From 5ec7ee21e036f7bc1cbdec714271c619cb3fdb3d Mon Sep 17 00:00:00 2001
From: seth <getchoo@tuta.io>
Date: Sun, 27 Oct 2024 20:12:19 -0400
Subject: modules: restructure (#487)

* seth: remove unused pkgs

* modules: restructure

from archetypes back to profiles
make less actual modules for everything
use lib.mkDefault like it's supposed to
move mixins out of server

* nixos/resolved: use modern options
---
 modules/nixos/services/github-mirror/default.nix | 101 +++++++++++++++++++++++
 1 file changed, 101 insertions(+)
 create mode 100644 modules/nixos/services/github-mirror/default.nix

(limited to 'modules/nixos/services/github-mirror/default.nix')

diff --git a/modules/nixos/services/github-mirror/default.nix b/modules/nixos/services/github-mirror/default.nix
new file mode 100644
index 0000000..9d0d870
--- /dev/null
+++ b/modules/nixos/services/github-mirror/default.nix
@@ -0,0 +1,101 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  cfg = config.services.github-mirror;
+  cgitInstance = config.services.cgit.${cfg.hostname};
+
+  update-mirror =
+    pkgs.runCommand "update-mirror"
+      {
+        nativeBuildInputs = [ pkgs.patsh ];
+
+        buildInputs = [
+          config.programs.git.package
+          pkgs.curl
+          pkgs.jq
+        ];
+      }
+      ''
+        patsh -s ${builtins.storeDir} ${./update-mirror.sh} $out
+        chmod 755 $out
+        patchShebangs $out
+      '';
+in
+{
+  options.services.github-mirror = {
+    enable = lib.mkEnableOption "the github-mirror service";
+
+    hostname = lib.mkOption {
+      type = lib.types.str;
+      description = "Hostname of the cgit service to create";
+      example = lib.literalExpression "git.example.com";
+    };
+
+    mirroredUsers = lib.mkOption {
+      type = lib.types.listOf lib.types.str;
+      description = "List of GitHub users to mirror repositories for";
+      example = lib.literalExpression ''[ "edolstra" ]'';
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    assertions = [
+      {
+        assertion = cfg.mirroredUsers != [ ];
+        message = "`services.git-mirror.mirroredUsers` must have at least one user";
+      }
+    ];
+
+    services.cgit.${cfg.hostname} = {
+      enable = true;
+
+      scanPath = "/var/lib/cgit/${cfg.hostname}";
+      settings = {
+        robots = "none"; # noindex, nofollow
+      };
+
+      user = "cgit";
+      group = "cgit";
+    };
+
+    systemd = {
+      services.github-mirror = {
+        description = "Mirror a GitHub repository";
+
+        after = [ "network-online.target" ];
+        wants = [ "network-online.target" ];
+
+        script = toString (
+          [
+            "exec"
+            (toString update-mirror)
+            "--directory"
+            cgitInstance.scanPath
+          ]
+          ++ cfg.mirroredUsers
+        );
+
+        serviceConfig = {
+          Type = "oneshot";
+          User = cgitInstance.user;
+          Group = cgitInstance.group;
+        };
+      };
+
+      timers.github-mirror = {
+        description = "Hourly timer for %N";
+        timerConfig.OnCalendar = "hourly";
+      };
+
+      tmpfiles.settings."10-github-mirror" = {
+        ${cgitInstance.scanPath}.d = {
+          inherit (cgitInstance) user group;
+        };
+      };
+    };
+  };
+}
-- 
cgit v1.2.3