diff options
author | makefu <github@syntax-fehler.de> | 2015-07-24 21:04:22 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2015-07-24 21:04:22 +0200 |
commit | 6b2a9d6b26ef75ee78c96839d4aa06ab027fcf4e (patch) | |
tree | edae5b9996be874d0795571af2f1356e4b904a2b /3modules/krebs | |
parent | 8cf043ca2014e566ce2dc056d392fe9f85dc7cb7 (diff) | |
parent | 2154167857b6bd35c8b1cce2ad41521164abb2ff (diff) |
Merge remote-tracking branch 'cd/master'
Diffstat (limited to '3modules/krebs')
-rw-r--r-- | 3modules/krebs/default.nix | 43 | ||||
-rw-r--r-- | 3modules/krebs/git.nix | 11 | ||||
-rw-r--r-- | 3modules/krebs/retiolum.nix | 40 |
3 files changed, 65 insertions, 29 deletions
diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix new file mode 100644 index 0000000..b8722d1 --- /dev/null +++ b/3modules/krebs/default.nix @@ -0,0 +1,43 @@ +{ config, lib, ... }: + +with import ../../4lib/krebs { inherit lib; }; +let + cfg = config.krebs; + + out = { + imports = [ + ./github-hosts-sync.nix + ./git.nix + ./nginx.nix + ./retiolum.nix + ./urlwatch.nix + ]; + options.krebs = api; + config = mkIf cfg.enable imp; + }; + + api = { + users = mkOption { + type = with types; attrsOf user; + default = addNames { + lass = { + pubkey = readFile ../../Zpubkeys/lass.ssh.pub; + }; + makefu = { + pubkey = readFile ../../Zpubkeys/makefu.ssh.pub; + }; + tv = { + pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub; + }; + uriel = { + pubkey = readFile ../../Zpubkeys/uriel.ssh.pub; + }; + }; + }; + }; + + imp = { + }; + +in +out diff --git a/3modules/krebs/git.nix b/3modules/krebs/git.nix index 2d747cc..499d330 100644 --- a/3modules/krebs/git.nix +++ b/3modules/krebs/git.nix @@ -6,8 +6,7 @@ # TODO when authorized_keys changes, then restart ssh # (or kill already connected users somehow) -with builtins; -with lib; +with import ../../4lib/krebs { inherit lib; }; let cfg = config.krebs.git; @@ -127,9 +126,6 @@ let rules = mkOption { type = types.unspecified; }; - users = mkOption { - type = types.unspecified; - }; }; git-imp = { @@ -157,7 +153,8 @@ let name = "git"; shell = "/bin/sh"; openssh.authorizedKeys.keys = - mapAttrsToList (_: makeAuthorizedKey git-ssh-command) cfg.users; + mapAttrsToList (_: makeAuthorizedKey git-ssh-command) + config.krebs.users; uid = 129318403; # genid git }; }; @@ -263,7 +260,7 @@ let isPublicRepo = getAttr "public"; # TODO this is also in ./cgit.nix - makeAuthorizedKey = git-ssh-command: user@{ name, pubkey }: + makeAuthorizedKey = git-ssh-command: user@{ name, pubkey, ... }: # TODO assert name # TODO assert pubkey let diff --git a/3modules/krebs/retiolum.nix b/3modules/krebs/retiolum.nix index 5c26dff..481d656 100644 --- a/3modules/krebs/retiolum.nix +++ b/3modules/krebs/retiolum.nix @@ -57,9 +57,9 @@ let }; hosts = mkOption { - default = null; + type = with types; either package path; + default = ../../Zhosts; description = '' - Hosts package or path to use. If a path is given, then it will be used to generate an ad-hoc package. ''; }; @@ -131,24 +131,20 @@ let }; tinc = cfg.tincPackage; - hostsType = builtins.typeOf cfg.hosts; - hosts = - if hostsType == "package" then - # use package as is - cfg.hosts - else if hostsType == "path" then - # use path to generate a package - pkgs.stdenv.mkDerivation { - name = "custom-retiolum-hosts"; - src = cfg.hosts; - installPhase = '' - mkdir $out - find . -name .git -prune -o -type f -print0 | xargs -0 cp --target-directory $out - ''; - } - else - abort "The option `services.retiolum.hosts' must be set to a package or a path" - ; + + hosts = getAttr (typeOf cfg.hosts) { + package = cfg.hosts; + path = pkgs.stdenv.mkDerivation { + name = "custom-retiolum-hosts"; + src = cfg.hosts; + installPhase = '' + mkdir $out + find . -name .git -prune -o -type f -print0 \ + | xargs -0 cp --target-directory $out + ''; + }; + }; + iproute = cfg.iproutePackage; retiolumExtraHosts = import (pkgs.runCommand "retiolum-etc-hosts" @@ -226,5 +222,5 @@ let chmod +x $out/tinc-up ''; -in -out + +in out |