From 04c22b427cc01dc5d6649a4b9052b392bd2e6988 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 14 Aug 2018 19:38:48 +0200 Subject: krops: 1.1.0 -> 1.3.0 --- krebs/5pkgs/simple/krops.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/5pkgs/simple/krops.nix b/krebs/5pkgs/simple/krops.nix index e4e9928d4..208ba607e 100644 --- a/krebs/5pkgs/simple/krops.nix +++ b/krebs/5pkgs/simple/krops.nix @@ -2,6 +2,6 @@ fetchgit { url = https://cgit.krebsco.de/krops; - rev = "refs/tags/v1.1.0"; - sha256 = "19z5385rdci2bj0l7ksjbgyj84vsb29kz87j9x6vj5vv16y7y4ll"; + rev = "refs/tags/v1.3.0"; + sha256 = "1vfmm7aqi6y6cjz7vivamc70dkaxxxlihj48qvqc0dlj1bi331c2"; } -- cgit v1.2.3 From 7a1441bf1c053411921eff0f25c7e9099a13029c Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 23 Aug 2018 13:07:33 +0200 Subject: krops: 1.3.0 -> 1.3.1 --- krebs/5pkgs/simple/krops.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/5pkgs/simple/krops.nix b/krebs/5pkgs/simple/krops.nix index 208ba607e..23cc224b8 100644 --- a/krebs/5pkgs/simple/krops.nix +++ b/krebs/5pkgs/simple/krops.nix @@ -2,6 +2,6 @@ fetchgit { url = https://cgit.krebsco.de/krops; - rev = "refs/tags/v1.3.0"; - sha256 = "1vfmm7aqi6y6cjz7vivamc70dkaxxxlihj48qvqc0dlj1bi331c2"; + rev = "refs/tags/v1.3.1"; + sha256 = "0bv984bjc6r1ys1q0wnszv1v1g1wdvjb6i0ibj7namwz0mhg67a7"; } -- cgit v1.2.3 From ce31457b77a65d36893d622b5e1061284e90bf2d Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 24 Aug 2018 21:08:28 +0200 Subject: nix-writers: 4d08293 -> 5d79992 --- submodules/nix-writers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/nix-writers b/submodules/nix-writers index 4d0829328..5d7999226 160000 --- a/submodules/nix-writers +++ b/submodules/nix-writers @@ -1 +1 @@ -Subproject commit 4d0829328e885a6d7163b513998a975e60dd0a72 +Subproject commit 5d79992262e8f16a3efa985375be74abea3bb392 -- cgit v1.2.3 From 23d2950ed7d60aaa066a437b4aaffbf55a76c036 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 28 Aug 2018 20:58:23 +0200 Subject: cgit-clear-cache: init --- krebs/3modules/git.nix | 4 +--- krebs/5pkgs/simple/cgit-clear-cache.nix | 8 ++++++++ 2 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 krebs/5pkgs/simple/cgit-clear-cache.nix diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 5ae24b40b..89726fd7b 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -403,9 +403,7 @@ let )); environment.systemPackages = [ - (pkgs.writeDashBin "cgit-clear-cache" '' - ${pkgs.coreutils}/bin/rm -f ${cfg.cgit.settings.cache-root}/* - '') + (pkgs.cgit-clear-cache.override { inherit (cfg.cgit.settings) cache-root; }) ]; system.activationScripts.cgit = '' diff --git a/krebs/5pkgs/simple/cgit-clear-cache.nix b/krebs/5pkgs/simple/cgit-clear-cache.nix new file mode 100644 index 000000000..28402c39c --- /dev/null +++ b/krebs/5pkgs/simple/cgit-clear-cache.nix @@ -0,0 +1,8 @@ +with import ; + +{ cache-root ? "/tmp/cgit", findutils, writeDashBin }: + +writeDashBin "cgit-clear-cache" '' + set -efu + ${findutils}/bin/find ${shell.escape cache-root} -type f -delete +'' -- cgit v1.2.3 From 7da08cb47fd07d4220f459475bb8bce405512397 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 28 Aug 2018 22:05:45 +0200 Subject: krebs git: allow git user to rwx cgit cache-root --- krebs/3modules/git.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 89726fd7b..8a923efd2 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -348,6 +348,10 @@ let users.users.${cfg.user.name} = { inherit (cfg.user) home name uid; description = "Git repository hosting user"; + extraGroups = [ + # To allow running cgit-clear-cache via hooks. + cfg.cgit.fcgiwrap.group.name + ]; shell = "/bin/sh"; openssh.authorizedKeys.keys = unique @@ -407,7 +411,8 @@ let ]; system.activationScripts.cgit = '' - mkdir -m 0700 -p ${cfg.cgit.settings.cache-root} + mkdir -m 0770 -p ${cfg.cgit.settings.cache-root} + chmod 0770 ${cfg.cgit.settings.cache-root} chown ${toString cfg.cgit.fcgiwrap.user.uid}:${toString cfg.cgit.fcgiwrap.group.gid} ${cfg.cgit.settings.cache-root} ''; -- cgit v1.2.3 From 16ad5fb0a835a1022656253ae838e83fa024e692 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 28 Aug 2018 21:48:00 +0200 Subject: tv gitrepos: cgit-clear-cache on post-receive --- tv/2configs/gitrepos.nix | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix index 06875038d..74fb5215a 100644 --- a/tv/2configs/gitrepos.nix +++ b/tv/2configs/gitrepos.nix @@ -18,6 +18,10 @@ let { }; }; + cgit-clear-cache = pkgs.cgit-clear-cache.override { + inherit (config.krebs.git.cgit.settings) cache-root; + }; + repos = public-repos // optionalAttrs config.krebs.build.host.secure restricted-repos; @@ -97,8 +101,11 @@ let { { brain = { collaborators = with config.krebs.users; [ lass makefu ]; - hooks.post-receive = irc-announce { - cgit_endpoint = null; + hooks = { + post-receive = /* sh */ '' + (${irc-announce { cgit_endpoint = null; }}) + ${cgit-clear-cache}/bin/cgit-clear-cache + ''; }; }; } // @@ -117,14 +124,24 @@ let { make-public-repo = name: { cgit ? {}, ... }: { inherit cgit name; public = true; - hooks = optionalAttrs (config.krebs.build.host.name == "ni") { - post-receive = irc-announce {}; + hooks = { + post-receive = /* sh */ '' + (${optionalString (config.krebs.build.host.name == "ni") + (irc-announce {})}) + ${cgit-clear-cache}/bin/cgit-clear-cache + ''; }; }; make-restricted-repo = name: { collaborators ? [], hooks ? {}, ... }: { - inherit collaborators hooks name; + inherit collaborators name; public = false; + hooks = hooks // { + post-receive = /* sh */ '' + (${hooks.post-receive or ""}) + ${cgit-clear-cache}/bin/cgit-clear-cache + ''; + }; }; make-rules = -- cgit v1.2.3