From: Skullheadx Date: Tue, 2 Jun 2026 02:02:33 +0000 (-0400) Subject: remove https protocol support for git X-Git-Url: http://git.skullheadx.com/life/index.html?a=commitdiff_plain;h=08928d8399f262fd6fd8cbc2fe141d7e5997e8c8;p=nixos.git remove https protocol support for git --- diff --git a/hosts/icon/configuration.nix b/hosts/icon/configuration.nix index 8261edf..308573a 100644 --- a/hosts/icon/configuration.nix +++ b/hosts/icon/configuration.nix @@ -66,19 +66,11 @@ services.nginx = { enable = true; virtualHosts = { - "gitweb.skullheadx.com" = { - listen = [ - { - addr = "10.0.0.2"; - port = 8080; - } - ]; - }; "git.skullheadx.com" = { listen = [ { addr = "10.0.0.2"; - port = 8081; + port = 8080; } ]; }; @@ -86,7 +78,7 @@ gitweb = { enable = true; location = ""; - virtualHost = "gitweb.skullheadx.com"; + virtualHost = "git.skullheadx.com"; }; }; @@ -105,33 +97,6 @@ } ]; - services.lighttpd = { - enable = false; - port = 8081; - enableModules = ["mod_cgi" "mod_alias" "mod_setenv"]; - extraConfig = '' - # 1. Explicitly block any push attempts (git-receive-pack) with a 403 Forbidden - $HTTP["querystring"] =~ "service=git-receive-pack" { - url.access-deny = ("") - } - $HTTP["url"] =~ "^/.*/git-receive-pack$" { - url.access-deny = ("") - } - - # 2. Redirect the root URL "/" to the git-http-backend - alias.url += ( "/" => "${pkgs.git}/git-http-backend" ) - - # 3. Apply Git variables globally to the root path - $HTTP["url"] =~ "^/" { - cgi.assign = ("" => "") - setenv.add-environment = ( - "GIT_PROJECT_ROOT" => "/srv/git", - "GIT_PROTOCOL" => "HTTP_GIT_PROTOCOL" - ) - } - ''; - }; - networking.hostName = "icon"; # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. @@ -175,7 +140,7 @@ }; # Open ports in the firewall. - networking.firewall.allowedTCPPorts = [9418 8080 8081]; + networking.firewall.allowedTCPPorts = [9418 8080]; networking.firewall.allowedUDPPorts = [55555]; # Or disable the firewall altogether. # networking.firewall.enable = false;