modules/server: fcgiwrap -> cgiserver

2 files changed, 58 insertions, 24 deletions

diff --git a/modules/server/cgit/default.nix b/modules/server/cgit/default.nix
index 140865a090f3..2883a9f55c83 100644
--- a/modules/server/cgit/default.nix
+++ b/modules/server/cgit/default.nix
@@ -2,8 +2,8 @@
 
 let
   inherit (builtins) split;
-  inherit (lib) foldr groupBy head literalExpression mapAttrs mapAttrsToList
-    mkOption nameValuePair optionalAttrs types;
+  inherit (lib) flip foldr groupBy head literalExpression mapAttrs
+    mapAttrs' mapAttrsToList mkOption nameValuePair optionalAttrs types;
 
   cfg = config.services.cgit;
 
@@ -23,18 +23,7 @@ let
           tryFiles = "$uri @${name}-cgit";
         };
         "@${name}-cgit" = {
-          root = "${value.package}/cgit";
-
-          fastcgiParams.CGIT_CONFIG = "${value.config}";
-          fastcgiParams.SCRIPT_FILENAME = "$document_root/cgit.cgi";
-          fastcgiParams.PATH_INFO = "$fastcgi_path_info";
-          fastcgiParams.QUERY_STRING = "$args";
-          fastcgiParams.HTTP_HOST = "$server_name";
-
-          extraConfig = ''
-            fastcgi_split_path_info ^(${path})(.*)$;
-            fastcgi_pass unix:/run/fcgiwrap.sock;
-          '';
+          proxyPass = "http://unix:/run/cgiserver/cgit/${name}.sock";
         };
       } // optionalAttrs (unslashedPath != "") {
         ${unslashedPath} = {
@@ -74,6 +63,13 @@ in
             description = "cgit package to use";
           };
 
+          cgiserver = mkOption {
+            type = types.package;
+            default = pkgs.cgiserver;
+            defaultText = literalExpression "pkgs.cgiserver";
+            description = "cgiserver package to use";
+          };
+
           config = mkOption {
             type = types.package;
             description = ''
@@ -90,7 +86,23 @@ in
   };
 
   config = {
-    services.fcgiwrap = optionalAttrs (cfg.instances != {}) { enable = true; };
     services.nginx.virtualHosts = vhostConfigs;
+
+    systemd.services = flip mapAttrs' cfg.instances (name: instance: {
+      name = "cgit-${name}";
+      value = {
+        environment.CGIT_CONFIG = instance.config;
+        serviceConfig.DynamicUser = true;
+        serviceConfig.ExecStart = "${instance.cgiserver}/bin/cgiserver -r ${instance.path}/ ${instance.package}/cgit/cgit.cgi";
+      };
+    });
+
+    systemd.sockets = flip mapAttrs' cfg.instances (name: instance: {
+      name = "cgit-${name}";
+      value = {
+        wantedBy = [ "sockets.target" ];
+        socketConfig.ListenStream = "/run/cgiserver/cgit/${name}.sock";
+      };
+    });
   };
 }
diff --git a/modules/server/git-http-backend/default.nix b/modules/server/git-http-backend/default.nix
index d45eb0d3a27a..086e32f57db2 100644
--- a/modules/server/git-http-backend/default.nix
+++ b/modules/server/git-http-backend/default.nix
@@ -2,8 +2,8 @@
 
 let
   inherit (builtins) split;
-  inherit (lib) foldr groupBy head mapAttrs mapAttrsToList mkOption nameValuePair
-    optionalAttrs types;
+  inherit (lib) flip foldr groupBy head literalExpression mapAttrs mapAttrs'
+    mapAttrsToList mkOption nameValuePair optionalAttrs types;
 
   cfg = config.services.git-http-backend;
 
@@ -14,18 +14,16 @@ let
     foldr (l: r: l // r) {} (map ({ name, value }: let
       path = head (split "/+$" value.path);
       pathRegex =
-        "^${path}(/.*?)(\.git)?/(HEAD|info/refs|git-(upload|receive)-pack)$";
+        "^${path}/.*?(\.git)?/(HEAD|info/refs|git-(upload|receive)-pack)$";
     in {
       locations = {
         "~ ${pathRegex}" = {
-          fastcgiParams.SCRIPT_FILENAME = "${cfg.package}/bin/git-http-backend";
-          fastcgiParams.GIT_PROJECT_ROOT = value.projectRoot;
-          fastcgiParams.GIT_HTTP_EXPORT_ALL = "";
-          fastcgiParams.PATH_INFO = "$1$2/$3";
+          proxyPass = "http://unix:/run/cgiserver/git-http-backend/${name}.sock";
 
           extraConfig = ''
             client_max_body_size 0;
-            fastcgi_pass unix:/run/fcgiwrap.sock;
+            proxy_read_timeout 3600;
+            proxy_send_timeout 3600;
           '';
         };
       };
@@ -61,6 +59,13 @@ in
             '';
           };
 
+          cgiserver = mkOption {
+            type = types.package;
+            default = pkgs.cgiserver;
+            defaultText = literalExpression "pkgs.cgiserver";
+            description = "cgiserver package to use";
+          };
+
           projectRoot = mkOption {
             type = types.strMatching "/(.*[^/])?";
             example = "/var/www/git";
@@ -78,7 +83,24 @@ in
   };
 
   config = {
-    services.fcgiwrap = optionalAttrs (cfg.instances != {}) { enable = true; };
     services.nginx.virtualHosts = vhostConfigs;
+
+    systemd.services = flip mapAttrs' cfg.instances (name: instance: {
+      name = "git-http-backend-${name}";
+      value = {
+        environment.GIT_HTTP_EXPORT_ALL = "";
+        environment.GIT_PROJECT_ROOT = instance.projectRoot;
+        serviceConfig.DynamicUser = true;
+        serviceConfig.ExecStart = "${instance.cgiserver}/bin/cgiserver -r ${instance.path} ${cfg.package}/bin/git-http-backend";
+      };
+    });
+
+    systemd.sockets = flip mapAttrs' cfg.instances (name: instance: {
+      name = "git-http-backend-${name}";
+      value = {
+        wantedBy = [ "sockets.target" ];
+        socketConfig.ListenStream = "/run/cgiserver/git-http-backend/${name}.sock";
+      };
+    });
   };
 }