summaryrefslogtreecommitdiffstats
path: root/modules/cd/default.nix
diff options
context:
space:
mode:
authortv <tv@shackspace.de>2015-06-14 19:19:45 +0200
committertv <tv@shackspace.de>2015-06-14 19:19:45 +0200
commit96ea8780a321fa2b649dd5c1f0db08e6edc632e3 (patch)
tree78a1bd09af38702fb184dbb6a25f7853bdfaa0d2 /modules/cd/default.nix
parent1d22fb2f265394780b55705b45f86dc9a4ab0097 (diff)
host cd: add services.git
Diffstat (limited to 'modules/cd/default.nix')
-rw-r--r--modules/cd/default.nix36
1 files changed, 35 insertions, 1 deletions
diff --git a/modules/cd/default.nix b/modules/cd/default.nix
index cc63318cd..405c27a81 100644
--- a/modules/cd/default.nix
+++ b/modules/cd/default.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
{
imports =
@@ -44,6 +44,40 @@
enable = true;
};
+ services.git =
+ let
+ inherit (builtins) readFile;
+ # TODO lib should already include our stuff
+ inherit (import ../../lib { inherit lib; }) addNames git;
+ in
+ rec {
+ enable = true;
+
+ users = addNames {
+ tv = { pubkey = readFile <pubkeys/tv.ssh.pub>; };
+ lass = { pubkey = "xxx"; };
+ makefu = { pubkey = "xxx"; };
+ };
+
+ # TODO warn about stale repodirs
+ repos = addNames {
+ testing = {
+ # TODO hooks = { post-receive = ...
+ };
+ };
+
+ rules = with git; with users; with repos; [
+ { user = tv;
+ repo = testing;
+ perm = push master [ non-fast-forward create delete merge ];
+ }
+ { user = [ lass makefu ];
+ repo = testing;
+ perm = fetch;
+ }
+ ];
+ };
+
services.journald.extraConfig = ''
SystemMaxUse=1G
RuntimeMaxUse=128M