Add cgit web interface for browsing repos

Adds cgit as a web frontend for browsing git repositories. Visiting the base domain now shows a cgit repo index with trees, commits, diffs, and blame views. Public repos (marked with git-daemon-export-ok) are browsable and cloneable over HTTPS. - Install cgit during host init - Configure cgit with dark theme and base domain integration - Add cgit CGI handler to base domain Caddyfile - Update README to emphasize git-centric workflow with cgit frontend
author: bndw <ben@bdw.to> 2026-02-14 07:56:22 -0800
committer: bndw <ben@bdw.to> 2026-02-14 07:56:22 -0800
commit: f0dfabe5b7f1f8d23169c6e62a2f0c27bd6c5463 (patch)
tree: e1f3b1f32b4f810cf957fef53d8fcec4d1fead18 /cmd
parent: f5b667c80e49117c94481d49c5b0c77dbcf2804a (diff)
1 files changed, 20 insertions, 4 deletions
diff --git a/cmd/ship/host/init.go b/cmd/ship/host/init.go
index 0ec573c..cfa2795 100644
--- a/cmd/ship/host/init.go
+++ b/cmd/ship/host/init.go
@@ -153,18 +153,19 @@ func setupGitDeploy(client *ssh.Client, baseDomain string, hostState *state.Host
        }
        fmt.Println("  Docker installed")
-        fmt.Println("-> Installing git and fcgiwrap...")
+        fmt.Println("-> Installing git, fcgiwrap, and cgit...")
-        if _, err := client.RunSudo("apt-get install -y git fcgiwrap"); err != nil {
+        if _, err := client.RunSudo("apt-get install -y git fcgiwrap cgit"); err != nil {
-                return fmt.Errorf("error installing git/fcgiwrap: %w", err)
+                return fmt.Errorf("error installing git/fcgiwrap/cgit: %w", err)
        }
        // Allow git-http-backend (runs as www-data) to access repos owned by git.
        // Scoped to www-data only, not system-wide, to preserve CVE-2022-24765 protection.
        // www-data's home is /var/www; ensure it can write .gitconfig there.
+        client.RunSudo("mkdir -p /var/www")
        client.RunSudo("chown www-data:www-data /var/www")
        if _, err := client.RunSudo("sudo -u www-data git config --global --add safe.directory '*'"); err != nil {
                return fmt.Errorf("error setting git safe.directory: %w", err)
        }
-        fmt.Println("  git and fcgiwrap installed")
+        fmt.Println("  git, fcgiwrap, and cgit installed")
        fmt.Println("-> Creating git user...")
        // Create git user (ignore error if already exists)
@@ -261,6 +262,21 @@ git ALL=(ALL) NOPASSWD: \
        }
        fmt.Println("  base domain Caddy config written")
+        fmt.Println("-> Writing cgit config...")
+        cgitrcContent, err := templates.CgitRC(map[string]string{
+                "BaseDomain": baseDomain,
+        })
+        if err != nil {
+                return fmt.Errorf("error generating cgitrc: %w", err)
+        }
+        if err := client.WriteSudoFile("/etc/cgitrc", cgitrcContent); err != nil {
+                return fmt.Errorf("error writing cgitrc: %w", err)
+        }
+        if err := client.WriteSudoFile("/opt/ship/cgit-header.html", templates.CgitHeader()); err != nil {
+                return fmt.Errorf("error writing cgit header: %w", err)
+        }
+        fmt.Println("  cgit config written")
        fmt.Println("-> Starting Docker and fcgiwrap...")
        if _, err := client.RunSudo("systemctl enable docker fcgiwrap"); err != nil {
                return fmt.Errorf("error enabling services: %w", err)
author	bndw <ben@bdw.to>	2026-02-14 07:56:22 -0800
committer	bndw <ben@bdw.to>	2026-02-14 07:56:22 -0800
commit	f0dfabe5b7f1f8d23169c6e62a2f0c27bd6c5463 (patch)
tree	e1f3b1f32b4f810cf957fef53d8fcec4d1fead18 /cmd
parent	f5b667c80e49117c94481d49c5b0c77dbcf2804a (diff)