From 151500dba39f7b6930b55b5eda1cc147c1d1d45a Mon Sep 17 00:00:00 2001
From: Malte Brandy <malte.brandy@maralorn.de>
Date: Wed, 6 Feb 2019 11:46:33 +0100
Subject: [PATCH] Add gitolite

---
 hosts/hera/configuration.nix  |  1 +
 system/default.nix            |  1 +
 system/modules/git-server.nix | 30 ++++++++++++++++++++++++++++++
 3 files changed, 32 insertions(+)
 create mode 100644 system/modules/git-server.nix

diff --git a/hosts/hera/configuration.nix b/hosts/hera/configuration.nix
index 7b976ffe..d07d267a 100644
--- a/hosts/hera/configuration.nix
+++ b/hosts/hera/configuration.nix
@@ -72,6 +72,7 @@ m-0 = {
   # dropbearkey -t rsa -f /etc/nixos/hosts/<hostname>/secret/boot_rsa
   server.enable = true;
   standalone.enable = true;
+  git-server.enable = true;
 };
 
 home-manager.users."${me.user}" = (import ./home.nix);
diff --git a/system/default.nix b/system/default.nix
index 98ce6a83..76dfcf00 100644
--- a/system/default.nix
+++ b/system/default.nix
@@ -6,6 +6,7 @@ in {
     <home-manager/nixos>
     ../common
     ./modules/laptop.nix
+    ./modules/git-server.nix
     ./modules/server
     ./modules/standalone
     "${builtins.fetchGit "ssh://git@git.darmstadt.ccc.de/cdark.net/nixdark"}/default.nix"
diff --git a/system/modules/git-server.nix b/system/modules/git-server.nix
new file mode 100644
index 00000000..a1e3b9cd
--- /dev/null
+++ b/system/modules/git-server.nix
@@ -0,0 +1,30 @@
+{ config, pkgs, lib, ... }:
+with lib;
+
+let
+
+  me = config.m-0.private.me;
+
+in
+{
+  options = {
+    m-0.git-server.enable = mkOption {
+      type = types.bool;
+      default = false;
+    };
+  };
+  config = mkIf config.m-0.git-server.enable {
+    services.gitolite = {
+      enable = true;
+      user = "git";
+      adminPubkey = builtins.elemAt me.keys 0;
+      extraGitoliteRc = ''
+        $RC{AUTH_OPTIONS} = 'no-port-forwarding,no-X11-forwarding,no-pty';
+      '';
+      commonHooks = [ (builtins.toFile "post-update" ''
+        [ -z $GL_OPTION_MIRROR ] && exit
+	git push --all $GL_OPTION_MIRROR
+      '') ];
+    };
+  };
+}