz configuration in here instead. +# Configures the public josh instance for serving the depot. { config, depot, lib, pkgs, ... }: let @@ -25,18 +16,6 @@ in }; config = lib.mkIf cfg.enable { - # Run cgit for the depot. The onion here is nginx(thttpd(cgit)). - systemd.services.cgit = { - wantedBy = [ "multi-user.target" ]; - script = "${depot.web.cgit-taz}/bin/cgit-launch"; - - serviceConfig = { - Restart = "on-failure"; - User = "git"; - Group = "git"; - }; - }; - # Run josh for the depot. systemd.services.josh = { description = "josh - partial cloning of monorepos"; -- cgit 1.4.1