diff options
| -rwxr-xr-x | bin/genid | 11 | ||||
| -rw-r--r-- | lib/git.nix | 25 | ||||
| -rw-r--r-- | modules/cd/default.nix | 56 | ||||
| -rw-r--r-- | modules/cd/git.nix | 72 |
4 files changed, 100 insertions, 64 deletions
diff --git a/bin/genid b/bin/genid new file mode 100755 index 00000000..8e224074 --- /dev/null +++ b/bin/genid @@ -0,0 +1,11 @@ +#! /bin/sh +# usage: genid NAME +set -euf +name=$1 +hash=$(printf %s "$name" | sha1sum | cut -d\ -f1 | tr a-f A-F) +echo " + min=2^16 # bigger than nobody and nogroup, see <nixos/modules/misc/ids.nix> + max=2^32 # see 2^(8*sizeof(uid_t)) + ibase=16 + ($hash + min) % max +" | bc diff --git a/lib/git.nix b/lib/git.nix index b28d8941..978fabba 100644 --- a/lib/git.nix +++ b/lib/git.nix @@ -47,12 +47,13 @@ let gawk gnused netcat + nettools ])} - IRC_SERVER="$1" - IRC_PORT="$2" - IRC_NICK="$3" - IRC_CHANNEL="$4" + IRC_SERVER=$1 + IRC_PORT=$2 + IRC_NICK=$3$$ + IRC_CHANNEL=$4 message=$5 export IRC_CHANNEL # for privmsg_cat @@ -138,15 +139,19 @@ let # empty_tree=$(git hash-object -t tree /dev/null empty_tree=4b825dc6 - id=$(echo $oldrev | cut -b-7) - id2=$(echo $newrev | cut -b-7) - if [ $oldrev = $empty ]; then id=$empty_tree; fi - if [ $newrev = $empty ]; then id2=$empty_tree; fi + id=$(echo $newrev | cut -b-7) + id2=$(echo $oldrev | cut -b-7) + if [ $newrev = $empty ]; then id=$empty_tree; fi + if [ $oldrev = $empty ]; then id2=$empty_tree; fi case $receive_mode in create) #git log --oneline $id2 - link="http://cd/cgit/$GIT_SSH_REPO/" + link="http://cd/cgit/$GIT_SSH_REPO/?h=$h" + ;; + delete) + #git log --oneline $id2 + link="http://cd/cgit/$GIT_SSH_REPO/ ($h)" ;; fast-forward|non-fast-forward) #git diff --stat $id..$id2 @@ -157,7 +162,7 @@ let #host=$nick #$host $GIT_SSH_REPO $ref $link message="''${message+$message - }$GIT_SSH_USER $receive_mode pushed $link" + }$GIT_SSH_USER $receive_mode $link" done if test -n "''${message-}"; then diff --git a/modules/cd/default.nix b/modules/cd/default.nix index 7223203a..5d0d3090 100644 --- a/modules/cd/default.nix +++ b/modules/cd/default.nix @@ -1,9 +1,10 @@ -{ config, lib, pkgs, ... }: +{ pkgs, ... }: { imports = [ <secrets/hashedPasswords.nix> + ./git.nix ./iptables.nix ./networking.nix ../common/nixpkgs.nix @@ -11,7 +12,6 @@ ../tv/base-cac-CentOS-7-64bit.nix ../tv/ejabberd.nix # XXX echtes modul ../tv/exim-smarthost.nix - ../tv/git ../tv/retiolum.nix ../tv/sanitize.nix ]; @@ -44,58 +44,6 @@ enable = true; }; - services.git = - let - inherit (builtins) readFile; - # TODO lib should already include our stuff - inherit (import ../../lib { inherit lib pkgs; }) addNames git; - in - rec { - enable = true; - - users = addNames { - tv = { pubkey = readFile <pubkeys/tv.ssh.pub>; }; - lass = { pubkey = "xxx"; }; - makefu = { pubkey = "xxx"; }; - }; - - repos = addNames { - shitment = { - desc = "shitment repository"; - hooks = { - post-receive = git.irc-announce { - nick = config.networking.hostName; # TODO make this the default - channel = "#retiolum"; - server = "ire.retiolum"; - }; - }; - public = true; - }; - testing = { - desc = "testing repository"; - hooks = { - post-receive = git.irc-announce { - nick = config.networking.hostName; # TODO make this the default - channel = "#repository"; - server = "ire.retiolum"; - }; - }; - public = true; - }; - }; - - rules = with git; with users; with repos; [ - { user = tv; - repo = [ testing shitment ]; - perm = push master [ non-fast-forward create delete merge ]; - } - { user = [ lass makefu ]; - repo = [ testing shitment ]; - perm = fetch; - } - ]; - }; - services.journald.extraConfig = '' SystemMaxUse=1G RuntimeMaxUse=128M diff --git a/modules/cd/git.nix b/modules/cd/git.nix new file mode 100644 index 00000000..d7a27046 --- /dev/null +++ b/modules/cd/git.nix @@ -0,0 +1,72 @@ +{ config, lib, pkgs, ... }: + +let + inherit (builtins) map readFile; + inherit (lib) concatMap listToAttrs; + # TODO lib should already include our stuff + inherit (import ../../lib { inherit lib pkgs; }) addNames git; + + cd-repos = [ + (public "cgserver") + (public "crude-mail-setup") + (public "dot-xmonad") + (public "hack") + (public "load-env") + (public "make-snapshot") + (public "mime") + (public "much") + (public "nixos-infest") + (public "painload") + (public "regfish") + (public "shitment") + (public "wai-middleware-time") + (public "web-routes-wai-custom") + ]; + + users = addNames { + tv = { pubkey = readFile <pubkeys/tv.ssh.pub>; }; + lass = { pubkey = "xxx"; }; + makefu = { pubkey = "xxx"; }; + }; + + repos = listToAttrs (map ({ repo, ... }: { name = repo.name; value = repo; }) cd-repos); + + rules = concatMap ({ rules, ... }: rules) cd-repos; + + public = repo-name: + rec { + repo = { + name = repo-name; + hooks = { + post-receive = git.irc-announce { + nick = config.networking.hostName; # TODO make this the default + channel = "#retiolum"; + server = "ire.retiolum"; + }; + }; + public = true; + }; + rules = with git; with users; [ + { user = tv; + repo = [ repo ]; + perm = push "refs/*" [ non-fast-forward create delete merge ]; + } + { user = [ lass makefu ]; + repo = [ repo ]; + perm = fetch; + } + ]; + }; + +in + +{ + imports = [ + ../tv/git + ]; + + services.git = { + enable = true; + inherit repos rules users; + }; +} |