diff options
author | lassulus <lass@aidsballs.de> | 2015-07-28 22:37:28 +0200 |
---|---|---|
committer | lassulus <lass@aidsballs.de> | 2015-07-28 23:23:26 +0200 |
commit | 1bf670270c1e87900a908f7e9b949b5502158f4f (patch) | |
tree | 3a89e86813805e0d6075d3b01497d681602b45cd /3modules/krebs/github-hosts-sync.nix | |
parent | fa175ca26e533b62f3afc11709ef1689647c558c (diff) | |
parent | 06cb4d25ef40773e2cc516e50a9aeec6cbe1d0a8 (diff) |
Merge remote-tracking branch 'cd/master' into newmaster2
Diffstat (limited to '3modules/krebs/github-hosts-sync.nix')
-rw-r--r-- | 3modules/krebs/github-hosts-sync.nix | 83 |
1 files changed, 0 insertions, 83 deletions
diff --git a/3modules/krebs/github-hosts-sync.nix b/3modules/krebs/github-hosts-sync.nix deleted file mode 100644 index c3b56ef94..000000000 --- a/3modules/krebs/github-hosts-sync.nix +++ /dev/null @@ -1,83 +0,0 @@ -{ config, lib, pkgs, ... }: - -with builtins; -with lib; -let - cfg = config.krebs.github-hosts-sync; - - out = { - options.krebs.github-hosts-sync = api; - config = mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "krebs.github-hosts-sync"; - port = mkOption { - type = types.int; # TODO port type - default = 1028; - }; - dataDir = mkOption { - type = types.str; # TODO path (but not just into store) - default = "/var/lib/github-hosts-sync"; - }; - ssh-identity-file = mkOption { - type = types.str; # TODO must be named *.ssh.{id_rsa,id_ed25519} - default = "/root/src/secrets/github-hosts-sync.ssh.id_rsa"; - }; - }; - - imp = { - systemd.services.github-hosts-sync = { - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - environment = { - port = toString cfg.port; - }; - serviceConfig = { - PermissionsStartOnly = "true"; - SyslogIdentifier = "github-hosts-sync"; - User = user.name; - Restart = "always"; - ExecStartPre = pkgs.writeScript "github-hosts-sync-init" '' - #! /bin/sh - set -euf - - ssh_identity_file_target=$( - case ${cfg.ssh-identity-file} in - *.ssh.id_rsa|*.ssh.id_ed25519) echo ${cfg.dataDir}/.ssh/id_rsa;; - *.ssh.id_ed25519) echo ${cfg.dataDir}/.ssh/id_ed25519;; - *) - echo "bad identity file name: ${cfg.ssh-identity-file}" >&2 - exit 1 - esac - ) - - mkdir -p ${cfg.dataDir} - chown ${user.name}: ${cfg.dataDir} - - install \ - -o ${user.name} \ - -m 0400 \ - ${cfg.ssh-identity-file} \ - "$ssh_identity_file_target" - - ln -snf ${Zpkgs.github-known_hosts} ${cfg.dataDir}/.ssh/known_hosts - ''; - ExecStart = "${Zpkgs.github-hosts-sync}/bin/github-hosts-sync"; - }; - }; - - users.extraUsers = singleton { - inherit (user) name uid; - home = cfg.dataDir; - }; - }; - - user = { - name = "github-hosts-sync"; - uid = 3220554646; # genid github-hosts-sync - }; - - Zpkgs = import ../../Zpkgs/krebs { inherit pkgs; }; -in -out |