system.scm: Replace git-daemon-service-type with custom git-service-type

author: EuAndreh <eu@euandre.org> 2024-08-18 19:20:28 -0300
committer: EuAndreh <eu@euandre.org> 2024-08-18 19:20:28 -0300
commit: f8fe64366b2dd3d5e028fba48df0a2035a1596ce (patch)
tree: e10647e488ea4816c33387f7095838f6d793376c /src/guix/system.scm
parent: rm -rf doc/ src/development/ (diff)
download: server-f8fe64366b2dd3d5e028fba48df0a2035a1596ce.tar.gz
server-f8fe64366b2dd3d5e028fba48df0a2035a1596ce.tar.xz
1 files changed, 101 insertions, 3 deletions
diff --git a/src/guix/system.scm b/src/guix/system.scm
index 27c6439..c532e4a 100644
--- a/src/guix/system.scm
+++ b/src/guix/system.scm
@@ -7,7 +7,8 @@
   (gnu)
   (guix build-system trivial)
   (guix build utils)
-  (guix packages))
+  (guix packages)
+  (guix records))
 (use-package-modules
   admin
   ssh
@@ -21,6 +22,7 @@
   mcron
   networking
   security
+  shepherd
   ssh
   version-control
   vpn
@@ -185,6 +187,102 @@
          (mail mail)
          (entries ipv6-reverse-domain-zone))))))
 
+
+(define-record-type* <git-configuration>
+  git-configuration
+  make-git-configuration
+  git-configuration?
+  (package           git-configuration-package           (default git))
+  (user              git-configuration-user              (default "git"))
+  (group             git-configuration-group             (default "git"))
+  (export-all?       git-configuration-export-all?       (default #f))
+  (base-path         git-configuration-base-path         (default "/srv/git"))
+  (user-path         git-configuration-user-path         (default #f))
+  (run-in-container? git-configuration-run-in-container? (default #f))
+  (container-name    git-configuration-container-name    (default "git-contaner")))
+
+(define (git-command config)
+  (match-record config <git-configuration>
+      (package user group base-path run-in-container? container-name)
+    (let ((bin (file-append package "/bin/git")))
+      (if (not run-in-container?)
+        bin
+        (least-authority-wrapper
+         bin
+         #:user      user
+         #:group     group
+         #:name      container-name
+         #:directory base-path
+         #:preserved-environment-variables
+         '()
+         #:mappings
+         (list
+          (file-system-mapping
+            (source base-path)
+            (target source)
+            (writable? #t))))))))
+
+(define (git-shepherd-services config)
+  (match-record config <git-configuration>
+      (user group export-all? base-path user-path)
+    (list
+     (shepherd-service
+       (provision '(git))
+       (requirement '(networking))
+       (start
+         #~(make-forkexec-constructor
+            (list #$(git-command config)
+                  "daemon" "--syslog" "--reuseaddr"
+                  #$@(pkg:mklist (and export-all? "--export-all"))
+                  #$@(pkg:mklist (and base-path (string-append "--base-path=" base-path)))
+                  #$@(pkg:mklist (and user-path (string-append "--user-path=" user-path))))
+            #:user  #$user
+            #:group #$group))
+       (stop #~(make-kill-destructor SIGKILL))
+       (documentation "")))))
+
+(define (git-accounts config)
+  (match-record config <git-configuration>
+      (user group)
+    (list
+     (user-group
+       (name group)
+       (system? #t))
+     (user-account
+       (name user)
+       (group group)
+       (system? #t)
+       (comment "Git service user")
+       (home-directory "/var/empty")
+       (create-home-directory? #f)
+       (shell
+         (file-append shadow "/sbin/nologin"))))))
+
+(define (git-activation config)
+  (match-record config <git-configuration>
+      (base-path)
+    #~(begin
+        (use-modules (guix build utils))
+        (and=> #$base-path mkdir-p))))
+
+
+(define git-service-type
+  (service-type
+    (name 'git)
+    (extensions
+      (list
+       (service-extension shepherd-root-service-type
+                          git-shepherd-services)
+       (service-extension account-service-type
+                          git-accounts)
+       (service-extension activation-service-type
+                          git-activation)
+       (service-extension profile-service-type
+                          (compose list git-configuration-package))))
+    (default-value (git-configuration))
+    (description "Better git:// service.")))
+
+
 (define package-symbols
   '())
 
@@ -259,8 +357,8 @@
                      "#)))))))
       (service cgit-service-type q:cgit-pre-configuration)
       (service pkg:syskeep-service-type)
-      (service git-daemon-service-type
-        (git-daemon-configuration
+      (service git-service-type
+        (git-configuration
           (export-all? #t)))
       (simple-service 'add-wireguard-aliases hosts-service-type
         (list
author	EuAndreh <eu@euandre.org>	2024-08-18 19:20:28 -0300
committer	EuAndreh <eu@euandre.org>	2024-08-18 19:20:28 -0300
commit	f8fe64366b2dd3d5e028fba48df0a2035a1596ce (patch)
tree	e10647e488ea4816c33387f7095838f6d793376c /src/guix/system.scm
parent	rm -rf doc/ src/development/ (diff)
download	server-f8fe64366b2dd3d5e028fba48df0a2035a1596ce.tar.gz server-f8fe64366b2dd3d5e028fba48df0a2035a1596ce.tar.xz