diff options
| -rw-r--r-- | modules/cd/default.nix | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/modules/cd/default.nix b/modules/cd/default.nix index cc63318cd..405c27a81 100644 --- a/modules/cd/default.nix +++ b/modules/cd/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: { imports = @@ -44,6 +44,40 @@ enable = true; }; + services.git = + let + inherit (builtins) readFile; + # TODO lib should already include our stuff + inherit (import ../../lib { inherit lib; }) addNames git; + in + rec { + enable = true; + + users = addNames { + tv = { pubkey = readFile <pubkeys/tv.ssh.pub>; }; + lass = { pubkey = "xxx"; }; + makefu = { pubkey = "xxx"; }; + }; + + # TODO warn about stale repodirs + repos = addNames { + testing = { + # TODO hooks = { post-receive = ... + }; + }; + + rules = with git; with users; with repos; [ + { user = tv; + repo = testing; + perm = push master [ non-fast-forward create delete merge ]; + } + { user = [ lass makefu ]; + repo = testing; + perm = fetch; + } + ]; + }; + services.journald.extraConfig = '' SystemMaxUse=1G RuntimeMaxUse=128M |