k 3 repo-sync: refactor, allow multiple repos

This commit is contained in:
lassulus 2016-06-24 15:24:42 +02:00
parent 93567fa818
commit edcc01d8e3

View File

@ -11,14 +11,14 @@ let
api = { api = {
enable = mkEnableOption "repo-sync"; enable = mkEnableOption "repo-sync";
config = mkOption { repos = mkOption {
type = with types;attrsOf (attrsOf (attrsOf str)); type = with types;attrsOf (attrsOf (attrsOf (attrsOf str)));
example = literalExample '' example = literalExample ''
# see `repo-sync --help` # see `repo-sync --help`
# `ref` provides sane defaults and can be omitted # `ref` provides sane defaults and can be omitted
# attrset will be converted to json and be used as config # attrset will be converted to json and be used as config
{ { repo = {
makefu = { makefu = {
origin = { origin = {
url = http://github.com/makefu/repo ; url = http://github.com/makefu/repo ;
@ -44,6 +44,7 @@ let
}; };
}; };
}; };
};
''; '';
}; };
timerConfig = mkOption { timerConfig = mkOption {
@ -56,37 +57,49 @@ let
type = types.str; type = types.str;
default = "/var/lib/repo-sync"; default = "/var/lib/repo-sync";
}; };
user = mkOption {
type = types.user;
default = {
name = "repo-sync";
home = cfg.stateDir;
};
};
privateKeyFile = mkOption { privateKeyFile = mkOption {
type = types.str; type = types.secret-file;
description = '' default = {
used by repo-sync to identify with ssh service path = "${cfg.stateDir}/ssh.priv";
''; owner = cfg.user;
default = toString <secrets/wolf-repo-sync.rsa_key.priv>; source-path = toString <secrets> + "/repo-sync.ssh.key";
}; };
}; };
repo-sync-config = pkgs.writeText "repo-sync-config.json"
(builtins.toJSON cfg.config); };
imp = { imp = {
users.users.repo-sync = { users.users.${cfg.user.name} = {
name = "repo-sync"; inherit (cfg.user) home name uid;
uid = genid "repo-sync";
description = "repo-sync user";
home = cfg.stateDir;
createHome = true; createHome = true;
description = "repo-sync user";
}; };
systemd.timers.repo-sync = { systemd.timers = mapAttrs' (name: repo:
nameValuePair "repo-sync-${name}" {
description = "repo-sync timer"; description = "repo-sync timer";
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
timerConfig = cfg.timerConfig; timerConfig = cfg.timerConfig;
}; }
systemd.services.repo-sync = { ) cfg.repos;
description = "repo-sync";
after = [ "network.target" ];
path = with pkgs; [ ]; systemd.services = mapAttrs' (name: repo:
let
repo-sync-config = pkgs.writeText "repo-sync-config-${name}.json"
(builtins.toJSON repo);
in nameValuePair "repo-sync-${name}" {
description = "repo-sync";
after = [ "network.target" "secret.service" ];
environment = { environment = {
GIT_SSH_COMMAND = "${pkgs.openssh}/bin/ssh -i ${cfg.stateDir}/ssh.priv"; GIT_SSH_COMMAND = "${pkgs.openssh}/bin/ssh -i ${cfg.stateDir}/ssh.priv";
@ -95,14 +108,11 @@ let
serviceConfig = { serviceConfig = {
Type = "simple"; Type = "simple";
PermissionsStartOnly = true; PermissionsStartOnly = true;
ExecStartPre = pkgs.writeDash "prepare-repo-sync-user" ''
cp -v ${shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv
chown repo-sync ${cfg.stateDir}/ssh.priv
'';
ExecStart = "${pkgs.repo-sync}/bin/repo-sync ${repo-sync-config}"; ExecStart = "${pkgs.repo-sync}/bin/repo-sync ${repo-sync-config}";
WorkingDirectory = cfg.stateDir; WorkingDirectory = cfg.stateDir;
User = "repo-sync"; User = "repo-sync";
}; };
}; }
) cfg.repos;
}; };
in out in out