diff options
author | tv <tv@shackspace.de> | 2015-06-14 19:19:45 +0200 |
---|---|---|
committer | tv <tv@shackspace.de> | 2015-06-14 19:19:45 +0200 |
commit | 96ea8780a321fa2b649dd5c1f0db08e6edc632e3 (patch) | |
tree | 78a1bd09af38702fb184dbb6a25f7853bdfaa0d2 /modules | |
parent | 1d22fb2f265394780b55705b45f86dc9a4ab0097 (diff) |
host cd: add services.git
Diffstat (limited to 'modules')
-rw-r--r-- | modules/cd/default.nix | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/modules/cd/default.nix b/modules/cd/default.nix index cc63318cd..405c27a81 100644 --- a/modules/cd/default.nix +++ b/modules/cd/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: { imports = @@ -44,6 +44,40 @@ enable = true; }; + services.git = + let + inherit (builtins) readFile; + # TODO lib should already include our stuff + inherit (import ../../lib { inherit lib; }) addNames git; + in + rec { + enable = true; + + users = addNames { + tv = { pubkey = readFile <pubkeys/tv.ssh.pub>; }; + lass = { pubkey = "xxx"; }; + makefu = { pubkey = "xxx"; }; + }; + + # TODO warn about stale repodirs + repos = addNames { + testing = { + # TODO hooks = { post-receive = ... + }; + }; + + rules = with git; with users; with repos; [ + { user = tv; + repo = testing; + perm = push master [ non-fast-forward create delete merge ]; + } + { user = [ lass makefu ]; + repo = testing; + perm = fetch; + } + ]; + }; + services.journald.extraConfig = '' SystemMaxUse=1G RuntimeMaxUse=128M |