From 5822253bc17d0ea380933a8b5382e4f7396ff9e3 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 18 Jun 2017 16:32:18 +0200
Subject: m 1 x: add brain-retiolum

---
 makefu/1systems/x.nix                  |  2 +-
 makefu/2configs/git/brain-retiolum.nix | 57 ++++++++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+), 1 deletion(-)
 create mode 100644 makefu/2configs/git/brain-retiolum.nix

(limited to 'makefu')

diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix
index d1503c8d..ee3a7bb1 100644
--- a/makefu/1systems/x.nix
+++ b/makefu/1systems/x.nix
@@ -55,7 +55,7 @@ with import <stockholm/lib>;
       ../2configs/rad1o.nix
 
       # services
-      #../2configs/git/brain-retiolum.nix
+      ../2configs/git/brain-retiolum.nix
       ../2configs/tor.nix
       ../2configs/steam.nix
       # ../2configs/buildbot-standalone.nix
diff --git a/makefu/2configs/git/brain-retiolum.nix b/makefu/2configs/git/brain-retiolum.nix
new file mode 100644
index 00000000..18275e3d
--- /dev/null
+++ b/makefu/2configs/git/brain-retiolum.nix
@@ -0,0 +1,57 @@
+{ config, lib, pkgs, ... }:
+# TODO: remove tv lib :)
+with import <stockholm/lib>;
+let
+
+  repos = krebs-repos;
+  rules = concatMap krebs-rules (attrValues krebs-repos);
+
+  krebs-repos = mapAttrs make-krebs-repo {
+    brain = { };
+  };
+
+
+  make-krebs-repo = with git; name: { cgit ? {}, ... }: {
+    inherit cgit name;
+    public = false;
+    hooks = {
+      post-receive = pkgs.git-hooks.irc-announce {
+        nick = config.networking.hostName;
+        verbose = true;
+        channel = "#retiolum";
+        # TODO remove the hardcoded hostname
+        server = "ni.r";
+      };
+    };
+  };
+
+
+
+  # TODO: get the list of all krebsministers
+  krebsminister = with config.krebs.users; [ lass tv ];
+  krebs-rules = repo:
+    set-owners repo [ config.krebs.users.makefu ] ++ set-ro-access repo krebsminister;
+
+  set-ro-access = with git; repo: user:
+      optional repo.public {
+        inherit user;
+        repo = [ repo ];
+        perm = fetch;
+      };
+
+  set-owners = with git;repo: user:
+      singleton {
+        inherit user;
+        repo = [ repo ];
+        perm = push "refs/*" [ non-fast-forward create delete merge ];
+      };
+
+in {
+  krebs.git = {
+    enable = true;
+    cgit = {
+      enable = false;
+    };
+    inherit repos rules;
+  };
+}
-- 
cgit v1.2.3