k 3 repo-sync: init module, add git dependency
This commit is contained in:
parent
e62a0475cd
commit
0457cd1bb9
@ -29,6 +29,7 @@ let
|
||||
./retiolum.nix
|
||||
./tinc_graphs.nix
|
||||
./urlwatch.nix
|
||||
./repo-sync.nix
|
||||
];
|
||||
options.krebs = api;
|
||||
config = mkIf cfg.enable imp;
|
||||
|
110
krebs/3modules/repo-sync.nix
Normal file
110
krebs/3modules/repo-sync.nix
Normal file
@ -0,0 +1,110 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.krebs.repo-sync;
|
||||
|
||||
out = {
|
||||
options.krebs.repo-sync = api;
|
||||
config = mkIf cfg.enable imp;
|
||||
};
|
||||
|
||||
api = {
|
||||
enable = mkEnableOption "repo-sync";
|
||||
config = mkOption {
|
||||
type = with types;attrsOf (attrsOf (attrsOf str));
|
||||
example = literalExample ''
|
||||
# see `repo-sync --help`
|
||||
# `ref` provides sane defaults and can be omitted
|
||||
|
||||
# attrset will be converted to json and be used as config
|
||||
{
|
||||
makefu = {
|
||||
origin = {
|
||||
url = http://github.com/makefu/repo ;
|
||||
ref = "heads/dev" ;
|
||||
};
|
||||
mirror = {
|
||||
url = "git@internal:mirror" ;
|
||||
ref = "heads/github-mirror-dev" ;
|
||||
};
|
||||
};
|
||||
lass = {
|
||||
origin = {
|
||||
url = http://github.com/lass/repo ;
|
||||
};
|
||||
mirror = {
|
||||
url = "git@internal:mirror" ;
|
||||
};
|
||||
};
|
||||
"@latest" = {
|
||||
mirror = {
|
||||
url = "git@internal:mirror";
|
||||
ref = "heads/master";
|
||||
};
|
||||
};
|
||||
};
|
||||
'';
|
||||
};
|
||||
timerConfig = mkOption {
|
||||
type = types.attrsOf types.str;
|
||||
default = {
|
||||
OnCalendar = "*:00,15,30,45";
|
||||
};
|
||||
};
|
||||
stateDir = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/lib/repo-sync";
|
||||
};
|
||||
privateKeyFile = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
used by repo-sync to identify with ssh service
|
||||
'';
|
||||
default = toString <secrets/wolf-repo-sync.rsa_key.priv>;
|
||||
};
|
||||
};
|
||||
repo-sync-config = pkgs.writeText "repo-sync-config.json"
|
||||
(builtins.toJSON cfg.config);
|
||||
|
||||
imp = {
|
||||
users.users.repo-sync = {
|
||||
name = "repo-sync";
|
||||
uid = genid "repo-sync";
|
||||
description = "repo-sync user";
|
||||
home = cfg.stateDir;
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
systemd.timers.repo-sync = {
|
||||
description = "repo-sync timer";
|
||||
wantedBy = [ "timers.target" ];
|
||||
|
||||
timerConfig = cfg.timerConfig;
|
||||
};
|
||||
systemd.services.repo-sync = {
|
||||
description = "repo-sync";
|
||||
after = [ "network.target" ];
|
||||
|
||||
path = with pkgs; [ ];
|
||||
|
||||
environment = {
|
||||
GIT_SSH_COMMAND = "${pkgs.openssh}/bin/ssh -i ${cfg.stateDir}/ssh.priv";
|
||||
};
|
||||
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
PermissionsStartOnly = true;
|
||||
ExecStartPre = pkgs.writeScript "prepare-repo-sync-user" ''
|
||||
#! /bin/sh
|
||||
cp -v ${lib.shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv
|
||||
chown repo-sync ${cfg.stateDir}/ssh.priv
|
||||
'';
|
||||
ExecStart = "${pkgs.repo-sync}/bin/repo-sync ${repo-sync-config}";
|
||||
WorkingDirectory = cfg.stateDir;
|
||||
User = "repo-sync";
|
||||
};
|
||||
};
|
||||
};
|
||||
in out
|
@ -1,4 +1,5 @@
|
||||
{ lib, pkgs, python3Packages, fetchurl, ... }:
|
||||
|
||||
with python3Packages; buildPythonPackage rec {
|
||||
name = "repo-sync-${version}";
|
||||
version = "0.2.5";
|
||||
@ -6,6 +7,7 @@ with python3Packages; buildPythonPackage rec {
|
||||
propagatedBuildInputs = [
|
||||
docopt
|
||||
GitPython
|
||||
pkgs.git
|
||||
];
|
||||
src = fetchurl {
|
||||
url = "https://pypi.python.org/packages/source/r/repo-sync/repo-sync-${version}.tar.gz";
|
||||
|
Loading…
Reference in New Issue
Block a user