8 files changed, 90 insertions, 25 deletions

diff --git a/cgit/cgitrc b/cgit/cgitrc
new file mode 100644
index 0000000..b53d3ef
--- /dev/null
+++ b/cgit/cgitrc
@@ -0,0 +1,12 @@
+#
+# cgit config
+# see cgitrc(5) for details
+
+css=/cgit.css
+logo=/cgit.png
+
+virtual-root=/git
+scan-path=/srv/git/
+
+root-title=Sneed's Feed and Seed Git Server
+root-desc=Formerly Chucks.
diff --git a/cgit/deploy b/cgit/deploy
new file mode 100755
index 0000000..f00460d
--- /dev/null
+++ b/cgit/deploy
@@ -0,0 +1,34 @@
+#!/bin/bash
+
+# Installing dependencies
+sudo apt install -y git nginx fcgiwrap cgit
+
+# Git
+## Creating and setting up user
+sudo adduser git
+
+## Setting up ssh
+mkdir .ssh && chmod 700 .ssh
+echo "DONT FORGET TO ADD YOUR SSH KEYS TO ~/.ssh/authorized_keys AND CHMOD 600 IT"
+
+## Configuring git
+sudo mkdir -p /srv/git
+sudo -H chown git:git /srv/git/
+
+# Cgit
+sudo -H cp -rf cgitrc /etc/
+
+# Nginx
+sudo -H mkdir -p /etc/nginx/certs
+sudo -H cp -rf nginx/ /etc/
+sudo -H ln -s /etc/nginx/sites-available/server /etc/nginx/sites-enabled/server
+sudo -H sed -i s:"$(grep access_log /etc/nginx/nginx.conf | awk '{print $2}' )":\/dev\/null\;:g /etc/nginx/nginx.conf
+sudo -H sed -i s:"$(grep error_log /etc/nginx/nginx.conf | awk '{print $2}' )":\/dev\/null\;:g /etc/nginx/nginx.conf
+
+# SSL
+openssl req -x509 -out localhost.crt -keyout localhost.key -newkey rsa:2048 -nodes -sha256 -subj '/CN=localhost' -extensions EXT -config <( printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
+sudo mv localhost.* /etc/nginx/certs
+
+# Restarting services
+sudo -H systemctl restart nginx
+sudo -H systemctl enable nginx
diff --git a/cgit/nginx/pages/cgit.conf b/cgit/nginx/pages/cgit.conf
new file mode 100644
index 0000000..9d3f7ef
--- /dev/null
+++ b/cgit/nginx/pages/cgit.conf
@@ -0,0 +1,10 @@
+root /usr/share/cgit ;
+location /git
+{
+	include fastcgi_params;
+	fastcgi_param SCRIPT_FILENAME /usr/lib/cgit/cgit.cgi;
+	fastcgi_pass unix:/run/fcgiwrap.socket;
+	fastcgi_param PATH_INFO $fastcgi_path_info;
+	fastcgi_param QUERY_STRING $args;
+	fastcgi_split_path_info ^(/git/?)(.+)$;
+}
diff --git a/cgit/nginx/sites-available/server b/cgit/nginx/sites-available/server
new file mode 100644
index 0000000..ba75367
--- /dev/null
+++ b/cgit/nginx/sites-available/server
@@ -0,0 +1,12 @@
+server
+{
+	server_name hostname.local;
+
+	listen 443 ssl;
+	listen [::]:443 ssl;
+
+	ssl_certificate /etc/nginx/certs/localhost.crt;
+	ssl_certificate_key /etc/nginx/certs/localhost.key;
+
+	include pages/*.conf;
+}
diff --git a/searx/deploy b/searx/deploy
index e475a89..92d9a4e 100755
--- a/searx/deploy
+++ b/searx/deploy
@@ -20,7 +20,7 @@ echo ". /usr/local/searx/searx-pyenv/bin/activate" | sudo -H -u searx tee -a "/u
 sudo -H -u searx /usr/local/searx/searx-pyenv/bin/pip install -U pip setuptools wheel pyyaml
 sudo -H -u searx /usr/local/searx/searx-pyenv/bin/pip install -e "/usr/local/searx/searx-src"
 
