host cd: use irc-announce and cgit

This commit is contained in:
tv 2015-06-18 21:22:21 +02:00
parent 94488da95f
commit 1325e5a675
2 changed files with 22 additions and 14 deletions

View File

@ -59,31 +59,38 @@
makefu = { pubkey = "xxx"; }; makefu = { pubkey = "xxx"; };
}; };
# TODO warn about stale repodirs
repos = addNames { repos = addNames {
testing = { shitment = {
desc = "shitment repository";
hooks = { hooks = {
update = '' post-receive = git.irc-announce {
#! /bin/sh nick = config.networking.hostName; # TODO make this the default
set -euf channel = "#retiolum";
echo update hook: $* >&2 server = "ire.retiolum";
''; };
post-update = ''
#! /bin/sh
set -euf
echo post-update hook: $* >&2
'';
}; };
public = true;
};
testing = {
desc = "testing repository";
hooks = {
post-receive = git.irc-announce {
nick = config.networking.hostName; # TODO make this the default
channel = "#repository";
server = "ire.retiolum";
};
};
public = true;
}; };
}; };
rules = with git; with users; with repos; [ rules = with git; with users; with repos; [
{ user = tv; { user = tv;
repo = testing; repo = [ testing shitment ];
perm = push master [ non-fast-forward create delete merge ]; perm = push master [ non-fast-forward create delete merge ];
} }
{ user = [ lass makefu ]; { user = [ lass makefu ];
repo = testing; repo = [ testing shitment ];
perm = fetch; perm = fetch;
} }
]; ];

View File

@ -63,6 +63,7 @@
ip4tables -A Retiolum -j ACCEPT -p icmp --icmp-type echo-request ip4tables -A Retiolum -j ACCEPT -p icmp --icmp-type echo-request
ip6tables -A Retiolum -j ACCEPT -p ipv6-icmp -m icmp6 --icmpv6-type echo-request ip6tables -A Retiolum -j ACCEPT -p ipv6-icmp -m icmp6 --icmpv6-type echo-request
ipXtables -A Retiolum -j ACCEPT -p tcp --dport http -m conntrack --ctstate NEW
${when log "ipXtables -A Retiolum -j LOG --log-level info --log-prefix 'REJECT '"} ${when log "ipXtables -A Retiolum -j LOG --log-level info --log-prefix 'REJECT '"}
ipXtables -A Retiolum -j REJECT -p tcp --reject-with tcp-reset ipXtables -A Retiolum -j REJECT -p tcp --reject-with tcp-reset