2016-02-15 13:01:20 +00:00
|
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
|
2016-10-20 18:54:38 +00:00
|
|
|
|
with import <stockholm/lib>;
|
2016-02-15 13:01:20 +00:00
|
|
|
|
let
|
|
|
|
|
cfg = config.krebs.repo-sync;
|
|
|
|
|
|
|
|
|
|
out = {
|
|
|
|
|
options.krebs.repo-sync = api;
|
2016-06-13 00:04:22 +00:00
|
|
|
|
config = lib.mkIf cfg.enable imp;
|
2016-02-15 13:01:20 +00:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
api = {
|
|
|
|
|
enable = mkEnableOption "repo-sync";
|
2016-06-24 13:24:42 +00:00
|
|
|
|
repos = mkOption {
|
2017-03-07 23:47:43 +00:00
|
|
|
|
type = types.attrsOf (types.submodule {
|
|
|
|
|
options = {
|
|
|
|
|
branches = mkOption {
|
|
|
|
|
type = types.attrsOf (types.submodule ({ config, ... }: {
|
|
|
|
|
options = {
|
|
|
|
|
origin = mkOption {
|
2018-02-28 13:30:11 +00:00
|
|
|
|
type = types.source-types.git;
|
2017-03-07 23:47:43 +00:00
|
|
|
|
};
|
|
|
|
|
mirror = mkOption {
|
2018-02-28 13:30:11 +00:00
|
|
|
|
type = types.source-types.git;
|
2017-03-07 23:47:43 +00:00
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
config = {
|
|
|
|
|
origin.ref = mkDefault "heads/master";
|
|
|
|
|
mirror.ref = mkDefault "heads/${config._module.args.name}";
|
|
|
|
|
};
|
|
|
|
|
}));
|
|
|
|
|
};
|
|
|
|
|
latest = mkOption {
|
2018-02-28 13:30:11 +00:00
|
|
|
|
type = types.nullOr types.source-types.git;
|
2017-03-07 23:47:43 +00:00
|
|
|
|
default = null;
|
|
|
|
|
};
|
|
|
|
|
timerConfig = mkOption {
|
|
|
|
|
type = types.attrsOf types.str;
|
|
|
|
|
default = cfg.timerConfig;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
});
|
2016-02-15 13:01:20 +00:00
|
|
|
|
example = literalExample ''
|
|
|
|
|
# see `repo-sync --help`
|
|
|
|
|
# `ref` provides sane defaults and can be omitted
|
|
|
|
|
|
2016-09-07 13:52:37 +00:00
|
|
|
|
# you can have multiple repo-sync groups and therefore multiple @latest
|
|
|
|
|
# configuration entries.
|
2016-02-15 13:01:20 +00:00
|
|
|
|
# attrset will be converted to json and be used as config
|
2016-09-07 13:52:37 +00:00
|
|
|
|
# each attrset defines a group of repos for syncing
|
|
|
|
|
|
|
|
|
|
{ nxpkgs = {
|
2017-03-07 23:47:43 +00:00
|
|
|
|
branches = {
|
|
|
|
|
makefu = {
|
|
|
|
|
origin = {
|
|
|
|
|
url = http://github.com/makefu/nixpkgs;
|
|
|
|
|
ref = "heads/dev" ;
|
|
|
|
|
};
|
|
|
|
|
mirror = {
|
|
|
|
|
url = "git@internal:nixpkgs-mirror" ;
|
|
|
|
|
ref = "heads/github-mirror-dev" ;
|
|
|
|
|
};
|
2016-06-24 13:24:42 +00:00
|
|
|
|
};
|
2017-03-07 23:47:43 +00:00
|
|
|
|
lass = {
|
|
|
|
|
origin = {
|
|
|
|
|
url = http://github.com/lass/nixpkgs;
