diff options
author | makefu <github@syntax-fehler.de> | 2015-07-24 21:04:22 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2015-07-24 21:04:22 +0200 |
commit | e1f4ef731f34056c8360de8be21c2bfbc396d2e4 (patch) | |
tree | a960212d1ee8b0666ebb934c383816900d45cc7a /2configs/tv/git.nix | |
parent | 7d71db1eb0ce36f8be914f53412615eba0090747 (diff) | |
parent | a62be1cef8726a2afa61df3dac9e19a71882b370 (diff) |
Merge remote-tracking branch 'cd/master'
Diffstat (limited to '2configs/tv/git.nix')
-rw-r--r-- | 2configs/tv/git.nix | 91 |
1 files changed, 91 insertions, 0 deletions
diff --git a/2configs/tv/git.nix b/2configs/tv/git.nix new file mode 100644 index 000000000..b7f9983a1 --- /dev/null +++ b/2configs/tv/git.nix @@ -0,0 +1,91 @@ +{ config, lib, pkgs, ... }: + +with import ../../4lib/tv { inherit lib pkgs; }; +let + + out = { + krebs.git = { + enable = true; + root-title = "public repositories at ${config.tv.identity.self.name}"; + root-desc = "keep calm and engage"; + inherit repos rules; + }; + }; + + repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) ( + public-repos // + optionalAttrs config.tv.identity.self.secure restricted-repos + ); + + rules = concatMap make-rules (attrValues repos); + + public-repos = mapAttrs make-public-repo { + cgserver = {}; + crude-mail-setup = {}; + dot-xmonad = {}; + hack = {}; + load-env = {}; + make-snapshot = {}; + mime = {}; + much = {}; + nixos-infest = {}; + nixpkgs = {}; + painload = {}; + quipper = {}; + regfish = {}; + stockholm = { + desc = "take all the computers hostage, they'll love you!"; + }; + wai-middleware-time = {}; + web-routes-wai-custom = {}; + xintmap = {}; + }; + + restricted-repos = mapAttrs make-restricted-repo ( + { + brain = { + collaborators = with config.krebs.users; [ lass makefu ]; + }; + } // + import /root/src/secrets/repos.nix { inherit config lib pkgs; } + ); + + make-public-repo = name: { desc ? null, ... }: { + inherit name desc; + public = true; + hooks = { + post-receive = git.irc-announce { + # TODO make nick = config.tv.identity.self.name the default + nick = config.tv.identity.self.name; + channel = "#retiolum"; + server = "cd.retiolum"; + }; + }; + }; + + make-restricted-repo = name: { desc ? null, ... }: { + inherit name desc; + public = false; + hooks = {}; # TODO default + }; + + make-rules = + with git // config.krebs.users; + repo: + singleton { + user = tv; + repo = [ repo ]; + perm = push "refs/*" [ non-fast-forward create delete merge ]; + } ++ + optional repo.public { + user = [ lass makefu uriel ]; + repo = [ repo ]; + perm = fetch; + } ++ + optional (length (repo.collaborators or []) > 0) { + user = repo.collaborators; + repo = [ repo ]; + perm = fetch; + }; + +in out |