From 519db4565f421d97fbbfd3251ba23ab49d010569 Mon Sep 17 00:00:00 2001 From: jolheiser Date: Fri, 26 Jul 2024 11:44:28 -0500 Subject: [PATCH] feat: allow enabling of each service individually Signed-off-by: jolheiser --- cmd/ugitd/args.go | 9 +++++++++ cmd/ugitd/main.go | 50 +++++++++++++++++++++++++---------------------- flake.nix | 18 +++++++++++++++-- 3 files changed, 52 insertions(+), 25 deletions(-) diff --git a/cmd/ugitd/args.go b/cmd/ugitd/args.go index 865deec..b16fc0f 100644 --- a/cmd/ugitd/args.go +++ b/cmd/ugitd/args.go @@ -21,6 +21,7 @@ type cliArgs struct { } type sshArgs struct { + Enable bool AuthorizedKeys string CloneURL string Port int @@ -28,6 +29,7 @@ type sshArgs struct { } type httpArgs struct { + Enable bool CloneURL string Port int } @@ -54,6 +56,7 @@ type logArgs struct { } type tailscaleArgs struct { + Enable bool Hostname string DataDir string } @@ -65,12 +68,14 @@ func parseArgs(args []string) (c cliArgs, e error) { c = cliArgs{ RepoDir: ".ugit", SSH: sshArgs{ + Enable: true, AuthorizedKeys: ".ssh/authorized_keys", CloneURL: "ssh://localhost:8448", Port: 8448, HostKey: ".ssh/ugit_ed25519", }, HTTP: httpArgs{ + Enable: true, CloneURL: "http://localhost:8449", Port: 8449, }, @@ -82,6 +87,7 @@ func parseArgs(args []string) (c cliArgs, e error) { Level: log.InfoLevel, }, Tailscale: tailscaleArgs{ + Enable: false, Hostname: "ugit", DataDir: ".tsnet", }, @@ -97,10 +103,12 @@ func parseArgs(args []string) (c cliArgs, e error) { }) fs.BoolVar(&c.Log.JSON, "log.json", c.Log.JSON, "Print logs in JSON(L) format") fs.StringVar(&c.RepoDir, "repo-dir", c.RepoDir, "Path to directory containing repositories") + fs.BoolVar(&c.SSH.Enable, "ssh.enable", c.SSH.Enable, "Enable SSH server") fs.StringVar(&c.SSH.AuthorizedKeys, "ssh.authorized-keys", c.SSH.AuthorizedKeys, "Path to authorized_keys") fs.StringVar(&c.SSH.CloneURL, "ssh.clone-url", c.SSH.CloneURL, "SSH clone URL base") fs.IntVar(&c.SSH.Port, "ssh.port", c.SSH.Port, "SSH port") fs.StringVar(&c.SSH.HostKey, "ssh.host-key", c.SSH.HostKey, "SSH host key (created if it doesn't exist)") + fs.BoolVar(&c.HTTP.Enable, "http.enable", c.HTTP.Enable, "Enable HTTP server") fs.StringVar(&c.HTTP.CloneURL, "http.clone-url", c.HTTP.CloneURL, "HTTP clone URL base") fs.IntVar(&c.HTTP.Port, "http.port", c.HTTP.Port, "HTTP port") fs.StringVar(&c.Meta.Title, "meta.title", c.Meta.Title, "App title") @@ -118,6 +126,7 @@ func parseArgs(args []string) (c cliArgs, e error) { }) return nil }) + fs.BoolVar(&c.Tailscale.Enable, "tailscale.enable", c.Tailscale.Enable, "Enable Tailscale") fs.StringVar(&c.Tailscale.Hostname, "tailscale.hostname", c.Tailscale.Hostname, "Tailscale host to show private repos on") fs.StringVar(&c.Tailscale.DataDir, "tailscale.data-dir", c.Tailscale.DataDir, "Tailscale data/state directory") diff --git a/cmd/ugitd/main.go b/cmd/ugitd/main.go index 0526a40..f968711 100644 --- a/cmd/ugitd/main.go +++ b/cmd/ugitd/main.go @@ -62,23 +62,25 @@ func main() { panic(err) } - sshSettings := ssh.Settings{ - AuthorizedKeys: args.SSH.AuthorizedKeys, - CloneURL: args.SSH.CloneURL, - Port: args.SSH.Port, - HostKey: args.SSH.HostKey, - RepoDir: args.RepoDir, - } - sshSrv, err := ssh.New(sshSettings) - if err != nil { - panic(err) - } - go func() { - log.Debugf("SSH listening on ssh://localhost:%d\n", sshSettings.Port) - if err := sshSrv.ListenAndServe(); err != nil { + if args.SSH.Enable { + sshSettings := ssh.Settings{ + AuthorizedKeys: args.SSH.AuthorizedKeys, + CloneURL: args.SSH.CloneURL, + Port: args.SSH.Port, + HostKey: args.SSH.HostKey, + RepoDir: args.RepoDir, + } + sshSrv, err := ssh.New(sshSettings) + if err != nil { panic(err) } - }() + go func() { + log.Debugf("SSH listening on ssh://localhost:%d\n", sshSettings.Port) + if err := sshSrv.ListenAndServe(); err != nil { + panic(err) + } + }() + } httpSettings := http.Settings{ Title: args.Meta.Title, @@ -98,15 +100,17 @@ func main() { URL: link.URL, }) } - httpSrv := http.New(httpSettings) - go func() { - log.Debugf("HTTP listening on http://localhost:%d\n", httpSettings.Port) - if err := httpSrv.ListenAndServe(); err != nil { - panic(err) - } - }() + if args.HTTP.Enable { + httpSrv := http.New(httpSettings) + go func() { + log.Debugf("HTTP listening on http://localhost:%d\n", httpSettings.Port) + if err := httpSrv.ListenAndServe(); err != nil { + panic(err) + } + }() + } - if _, ok := os.LookupEnv("TS_AUTHKEY"); ok { + if args.Tailscale.Enable { tailnetSettings := httpSettings tailnetSettings.ShowPrivate = true tailnetSrv := http.New(tailnetSettings) diff --git a/flake.nix b/flake.nix index bf67a0f..b693a7a 100644 --- a/flake.nix +++ b/flake.nix @@ -76,7 +76,9 @@ configFile = pkgs.writeText "ugit.yaml" (builtins.readFile (yamlFormat.generate "ugit-yaml" cfg.config)); authorizedKeysFile = pkgs.writeText "ugit_keys" (builtins.concatStringsSep "\n" cfg.authorizedKeys); in { - options = with lib; { + options = let + inherit (lib) mkEnableOption mkOption types; + in { services.ugit = { enable = mkEnableOption "Enable ugit"; @@ -86,6 +88,12 @@ default = ugit; }; + tsAuthKey = mkOption { + type = types.str; + description = "Tailscale one-time auth-key"; + default = ""; + }; + repoDir = mkOption { type = types.str; description = "where ugit stores repositories"; @@ -155,7 +163,12 @@ if (builtins.length cfg.authorizedKeys) > 0 then authorizedKeysFile else cfg.authorizedKeysFile; - args = ["--config=${configFile}" "--repo-dir=${cfg.repoDir}" "--ssh.authorized-keys=${authorizedKeysPath}" "--ssh.host-key=${cfg.hostKeyFile}"]; + args = [ + "--config=${configFile}" + "--repo-dir=${cfg.repoDir}" + "--ssh.authorized-keys=${authorizedKeysPath}" + "--ssh.host-key=${cfg.hostKeyFile}" + ]; in "${cfg.package}/bin/ugitd ${builtins.concatStringsSep " " args}"; wantedBy = ["multi-user.target"]; after = ["network.target"]; @@ -166,6 +179,7 @@ Restart = "always"; RestartSec = "15"; WorkingDirectory = "/var/lib/ugit"; + Environment = ["TS_AUTHKEY=${cfg.tsAuthKey}"]; }; }; };