|
|
|
|
|
};
|
|
|
|
|
mirror = {
|
|
|
|
|
url = "git@internal:nixpkgs-mirror" ;
|
|
|
|
|
};
|
2016-06-24 13:24:42 +00:00
|
|
|
|
};
|
2016-02-15 13:01:20 +00:00
|
|
|
|
};
|
2017-03-07 23:47:43 +00:00
|
|
|
|
latest = {
|
|
|
|
|
url = "git@internal:nixpkgs-mirror";
|
|
|
|
|
ref = "heads/master";
|
2016-09-07 13:52:37 +00:00
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
stockholm = {
|
2017-03-07 23:47:43 +00:00
|
|
|
|
branches = {
|
|
|
|
|
lass = {
|
|
|
|
|
origin = {
|
|
|
|
|
url = http://cgit.prism.r/stockholm;
|
|
|
|
|
};
|
|
|
|
|
mirror = {
|
|
|
|
|
url = "git@internal:stockholm-mirror" ;
|
|
|
|
|
};
|
2016-09-07 13:52:37 +00:00
|
|
|
|
};
|
2017-03-07 23:47:43 +00:00
|
|
|
|
makefu = {
|
|
|
|
|
origin = {
|
|
|
|
|
url = http://gum.krebsco.de/stockholm;
|
|
|
|
|
};
|
|
|
|
|
mirror = {
|
|
|
|
|
url = "git@internal:stockholm-mirror" ;
|
|
|
|
|
};
|
2016-09-07 13:52:37 +00:00
|
|
|
|
};
|
|
|
|
|
};
|
2017-03-07 23:47:43 +00:00
|
|
|
|
latest = {
|
|
|
|
|
url = "git@internal:stockholm-mirror";
|
|
|
|
|
ref = "heads/master";
|
2016-02-15 13:01:20 +00:00
|
|
|
|
};
|
2016-06-24 13:24:42 +00:00
|
|
|
|
};
|
2016-02-15 13:01:20 +00:00
|
|
|
|
};
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
timerConfig = mkOption {
|
|
|
|
|
type = types.attrsOf types.str;
|
|
|
|
|
default = {
|
|
|
|
|
OnCalendar = "*:00,15,30,45";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
stateDir = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
default = "/var/lib/repo-sync";
|
|
|
|
|
};
|
2016-06-24 13:24:42 +00:00
|
|
|
|
|
|
|
|
|
user = mkOption {
|
|
|
|
|
type = types.user;
|
|
|
|
|
default = {
|
|
|
|
|
name = "repo-sync";
|
|
|
|
|
home = cfg.stateDir;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2016-02-15 13:01:20 +00:00
|
|
|
|
privateKeyFile = mkOption {
|
2021-12-23 23:47:41 +00:00
|
|
|
|
type = types.absolute-pathname;
|
|
|
|
|
default = toString <secrets> + "/repo-sync.ssh.key";
|
|
|
|
|
defaultText = "‹secrets/repo-sync.ssh.key›";
|
2016-02-15 13:01:20 +00:00
|
|
|
|
};
|
2016-06-24 13:24:42 +00:00
|
|
|
|
|
2016-06-26 15:53:11 +00:00
|
|
|
|
unitConfig = mkOption {
|
|
|
|
|
type = types.attrsOf types.str;
|
|
|
|
|
description = "Extra unit configuration for fetchWallpaper to define conditions and assertions for the unit";
|
|
|
|
|
example = literalExample ''
|
|
|
|
|
# do not start when running on umts
|
|
|
|
|
{ ConditionPathExists = "!/var/run/ppp0.pid"; }
|
|
|
|
|
'';
|
|
|
|
|
default = {};
|
|
|
|
|
};
|
|
|
|
|
|
2016-02-15 13:01:20 +00:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
imp = {
|
