kiaragrouwstra/infra
0
0
Fork 0
forked from the-distro/infra
Code Pull requests Activity

gerrit: factor more configuration in the NixOS module for external consumption

Browse source 
Other modules may require information to configure themselves from the
Gerrit module.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
This commit is contained in:
raito 2024-07-17 15:43:22 +02:00
parent 68d956f1ba
commit fda59ee6c0
2 changed files with 18 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
hosts/gerrit01/default.nix
View file

@ -35,6 +35,7 @@
domains = [ domains = [
"cl.forkos.org" "cl.forkos.org"
]; ];
canonicalDomain = "cl.forkos.org";
data = "/gerrit-data"; data = "/gerrit-data";
}; };

23
services/gerrit/default.nix
View file

@ -3,7 +3,7 @@
{ pkgs, config, lib, ... }: { pkgs, config, lib, ... }:
let let
inherit (lib) mkEnableOption mkIf mkOption types; inherit (lib) mkEnableOption mkIf mkOption types head;
cfgGerrit = config.services.gerrit; cfgGerrit = config.services.gerrit;
cfg = config.bagel.services.gerrit; cfg = config.bagel.services.gerrit;
@ -16,11 +16,22 @@ in
type = types.listOf types.str; type = types.listOf types.str;
description = "List of domains that Gerrit will answer to"; description = "List of domains that Gerrit will answer to";
}; };
canonicalDomain = mkOption {
type = types.str;
description = "Canonical domain for this Gerrit instance";
default = head cfg.domains;
};
data = mkOption { data = mkOption {
type = types.path; type = types.path;
default = "/var/lib/gerrit"; default = "/var/lib/gerrit";
description = "Root of data directory for the Gerrit"; description = "Root of data directory for the Gerrit";
}; };
port = mkOption {
type = types.port;
default = 29418;
readOnly = true;
description = "Port for the Gerrit SSH server";
};
}; };
imports = [ imports = [
@ -28,7 +39,7 @@ in
]; ];
config = mkIf cfg.enable { config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [ 29418 ]; networking.firewall.allowedTCPPorts = [ cfg.port ];
environment.systemPackages = [ jdk ]; environment.systemPackages = [ jdk ];
@ -58,7 +69,7 @@ in
"webhooks" "webhooks"
]; ];
plugins = with pkgs.gerritPlugins; [ plugins = with pkgs.gerritPlugins; [
oauth oauth
metrics-reporter-prometheus metrics-reporter-prometheus
]; ];
@ -115,7 +126,7 @@ in
# Other settings # Other settings
log.jsonLogging = true; log.jsonLogging = true;
log.textLogging = false; log.textLogging = false;
sshd.advertisedAddress = "cl.forkos.org:29418"; sshd.advertisedAddress = "${cfg.canonicalDomain}:${cfg.port}";
cache.web_sessions.maxAge = "3 months"; cache.web_sessions.maxAge = "3 months";
plugins.allowRemoteAdmin = false; plugins.allowRemoteAdmin = false;
change.enableAttentionSet = true; change.enableAttentionSet = true;
@ -130,7 +141,7 @@ in
# Configures gerrit for being reverse-proxied by nginx as per # Configures gerrit for being reverse-proxied by nginx as per
# https://gerrit-review.googlesource.com/Documentation/config-reverseproxy.html # https://gerrit-review.googlesource.com/Documentation/config-reverseproxy.html
gerrit = { gerrit = {
canonicalWebUrl = "https://cl.forkos.org"; canonicalWebUrl = "https://${cfg.canonicalDomain}";
docUrl = "/Documentation"; docUrl = "/Documentation";
defaultBranch = "refs/heads/main"; defaultBranch = "refs/heads/main";
}; };
@ -147,7 +158,7 @@ in
# Auto-link other CLs # Auto-link other CLs
commentlink.gerrit = { commentlink.gerrit = {
match = "cl/(\\d+)"; match = "cl/(\\d+)";
link = "https://cl.forkos.org/$1"; link = "https://${cfg.canonicalDomain}/$1";
}; };
# Configures integration with Keycloak, which then integrates with a # Configures integration with Keycloak, which then integrates with a