diff options
| author | makefu <github@syntax-fehler.de> | 2016-02-15 14:01:20 +0100 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2016-02-15 14:01:24 +0100 |
| commit | 0457cd1bb9072dbed13ad74d41ffccd04d8dac20 (patch) | |
| tree | 3e8cdd02a40e8d0eacee06fe0a336a77c65ba6e4 | |
| parent | e62a0475cd45e30f10d4bce8837b8a776eeb4754 (diff) | |
k 3 repo-sync: init module, add git dependency
| -rw-r--r-- | krebs/3modules/default.nix | 1 | ||||
| -rw-r--r-- | krebs/3modules/repo-sync.nix | 110 | ||||
| -rw-r--r-- | krebs/5pkgs/repo-sync/default.nix | 2 |
3 files changed, 113 insertions, 0 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 3d51076cf..060b4445d 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -29,6 +29,7 @@ let ./retiolum.nix ./tinc_graphs.nix ./urlwatch.nix + ./repo-sync.nix ]; options.krebs = api; config = mkIf cfg.enable imp; diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix new file mode 100644 index 000000000..c92d458dd --- /dev/null +++ b/krebs/3modules/repo-sync.nix @@ -0,0 +1,110 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.krebs.repo-sync; + + out = { + options.krebs.repo-sync = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "repo-sync"; + config = mkOption { + type = with types;attrsOf (attrsOf (attrsOf str)); + example = literalExample '' + # see `repo-sync --help` + # `ref` provides sane defaults and can be omitted + + # attrset will be converted to json and be used as config + { + makefu = { + origin = { + url = http://github.com/makefu/repo ; + ref = "heads/dev" ; + }; + mirror = { + url = "git@internal:mirror" ; + ref = "heads/github-mirror-dev" ; + }; + }; + lass = { + origin = { + url = http://github.com/lass/repo ; + }; + mirror = { + url = "git@internal:mirror" ; + }; + }; + "@latest" = { + mirror = { + url = "git@internal:mirror"; + ref = "heads/master"; + }; + }; + }; + ''; + }; + timerConfig = mkOption { + type = types.attrsOf types.str; + default = { + OnCalendar = "*:00,15,30,45"; + }; + }; + stateDir = mkOption { + type = types.str; + default = "/var/lib/repo-sync"; + }; + privateKeyFile = mkOption { + type = types.str; + description = '' + used by repo-sync to identify with ssh service + ''; + default = toString <secrets/wolf-repo-sync.rsa_key.priv>; + }; + }; + repo-sync-config = pkgs.writeText "repo-sync-config.json" + (builtins.toJSON cfg.config); + + imp = { + users.users.repo-sync = { + name = "repo-sync"; + uid = genid "repo-sync"; + description = "repo-sync user"; + home = cfg.stateDir; + createHome = true; + }; + + systemd.timers.repo-sync = { + description = "repo-sync timer"; + wantedBy = [ "timers.target" ]; + + timerConfig = cfg.timerConfig; + }; + systemd.services.repo-sync = { + description = "repo-sync"; + after = [ "network.target" ]; + + path = with pkgs; [ ]; + + environment = { + GIT_SSH_COMMAND = "${pkgs.openssh}/bin/ssh -i ${cfg.stateDir}/ssh.priv"; + }; + + serviceConfig = { + Type = "simple"; + PermissionsStartOnly = true; + ExecStartPre = pkgs.writeScript "prepare-repo-sync-user" '' + #! /bin/sh + cp -v ${lib.shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv + chown repo-sync ${cfg.stateDir}/ssh.priv + ''; + ExecStart = "${pkgs.repo-sync}/bin/repo-sync ${repo-sync-config}"; + WorkingDirectory = cfg.stateDir; + User = "repo-sync"; + }; + }; + }; +in out diff --git a/krebs/5pkgs/repo-sync/default.nix b/krebs/5pkgs/repo-sync/default.nix index 28fc3970d..789c03f36 100644 --- a/krebs/5pkgs/repo-sync/default.nix +++ b/krebs/5pkgs/repo-sync/default.nix @@ -1,4 +1,5 @@ { lib, pkgs, python3Packages, fetchurl, ... }: + with python3Packages; buildPythonPackage rec { name = "repo-sync-${version}"; version = "0.2.5"; @@ -6,6 +7,7 @@ with python3Packages; buildPythonPackage rec { propagatedBuildInputs = [ docopt GitPython + pkgs.git ]; src = fetchurl { url = "https://pypi.python.org/packages/source/r/repo-sync/repo-sync-${version}.tar.gz"; |