summaryrefslogtreecommitdiffstats
path: root/krebs/3modules/konsens.nix
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2018-09-06 23:10:09 +0200
committertv <tv@krebsco.de>2018-09-06 23:10:09 +0200
commit03764d6765f8d2734d0960bc75cc6856bf0893d8 (patch)
treeb8cbbdc3a0381b5d1b1d08149c38a6bd5be5e9c5 /krebs/3modules/konsens.nix
parent86466154f11748365cdab50b6ac113bdfd5542be (diff)
parent96c4ab61202f515c7a361ef76c398e542771d6b4 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'krebs/3modules/konsens.nix')
-rw-r--r--krebs/3modules/konsens.nix80
1 files changed, 80 insertions, 0 deletions
diff --git a/krebs/3modules/konsens.nix b/krebs/3modules/konsens.nix
new file mode 100644
index 000000000..47316d5d6
--- /dev/null
+++ b/krebs/3modules/konsens.nix
@@ -0,0 +1,80 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+
+let
+ cfg = config.krebs.konsens;
+
+ out = {
+ options.krebs.konsens = api;
+ config = lib.mkIf cfg.enable imp;
+ };
+
+ api = {
+ enable = mkEnableOption "git konsens finder";
+ repos = mkOption {
+ type = types.attrsOf (types.submodule ({ config, ...}: {
+ options = {
+ url = mkOption {
+ type = types.str;
+ default = "git@localhost:${config._module.args.name}";
+ };
+ branchesToCheck = mkOption {
+ type = types.listOf types.str;
+ default = [ "lassulus" "makefu" "tv" ];
+ };
+ target = mkOption {
+ type = types.str;
+ default = "master";
+ };
+ timerConfig = mkOption {
+ type = types.attrsOf types.str;
+ default = {
+ OnCalendar = "*:00,15,30,45";
+ };
+ };
+ };
+ }));
+ };
+ };
+
+ imp = {
+ users.users.konsens = rec {
+ name = "konsens";
+ uid = genid name;
+ home = "/var/lib/konsens";
+ createHome = true;
+ };
+
+ systemd.timers = mapAttrs' (name: repo:
+ nameValuePair "konsens-${name}" {
+ description = "konsens timer";
+ wantedBy = [ "timers.target" ];
+ timerConfig = repo.timerConfig;
+ }
+ ) cfg.repos;
+
+ systemd.services = mapAttrs' (name: repo:
+ nameValuePair "konsens-${name}" {
+ after = [ "network.target" "secret.service" ];
+ path = [ pkgs.git ];
+ restartIfChanged = false;
+ serviceConfig = {
+ Type = "simple";
+ PermissionsStartOnly = true;
+ ExecStart = pkgs.writeDash "konsens-${name}" ''
+ if ! test -e ${name}; then
+ git clone ${repo.url} ${name}
+ fi
+ cd ${name}
+ git fetch origin
+ git push origin $(git merge-base ${concatMapStringsSep " " (branch: "origin/${branch}") repo.branchesToCheck}):refs/heads/master
+ '';
+ WorkingDirectory = /var/lib/konsens;
+ User = "konsens";
+ };
+ }
+ ) cfg.repos;
+ };
+
+in out