diff options
author | tv <tv@krebsco.de> | 2016-06-30 16:24:41 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2016-06-30 16:26:13 +0200 |
commit | 1542f9bbee823025f703e6abf3836905cee416fd (patch) | |
tree | 8815c72a69e6754c7e8d2be9247cb00220290ad7 /miefda/2configs/git.nix | |
parent | c4276ef5d95624c9a4b5121a513e97634ecb0748 (diff) |
miefda: stash
Diffstat (limited to 'miefda/2configs/git.nix')
-rw-r--r-- | miefda/2configs/git.nix | 91 |
1 files changed, 0 insertions, 91 deletions
diff --git a/miefda/2configs/git.nix b/miefda/2configs/git.nix deleted file mode 100644 index 51679d2a5..000000000 --- a/miefda/2configs/git.nix +++ /dev/null @@ -1,91 +0,0 @@ -{ config, lib, pkgs, ... }: - -with config.krebs.lib; - -let - - out = { - krebs.git = { - enable = true; - cgit = { - settings = { - root-title = "public repositories at ${config.krebs.build.host.name}"; - root-desc = "keep calm and engage"; - }; - }; - repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos; - rules = rules; - }; - - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } - ]; - }; - - repos = - public-repos // - optionalAttrs config.krebs.build.host.secure restricted-repos; - - rules = concatMap make-rules (attrValues repos); - - public-repos = mapAttrs make-public-repo { - painload = {}; - stockholm = { - cgit.desc = "take all the computers hostage, they'll love you!"; - }; - #wai-middleware-time = {}; - #web-routes-wai-custom = {}; - #go = {}; - #newsbot-js = {}; - #kimsufi-check = {}; - #realwallpaper = {}; - }; - - restricted-repos = mapAttrs make-restricted-repo ( - { - brain = { - collaborators = with config.krebs.users; [ tv makefu ]; - }; - } // - import <secrets/repos.nix> { inherit config lib pkgs; } - ); - - make-public-repo = name: { cgit ? {}, ... }: { - inherit cgit name; - public = true; - hooks = { - post-receive = pkgs.git-hooks.irc-announce { - # TODO make nick = config.krebs.build.host.name the default - nick = config.krebs.build.host.name; - channel = "#retiolum"; - server = "cd.retiolum"; - verbose = config.krebs.build.host.name == "bobby"; - }; - }; - }; - - make-restricted-repo = name: { collaborators ? [], ... }: { - inherit collaborators name; - public = false; - }; - - make-rules = - with git // config.krebs.users; - repo: - singleton { - user = miefda; - repo = [ repo ]; - perm = push "refs/*" [ non-fast-forward create delete merge ]; - } ++ - optional repo.public { - user = [ lass tv makefu uriel ]; - repo = [ repo ]; - perm = fetch; - } ++ - optional (length (repo.collaborators or []) > 0) { - user = repo.collaborators; - repo = [ repo ]; - perm = fetch; - }; - -in out |