blob: ad88d666b6444b15ceaa43f40134b868a69f2da6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
{ config, pkgs, ... }:
with import <stockholm/lib>;
{
krebs.gollum = {
enable = true;
extraConfig = ''
Gollum::Hook.register(:post_commit, :hook_id) do |committer, sha1|
system('${toString (pkgs.writers.writeDash "push_cgit" ''
export PATH=${makeBinPath [ pkgs.git ]}
export GIT_SSH_COMMAND='${pkgs.openssh}/bin/ssh -i ${config.krebs.gollum.stateDir}/.ssh/id_ed25519'
repo='git@localhost:wiki'
cd ${config.krebs.gollum.stateDir}
if ! url=$(git config remote.origin.url); then
git remote add origin "$repo"
elif test "$url" != "$repo"; then
git remote set-url origin "$repo"
fi
git push origin master
'')}')
end
'';
};
networking.firewall.allowedTCPPorts = [ 80 ];
services.nginx = {
enable = true;
virtualHosts.wiki = {
serverAliases = [ "wiki.r" "wiki.${config.networking.hostName}.r" ];
locations."/".extraConfig = ''
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://127.0.0.1:${toString config.services.gollum.port};
'';
};
};
krebs.git = {
enable = true;
cgit.settings = {
root-title = "krebs repos";
};
rules = with git; [
{
user = [
{
name = "gollum";
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMXbjDnQWg8EECsNRZZWezocMIiuENhCSQFcFUXcsOQ6";
}
config.krebs.users.lass-mors
];
repo = [ config.krebs.git.repos.wiki ];
perm = push ''refs/*'' [ create merge ];
}
];
repos.wiki = {
public = true;
name = "wiki";
hooks = {
post-receive = pkgs.git-hooks.irc-announce {
channel = "#xxx";
refs = [
"refs/heads/master"
"refs/heads/newest"
"refs/tags/*"
];
nick = config.networking.hostName;
server = "irc.r";
verbose = true;
};
};
};
};
krebs.secret.files.gollum = {
path = "${config.krebs.gollum.stateDir}/.ssh/id_ed25519";
owner = { name = "gollum"; };
source-path = "${<secrets/gollum.id_ed25519>}";
};
}
|
