diff options
author | tv <tv@krebsco.de> | 2020-06-02 23:35:17 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2020-06-02 23:35:17 +0200 |
commit | 09c9f8f7fb04be39390b6f65966789c1bf6333e5 (patch) | |
tree | b0cb0f718b40517b0645a38169e67b1088566f64 /nin/2configs/git.nix | |
parent | 09e620c79b70e495e9651e8e5c1b160dd1b5fb8d (diff) | |
parent | 211e2ca6b9a1d8b4dd92071065b0b595123fe282 (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'nin/2configs/git.nix')
-rw-r--r-- | nin/2configs/git.nix | 60 |
1 files changed, 0 insertions, 60 deletions
diff --git a/nin/2configs/git.nix b/nin/2configs/git.nix deleted file mode 100644 index aed4a9f48..000000000 --- a/nin/2configs/git.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; - -let - - out = { - services.nginx.enable = true; - krebs.git = { - enable = true; - cgit = { - settings = { - root-title = "public repositories at ${config.krebs.build.host.name}"; - root-desc = "keep calm and engage"; - }; - }; - repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos; - rules = rules; - }; - - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } - ]; - }; - - repos = public-repos; - - rules = concatMap make-rules (attrValues repos); - - public-repos = mapAttrs make-public-repo { - stockholm = { - cgit.desc = "take all the computers hostage, they'll love you!"; - }; - }; - - make-public-repo = name: { cgit ? {}, ... }: { - inherit cgit name; - public = true; - }; - - make-rules = - with git // config.krebs.users; - repo: - singleton { - user = [ nin nin_h ]; - repo = [ repo ]; - perm = push "refs/*" [ non-fast-forward create delete merge ]; - } ++ - optional repo.public { - user = attrValues config.krebs.users; - repo = [ repo ]; - perm = fetch; - } ++ - optional (length (repo.collaborators or []) > 0) { - user = repo.collaborators; - repo = [ repo ]; - perm = fetch; - }; - -in out |