-## Configurating SearX
+## Configuring SearX
 sudo -H mkdir -p "/etc/searx"
 sudo -H cp "/usr/local/searx/searx-src/utils/templates/etc/searx/use_default_settings.yml" "/etc/searx/settings.yml"
 
@@ -33,16 +33,15 @@ sudo -H mkdir -p /run/uwsgi/app/searx/
 sudo -H chown -R searx:searx /run/uwsgi/app/searx/
 
 # Nginx
+sudo -H mkdir -p /etc/nginx/certs
 sudo -H cp -rf nginx/ /etc/
-sudo -H sed -i -e "s:YOURIP:$(hostname -I | cut -d" " -f1):g" /etc/nginx/sites-available/searx
-sudo -H ln -s /etc/nginx/sites-available/searx /etc/nginx/sites-enabled/searx
+sudo -H ln -s /etc/nginx/sites-available/server /etc/nginx/sites-enabled/server
 sudo -H sed -i s:"$(grep access_log /etc/nginx/nginx.conf | awk '{print $2}' )":\/dev\/null\;:g /etc/nginx/nginx.conf
 sudo -H sed -i s:"$(grep error_log /etc/nginx/nginx.conf | awk '{print $2}' )":\/dev\/null\;:g /etc/nginx/nginx.conf
 
 # SSL
-sudo -H mkdir -p /usr/local/searx/searx-src/certs
 openssl req -x509 -out localhost.crt -keyout localhost.key -newkey rsa:2048 -nodes -sha256 -subj '/CN=localhost' -extensions EXT -config <( printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
-sudo mv localhost.* /usr/local/searx/searx-src/certs
+sudo mv localhost.* /etc/nginx/certs
 
 # Restarting services
 sudo -H systemctl restart nginx
diff --git a/searx/nginx/pages/searx.conf b/searx/nginx/pages/searx.conf
new file mode 100644
index 0000000..1c58d41
--- /dev/null
+++ b/searx/nginx/pages/searx.conf
@@ -0,0 +1,6 @@
+location /searx
+{
+	include uwsgi_params;
+	uwsgi_param SCRIPT_NAME /searx;
+	uwsgi_pass unix:/run/uwsgi/app/searx/socket;
+}
diff --git a/searx/nginx/sites-available/searx b/searx/nginx/sites-available/searx
deleted file mode 100644
index f0c52a7..0000000
--- a/searx/nginx/sites-available/searx
+++ /dev/null
@@ -1,20 +0,0 @@
-# Default server configuration
-#
-server {
-    server_name YOURIP hostname.local;
-
-    listen 443;
-    listen [::]:443;
-
-    ssl on;
-    ssl_certificate /usr/local/searx/searx-src/certs/localhost.crt;
-    ssl_certificate_key /usr/local/searx/searx-src/certs/localhost.key;
-
-    location /searx {
-        include uwsgi_params;
-        uwsgi_pass unix:/run/uwsgi/app/searx/socket;
-    }
-
-    root /usr/local/searx/searx-src/searx;
-    location /static { }
-}
diff --git a/searx/nginx/sites-available/server b/searx/nginx/sites-available/server
new file mode 100644
index 0000000..ba75367
--- /dev/null
+++ b/searx/nginx/sites-available/server
@@ -0,0 +1,12 @@
+server
+{
+	server_name hostname.local;
+
+	listen 443 ssl;
+	listen [::]:443 ssl;
+
+	ssl_certificate /etc/nginx/certs/localhost.crt;
+	ssl_certificate_key /etc/nginx/certs/localhost.key;
+
+	include pages/*.conf;
+}