summaryrefslogtreecommitdiffstats
path: root/tv/2configs/gitrepos.nix
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2017-06-04 09:07:59 +0200
committertv <tv@krebsco.de>2017-06-04 09:18:23 +0200
commit99a5c110ac4f5056db66f5d229496508ec85dacd (patch)
tree78271a29d0e9bcad7e22d974e130aa6f9cd91405 /tv/2configs/gitrepos.nix
parentc68fe5f5b59bb598f5b4443f821586c7bb316ba1 (diff)
tv gitconfig: init
Diffstat (limited to 'tv/2configs/gitrepos.nix')
-rw-r--r--tv/2configs/gitrepos.nix137
1 files changed, 137 insertions, 0 deletions
diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
new file mode 100644
index 000000000..13b12986c
--- /dev/null
+++ b/tv/2configs/gitrepos.nix
@@ -0,0 +1,137 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+
+let {
+
+ body = {
+ krebs.git = {
+ enable = true;
+ cgit = {
+ settings = {
+ root-title = "repositories at ${config.krebs.build.host.name}";
+ root-desc = "mostly krebs";
+ };
+ };
+ repos = repos;
+ rules = rules;
+ };
+ };
+
+ repos =
+ public-repos //
+ optionalAttrs config.krebs.build.host.secure restricted-repos;
+
+ rules = concatMap make-rules (attrValues repos);
+
+ public-repos = mapAttrs make-public-repo ({
+ } // mapAttrs (_: recursiveUpdate { cgit.section = "1. miscellaneous"; }) {
+ cac-api = {
+ cgit.desc = "CloudAtCost API command line interface";
+ };
+ dic = {
+ cgit.desc = "dict.leo.org command line interface";
+ };
+ get = {};
+ hstool = {
+ cgit.desc = "Haskell Development Environment ^_^";
+ };
+ htgen = {
+ cgit.desc = "toy HTTP server";
+ };
+ kirk = {
+ cgit.desc = "IRC tools";
+ };
+ load-env = {};
+ loldns = {
+ cgit.desc = "toy DNS server";
+ };
+ make-snapshot = {};
+ much = {};
+ netcup = {
+ cgit.desc = "netcup command line interface";
+ };
+ populate = {
+ cgit.desc = "source code installer";
+ };
+ q = {};
+ regfish = {};
+ soundcloud = {
+ cgit.desc = "SoundCloud command line interface";
+ };
+ stockholm = {
+ cgit.desc = "NixOS configuration";
+ };
+ } // mapAttrs (_: recursiveUpdate { cgit.section = "2. Host configurations"; }) {
+ ni = {
+ };
+ } // mapAttrs (_: recursiveUpdate { cgit.section = "3. Haskell libraries"; }) {
+ blessings = {};
+ mime = {};
+ quipper = {};
+ scanner = {};
+ wai-middleware-time = {};
+ web-routes-wai-custom = {};
+ xintmap = {};
+ xmonad-stockholm = {};
+ } // mapAttrs (_: recursiveUpdate { cgit.section = "4. museum"; }) {
+ cgserver = {};
+ crude-mail-setup = {};
+ dot-xmonad = {};
+ hirc = {};
+ make-snapshot = {};
+ nixos-infest = {};
+ painload = {};
+ push = {};
+ with-tmpdir = {};
+ });
+
+ restricted-repos = mapAttrs make-restricted-repo (
+ {
+ brain = {
+ collaborators = with config.krebs.users; [ lass makefu ];
+ };
+ } //
+ # TODO don't put secrets/repos.nix into the store
+ import <secrets/repos.nix> { inherit config lib pkgs; }
+ );
+
+ make-public-repo = name: { cgit ? {}, ... }: {
+ inherit cgit name;
+ public = true;
+ hooks = optionalAttrs (config.krebs.build.host.name == "ni") {
+ post-receive = pkgs.git-hooks.irc-announce {
+ # TODO make nick = config.krebs.build.host.name the default
+ nick = config.krebs.build.host.name;
+ channel = "#retiolum";
+ server = "ni.r";
+ verbose = true;
+ };
+ };
+ };
+
+ make-restricted-repo = name: { collaborators ? [], ... }: {
+ inherit collaborators name;
+ public = false;
+ };
+
+ make-rules =
+ with git // config.krebs.users;
+ repo:
+ singleton {
+ user = [ tv tv-xu ];
+ repo = [ repo ];
+ perm = push "refs/*" [ non-fast-forward create delete merge ];
+ } ++
+ optional repo.public {
+ user = attrValues config.krebs.users;
+ repo = [ repo ];
+ perm = fetch;
+ } ++
+ optional (repo.collaborators or [] != []) {
+ user = repo.collaborators;
+ repo = [ repo ];
+ perm = fetch;
+ };
+
+}