summaryrefslogtreecommitdiffstats
path: root/3modules/tv
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2015-07-24 12:03:51 +0200
committertv <tv@krebsco.de>2015-07-24 12:04:38 +0200
commit4e846ab7b38bc6c5ecf8213a027cc8ec4fa819d8 (patch)
tree53b9f0c9bc9042c612c9937d61af84e57500fc69 /3modules/tv
parent6e66334ec650a37eca46d4ae85b10fc8200ef460 (diff)
3: {tv -> krebs}.github-hosts-sync
Diffstat (limited to '3modules/tv')
-rw-r--r--3modules/tv/github-hosts-sync.nix83
1 files changed, 0 insertions, 83 deletions
diff --git a/3modules/tv/github-hosts-sync.nix b/3modules/tv/github-hosts-sync.nix
deleted file mode 100644
index f50bf2b..0000000
--- a/3modules/tv/github-hosts-sync.nix
+++ /dev/null
@@ -1,83 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with builtins;
-with lib;
-let
- cfg = config.tv.github-hosts-sync;
-
- out = {
- options.tv.github-hosts-sync = api;
- config = mkIf cfg.enable imp;
- };
-
- api = {
- enable = mkEnableOption "tv.github-hosts-sync";
- port = mkOption {
- type = types.int; # TODO port type
- default = 1028;
- };
- dataDir = mkOption {
- type = types.str; # TODO path (but not just into store)
- default = "/var/lib/github-hosts-sync";
- };
- ssh-identity-file = mkOption {
- type = types.str; # TODO must be named *.ssh.{id_rsa,id_ed25519}
- default = "/root/src/secrets/github-hosts-sync.ssh.id_rsa";
- };
- };
-
- imp = {
- systemd.services.github-hosts-sync = {
- after = [ "network.target" ];
- wantedBy = [ "multi-user.target" ];
- environment = {
- port = toString cfg.port;
- };
- serviceConfig = {
- PermissionsStartOnly = "true";
- SyslogIdentifier = "github-hosts-sync";
- User = user.name;
- Restart = "always";
- ExecStartPre = pkgs.writeScript "github-hosts-sync-init" ''
- #! /bin/sh
- set -euf
-
- ssh_identity_file_target=$(
- case ${cfg.ssh-identity-file} in
- *.ssh.id_rsa|*.ssh.id_ed25519) echo ${cfg.dataDir}/.ssh/id_rsa;;
- *.ssh.id_ed25519) echo ${cfg.dataDir}/.ssh/id_ed25519;;
- *)
- echo "bad identity file name: ${cfg.ssh-identity-file}" >&2
- exit 1
- esac
- )
-
- mkdir -p ${cfg.dataDir}
- chown ${user.name}: ${cfg.dataDir}
-
- install \
- -o ${user.name} \
- -m 0400 \
- ${cfg.ssh-identity-file} \
- "$ssh_identity_file_target"
-
- ln -snf ${Zpkgs.github-known_hosts} ${cfg.dataDir}/.ssh/known_hosts
- '';
- ExecStart = "${Zpkgs.github-hosts-sync}/bin/github-hosts-sync";
- };
- };
-
- users.extraUsers = singleton {
- inherit (user) name uid;
- home = cfg.dataDir;
- };
- };
-
- user = {
- name = "github-hosts-sync";
- uid = 3220554646; # genid github-hosts-sync
- };
-
- Zpkgs = import ../../Zpkgs/tv { inherit pkgs; };
-in
-out