feat(gerrit): add the gerrit server

Gerrit is a tool for doing code review for git. It will be running at cl.fcuny.net and will be the main way to interact with my git repositories.
author: Franck Cuny <franck@fcuny.net> 2022-05-26 08:11:28 -0700
committer: Franck Cuny <franck@fcuny.net> 2022-05-26 08:14:38 -0700
commit: f4fbea2c6a9838d4f117822d56691ad5456b1130 (patch)
tree: a739f92c645c8778b9f4b545fa3f5574101049cc
parent: ref(dnsupdate): move under tools (diff)
download: infra-f4fbea2c6a9838d4f117822d56691ad5456b1130.tar.gz
2 files changed, 51 insertions, 0 deletions
diff --git a/modules/services/default.nix b/modules/services/default.nix
index 538e564..ae9be9c 100644
--- a/modules/services/default.nix
+++ b/modules/services/default.nix
@@ -6,6 +6,7 @@
     ./backup
     ./drone
     ./fwupd
+    ./gerrit
     ./gitea
     ./gnome
     ./grafana
diff --git a/modules/services/gerrit/default.nix b/modules/services/gerrit/default.nix
new file mode 100644
index 0000000..3d0e3df
--- /dev/null
+++ b/modules/services/gerrit/default.nix
@@ -0,0 +1,50 @@
+{ config, pkgs, lib, ... }:
+let cfg = config.my.services.gerrit;
+in {
+  options.my.services.gerrit = with lib; {
+    enable = mkEnableOption "gerrit git server";
+    vhostName = mkOption {
+      type = types.str;
+      example = "cl.fcuny.net";
+      description = "Name for the virtual host";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.gerrit = {
+      enable = true;
+      listenAddress = "[::]:4778";
+      builtinPlugins = [ "download-commands" "hooks" ];
+      jvmHeapLimit = "4g";
+
+      settings = {
+        core.packedGitLimit = "100m";
+        log.jsonLogging = true;
+        log.textLogging = false;
+        sshd.advertisedAddress = "git.fcuny.net:29418";
+        cache.web_sessions.maxAge = "3 months";
+        plugins.allowRemoteAdmin = false;
+        change.enableAttentionSet = true;
+        change.enableAssignee = false;
+
+        gerrit = {
+          canonicalWebUrl = "https://${cfg.vhostName}";
+          docUrl = "/Documentation";
+        };
+
+        httpd.listenUrl = "proxy-https://${cfg.listenAddress}";
+
+        download.command = [ "checkout" "cherry_pick" "format_patch" "pull" ];
+
+        # Receiving email is not currently supported.
+        sendemail = { enable = false; };
+      };
+    };
+
+    services.nginx.virtualHosts."${cfg.vhostName}}" = {
+      forceSSL = true;
+      enableACME = true;
+      locations."/" = { proxyPass = "http://127.0.0.1:4778"; };
+    };
+  };
+}
author	Franck Cuny <franck@fcuny.net>	2022-05-26 08:11:28 -0700
committer	Franck Cuny <franck@fcuny.net>	2022-05-26 08:14:38 -0700
commit	f4fbea2c6a9838d4f117822d56691ad5456b1130 (patch)
tree	a739f92c645c8778b9f4b545fa3f5574101049cc
parent	ref(dnsupdate): move under tools (diff)
download	infra-f4fbea2c6a9838d4f117822d56691ad5456b1130.tar.gz