diff options
Diffstat (limited to 'modules/nixos/services')
| -rw-r--r-- | modules/nixos/services/default.nix | 6 | ||||
| -rw-r--r-- | modules/nixos/services/determinate.nix | 68 | ||||
| -rw-r--r-- | modules/nixos/services/github-mirror/default.nix | 101 | ||||
| -rwxr-xr-x | modules/nixos/services/github-mirror/update-mirror.sh | 78 |
4 files changed, 0 insertions, 253 deletions
diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix deleted file mode 100644 index a6a10ea..0000000 --- a/modules/nixos/services/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - imports = [ - ./determinate.nix - ./github-mirror - ]; -} diff --git a/modules/nixos/services/determinate.nix b/modules/nixos/services/determinate.nix deleted file mode 100644 index 6aa599e..0000000 --- a/modules/nixos/services/determinate.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ - config, - lib, - inputs', - ... -}: - -let - cfg = config.services.determinate; - - package = inputs'.determinate.packages.default; -in - -{ - config = lib.mkIf cfg.enable ( - lib.mkMerge [ - (lib.mkIf cfg.determinate-nixd.enable { - environment = { - # `determinate-nixd` overrides /etc/nix/nix.conf with it's own - etc."nix/nix.custom.conf" = { inherit (config.environment.etc."nix/nix.conf") source; }; - - systemPackages = [ - package - ]; - }; - - systemd = { - services.nix-daemon.serviceConfig = { - ExecStart = [ - "" - "@${lib.getExe' package "determinate-nixd"} determinate-nixd --nix-bin ${config.nix.package}/bin daemon" - ]; - KillMode = lib.mkDefault "process"; - LimitNOFILE = lib.mkDefault 1048576; - LimitSTACK = lib.mkDefault "64M"; - TasksMax = lib.mkDefault 1048576; - }; - - sockets = { - determinate-nixd = { - description = "Determinate Nixd Daemon Socket"; - wantedBy = [ "sockets.target" ]; - before = [ "multi-user.target" ]; - - unitConfig = { - RequiresMountsFor = [ - "/nix/store" - "/nix/var/determinate" - ]; - }; - - socketConfig = { - Service = "nix-daemon.service"; - FileDescriptorName = "determinate-nixd.socket"; - ListenStream = "/nix/var/determinate/determinate-nixd.socket"; - DirectoryMode = "0755"; - }; - }; - - nix-daemon.socketConfig = { - FileDescriptorName = "nix-daemon.socket"; - }; - }; - }; - }) - ] - ); -} diff --git a/modules/nixos/services/github-mirror/default.nix b/modules/nixos/services/github-mirror/default.nix deleted file mode 100644 index 9d0d870..0000000 --- a/modules/nixos/services/github-mirror/default.nix +++ /dev/null @@ -1,101 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - cfg = config.services.github-mirror; - cgitInstance = config.services.cgit.${cfg.hostname}; - - update-mirror = - pkgs.runCommand "update-mirror" - { - nativeBuildInputs = [ pkgs.patsh ]; - - buildInputs = [ - config.programs.git.package - pkgs.curl - pkgs.jq - ]; - } - '' - patsh -s ${builtins.storeDir} ${./update-mirror.sh} $out - chmod 755 $out - patchShebangs $out - ''; -in -{ - options.services.github-mirror = { - enable = lib.mkEnableOption "the github-mirror service"; - - hostname = lib.mkOption { - type = lib.types.str; - description = "Hostname of the cgit service to create"; - example = lib.literalExpression "git.example.com"; - }; - - mirroredUsers = lib.mkOption { - type = lib.types.listOf lib.types.str; - description = "List of GitHub users to mirror repositories for"; - example = lib.literalExpression ''[ "edolstra" ]''; - }; - }; - - config = lib.mkIf cfg.enable { - assertions = [ - { - assertion = cfg.mirroredUsers != [ ]; - message = "`services.git-mirror.mirroredUsers` must have at least one user"; - } - ]; - - services.cgit.${cfg.hostname} = { - enable = true; - - scanPath = "/var/lib/cgit/${cfg.hostname}"; - settings = { - robots = "none"; # noindex, nofollow - }; - - user = "cgit"; - group = "cgit"; - }; - - systemd = { - services.github-mirror = { - description = "Mirror a GitHub repository"; - - after = [ "network-online.target" ]; - wants = [ "network-online.target" ]; - - script = toString ( - [ - "exec" - (toString update-mirror) - "--directory" - cgitInstance.scanPath - ] - ++ cfg.mirroredUsers - ); - - serviceConfig = { - Type = "oneshot"; - User = cgitInstance.user; - Group = cgitInstance.group; - }; - }; - - timers.github-mirror = { - description = "Hourly timer for %N"; - timerConfig.OnCalendar = "hourly"; - }; - - tmpfiles.settings."10-github-mirror" = { - ${cgitInstance.scanPath}.d = { - inherit (cgitInstance) user group; - }; - }; - }; - }; -} diff --git a/modules/nixos/services/github-mirror/update-mirror.sh b/modules/nixos/services/github-mirror/update-mirror.sh deleted file mode 100755 index 88ff6eb..0000000 --- a/modules/nixos/services/github-mirror/update-mirror.sh +++ /dev/null @@ -1,78 +0,0 @@ -#!/usr/bin/env bash -set -euo pipefail - -help() { - echo "Mirror a GitHub user's repositories - -Usage: $(basename "$0") [options] <user>... - -Options: - -h --help Show this screen - -d --directory DIRECTORY Where to clone repositories (defaults to ./git)" -} - -create_if_not_exists() { - if [ ! -d "$1" ]; then - mkdir -p "$1" - fi -} - -repo_endpoint() { - echo "https://api.github.com/users/$1/repos" -} - -users=() -output_directory="git" - -while [ "$#" -gt 0 ]; do - case $1 in - -h | --help) - help - exit 0 - ;; - -d | --directory) - output_directory="$2" - shift - shift - ;; - -*) - echo "error: unknown option $1" - help - exit 1 - ;; - *) - users+=("$1") - shift - ;; - esac -done - -if [ "${#users[@]}" -lt 1 ]; then - echo "error: at least one user must be specified" - help - exit 1 -fi - -create_if_not_exists "$output_directory" -cd "$output_directory" - -for user in "${users[@]}"; do - create_if_not_exists "$user" - - url="$(repo_endpoint "$user")" - curl --fail --location --show-error --silent "$url" | jq --raw-output '.[].name' | while read -r repo; do - repo_path="$user"/"$repo" - - if [ -d "$repo_path" ]; then - pushd "$repo_path" &>/dev/null - echo "Pulling $repo_path..." - if ! git remote update --prune &>/dev/null; then - echo "Unable to pull $repo_path! Continuing..." - fi - popd &>/dev/null - else - echo "Cloning $repo_path..." - git clone --bare --mirror https://github.com/"$repo_path".git "$repo_path" &>/dev/null - fi - done -done |