summaryrefslogtreecommitdiffstats
path: root/3modules/krebs/github-hosts-sync.nix
diff options
context:
space:
mode:
authorlassulus <lass@aidsballs.de>2015-07-28 22:37:28 +0200
committerlassulus <lass@aidsballs.de>2015-07-28 23:23:26 +0200
commit1bf670270c1e87900a908f7e9b949b5502158f4f (patch)
tree3a89e86813805e0d6075d3b01497d681602b45cd /3modules/krebs/github-hosts-sync.nix
parentfa175ca26e533b62f3afc11709ef1689647c558c (diff)
parent06cb4d25ef40773e2cc516e50a9aeec6cbe1d0a8 (diff)
Merge remote-tracking branch 'cd/master' into newmaster2
Diffstat (limited to '3modules/krebs/github-hosts-sync.nix')
-rw-r--r--3modules/krebs/github-hosts-sync.nix83
1 files changed, 0 insertions, 83 deletions
diff --git a/3modules/krebs/github-hosts-sync.nix b/3modules/krebs/github-hosts-sync.nix
deleted file mode 100644
index c3b56ef94..000000000
--- a/3modules/krebs/github-hosts-sync.nix
+++ /dev/null
@@ -1,83 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with builtins;
-with lib;
-let
- cfg = config.krebs.github-hosts-sync;
-
- out = {
- options.krebs.github-hosts-sync = api;
- config = mkIf cfg.enable imp;
- };
-
- api = {
- enable = mkEnableOption "krebs.github-hosts-sync";
- port = mkOption {
- type = types.int; # TODO port type
- default = 1028;
- };
- dataDir = mkOption {
- type = types.str; # TODO path (but not just into store)
- default = "/var/lib/github-hosts-sync";
- };
- ssh-identity-file = mkOption {
- type = types.str; # TODO must be named *.ssh.{id_rsa,id_ed25519}
- default = "/root/src/secrets/github-hosts-sync.ssh.id_rsa";
- };
- };
-
- imp = {
- systemd.services.github-hosts-sync = {
- after = [ "network.target" ];
- wantedBy = [ "multi-user.target" ];
- environment = {
- port = toString cfg.port;
- };
- serviceConfig = {
- PermissionsStartOnly = "true";
- SyslogIdentifier = "github-hosts-sync";
- User = user.name;
- Restart = "always";
- ExecStartPre = pkgs.writeScript "github-hosts-sync-init" ''
- #! /bin/sh
- set -euf
-
- ssh_identity_file_target=$(
- case ${cfg.ssh-identity-file} in
- *.ssh.id_rsa|*.ssh.id_ed25519) echo ${cfg.dataDir}/.ssh/id_rsa;;
- *.ssh.id_ed25519) echo ${cfg.dataDir}/.ssh/id_ed25519;;
- *)
- echo "bad identity file name: ${cfg.ssh-identity-file}" >&2
- exit 1
- esac
- )
-
- mkdir -p ${cfg.dataDir}
- chown ${user.name}: ${cfg.dataDir}
-
- install \
- -o ${user.name} \
- -m 0400 \
- ${cfg.ssh-identity-file} \
- "$ssh_identity_file_target"
-
- ln -snf ${Zpkgs.github-known_hosts} ${cfg.dataDir}/.ssh/known_hosts
- '';
- ExecStart = "${Zpkgs.github-hosts-sync}/bin/github-hosts-sync";
- };
- };
-
- users.extraUsers = singleton {
- inherit (user) name uid;
- home = cfg.dataDir;
- };
- };
-
- user = {
- name = "github-hosts-sync";
- uid = 3220554646; # genid github-hosts-sync
- };
-
- Zpkgs = import ../../Zpkgs/krebs { inherit pkgs; };
-in
-out