2016-06-24 13:24:42 +00:00
|
|
|
|
users.users.${cfg.user.name} = {
|
|
|
|
|
inherit (cfg.user) home name uid;
|
2016-02-15 13:01:20 +00:00
|
|
|
|
createHome = true;
|
2021-12-23 23:49:02 +00:00
|
|
|
|
group = cfg.user.name;
|
2016-06-24 13:24:42 +00:00
|
|
|
|
description = "repo-sync user";
|
2021-06-15 13:54:46 +00:00
|
|
|
|
isSystemUser = true;
|
2016-02-15 13:01:20 +00:00
|
|
|
|
};
|
|
|
|
|
|
2021-12-23 23:49:02 +00:00
|
|
|
|
users.groups.${cfg.user.name} = {};
|
|
|
|
|
|
2016-06-24 13:24:42 +00:00
|
|
|
|
systemd.timers = mapAttrs' (name: repo:
|
|
|
|
|
nameValuePair "repo-sync-${name}" {
|
|
|
|
|
description = "repo-sync timer";
|
|
|
|
|
wantedBy = [ "timers.target" ];
|
2017-03-07 23:47:43 +00:00
|
|
|
|
timerConfig = repo.timerConfig;
|
2016-06-24 13:24:42 +00:00
|
|
|
|
}
|
|
|
|
|
) cfg.repos;
|
2016-02-15 13:01:20 +00:00
|
|
|
|
|
2021-12-23 23:47:41 +00:00
|
|
|
|
krebs.systemd.services = mapAttrs' (name: _:
|
2022-12-29 12:44:45 +00:00
|
|
|
|
nameValuePair "repo-sync-${name}" {
|
|
|
|
|
restartIfCredentialsChange = true;
|
|
|
|
|
}
|
2021-12-23 23:47:41 +00:00
|
|
|
|
) cfg.repos;
|
|
|
|
|
|
2016-06-24 13:24:42 +00:00
|
|
|
|
systemd.services = mapAttrs' (name: repo:
|
|
|
|
|
let
|
2017-03-07 23:47:43 +00:00
|
|
|
|
repo-sync-config = pkgs.writeJSON "repo-sync-config-${name}.json"
|
|
|
|
|
(repo.branches // optionalAttrs (repo.latest != null) {
|
|
|
|
|
"@latest".mirror = repo.latest;
|
|
|
|
|
});
|
2016-06-24 13:24:42 +00:00
|
|
|
|
in nameValuePair "repo-sync-${name}" {
|
|
|
|
|
description = "repo-sync";
|
2021-12-23 23:47:41 +00:00
|
|
|
|
after = [ "network.target" ];
|
2016-02-15 13:01:20 +00:00
|
|
|
|
|
2016-06-24 13:24:42 +00:00
|
|
|
|
environment = {
|
2021-12-23 23:47:41 +00:00
|
|
|
|
GIT_SSH_COMMAND = "${pkgs.openssh}/bin/ssh -i $CREDENTIALS_DIRECTORY/ssh_key";
|
2016-06-24 14:04:04 +00:00
|
|
|
|
REPONAME = "${name}.git";
|
2016-06-24 13:24:42 +00:00
|
|
|
|
};
|
2016-02-15 13:01:20 +00:00
|
|
|
|
|
2017-12-12 17:53:07 +00:00
|
|
|
|
restartIfChanged = false;
|
2016-06-24 13:24:42 +00:00
|
|
|
|
serviceConfig = {
|
|
|
|
|
Type = "simple";
|
|
|
|
|
PermissionsStartOnly = true;
|
2021-12-23 23:47:41 +00:00
|
|
|
|
LoadCredential = "ssh_key:${cfg.privateKeyFile}";
|
2016-06-24 13:24:42 +00:00
|
|
|
|
ExecStart = "${pkgs.repo-sync}/bin/repo-sync ${repo-sync-config}";
|
|
|
|
|
WorkingDirectory = cfg.stateDir;
|
|
|
|
|
User = "repo-sync";
|
|
|
|
|
};
|
2016-06-26 15:53:11 +00:00
|
|
|
|
unitConfig = cfg.unitConfig;
|
2016-06-24 13:24:42 +00:00
|
|
|
|
}
|
|
|
|
|
) cfg.repos;
|
2016-02-15 13:01:20 +00:00
|
|
|
|
};
|
|
|
|
|
in out
|