From 8ee650ed25eb7b3f879b97b66d38a57bc6439ed7 Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sun, 14 Jun 2015 19:15:56 +0200
Subject: modules/tv/git: initial commit (incl. lib.git)

---
 modules/cd/default.nix | 1 +
 1 file changed, 1 insertion(+)

(limited to 'modules/cd/default.nix')

diff --git a/modules/cd/default.nix b/modules/cd/default.nix
index 7ceaf71f..cc63318c 100644
--- a/modules/cd/default.nix
+++ b/modules/cd/default.nix
@@ -11,6 +11,7 @@
       ../tv/base-cac-CentOS-7-64bit.nix
       ../tv/ejabberd.nix # XXX echtes modul
       ../tv/exim-smarthost.nix
+      ../tv/git.nix
       ../tv/retiolum.nix
       ../tv/sanitize.nix
     ];
-- 
cgit v1.2.3


From 96ea8780a321fa2b649dd5c1f0db08e6edc632e3 Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sun, 14 Jun 2015 19:19:45 +0200
Subject: host cd: add services.git

---
 modules/cd/default.nix | 36 +++++++++++++++++++++++++++++++++++-
 1 file changed, 35 insertions(+), 1 deletion(-)

(limited to 'modules/cd/default.nix')

diff --git a/modules/cd/default.nix b/modules/cd/default.nix
index cc63318c..405c27a8 100644
--- a/modules/cd/default.nix
+++ b/modules/cd/default.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
 
 {
   imports =
@@ -44,6 +44,40 @@
     enable = true;
   };
 
+  services.git =
+    let
+      inherit (builtins) readFile;
+      # TODO lib should already include our stuff
+      inherit (import ../../lib { inherit lib; }) addNames git;
+    in
+    rec {
+      enable = true;
+
+      users = addNames {
+        tv = { pubkey = readFile <pubkeys/tv.ssh.pub>; };
+        lass = { pubkey = "xxx"; };
+        makefu = { pubkey = "xxx"; };
+      };
+
+      # TODO warn about stale repodirs
+      repos = addNames {
+        testing = {
+          # TODO hooks = {  post-receive = ...
+        };
+      };
+
+      rules = with git; with users; with repos; [
+        { user = tv;
+          repo = testing;
+          perm = push master [ non-fast-forward create delete merge ];
+        }
+        { user = [ lass makefu ];
+          repo = testing;
+          perm = fetch;
+        }
+      ];
+    };
+
   services.journald.extraConfig = ''
     SystemMaxUse=1G
     RuntimeMaxUse=128M
-- 
cgit v1.2.3


From 78c3c09f1579d1f8132d95d260e9ed8789d3dfc5 Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sun, 14 Jun 2015 19:20:30 +0200
Subject: host cd: use <retiolum-hosts>

---
 modules/cd/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/cd/default.nix')

diff --git a/modules/cd/default.nix b/modules/cd/default.nix
index 405c27a8..9bb4d0f2 100644
--- a/modules/cd/default.nix
+++ b/modules/cd/default.nix
@@ -96,7 +96,7 @@
 
   services.retiolum = {
     enable = true;
-    hosts = /etc/nixos/hosts;
+    hosts = <retiolum-hosts>;
     privateKeyFile = "/etc/nixos/secrets/cd.retiolum.rsa_key.priv";
     connectTo = [
       "fastpoke"
-- 
cgit v1.2.3