summaryrefslogtreecommitdiffstats
path: root/miefda/2configs/git.nix
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2016-06-30 16:24:41 +0200
committertv <tv@krebsco.de>2016-06-30 16:26:13 +0200
commit1542f9bbee823025f703e6abf3836905cee416fd (patch)
tree8815c72a69e6754c7e8d2be9247cb00220290ad7 /miefda/2configs/git.nix
parentc4276ef5d95624c9a4b5121a513e97634ecb0748 (diff)
miefda: stash
Diffstat (limited to 'miefda/2configs/git.nix')
-rw-r--r--miefda/2configs/git.nix91
1 files changed, 0 insertions, 91 deletions
diff --git a/miefda/2configs/git.nix b/miefda/2configs/git.nix
deleted file mode 100644
index 51679d2a5..000000000
--- a/miefda/2configs/git.nix
+++ /dev/null
@@ -1,91 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with config.krebs.lib;
-
-let
-
- out = {
- krebs.git = {
- enable = true;
- cgit = {
- settings = {
- root-title = "public repositories at ${config.krebs.build.host.name}";
- root-desc = "keep calm and engage";
- };
- };
- repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
- rules = rules;
- };
-
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; }
- ];
- };
-
- repos =
- public-repos //
- optionalAttrs config.krebs.build.host.secure restricted-repos;
-
- rules = concatMap make-rules (attrValues repos);
-
- public-repos = mapAttrs make-public-repo {
- painload = {};
- stockholm = {
- cgit.desc = "take all the computers hostage, they'll love you!";
- };
- #wai-middleware-time = {};
- #web-routes-wai-custom = {};
- #go = {};
- #newsbot-js = {};
- #kimsufi-check = {};
- #realwallpaper = {};
- };
-
- restricted-repos = mapAttrs make-restricted-repo (
- {
- brain = {
- collaborators = with config.krebs.users; [ tv makefu ];
- };
- } //
- import <secrets/repos.nix> { inherit config lib pkgs; }
- );
-
- make-public-repo = name: { cgit ? {}, ... }: {
- inherit cgit name;
- public = true;
- hooks = {
- post-receive = pkgs.git-hooks.irc-announce {
- # TODO make nick = config.krebs.build.host.name the default
- nick = config.krebs.build.host.name;
- channel = "#retiolum";
- server = "cd.retiolum";
- verbose = config.krebs.build.host.name == "bobby";
- };
- };
- };
-
- make-restricted-repo = name: { collaborators ? [], ... }: {
- inherit collaborators name;
- public = false;
- };
-
- make-rules =
- with git // config.krebs.users;
- repo:
- singleton {
- user = miefda;
- repo = [ repo ];
- perm = push "refs/*" [ non-fast-forward create delete merge ];
- } ++
- optional repo.public {
- user = [ lass tv makefu uriel ];
- repo = [ repo ];
- perm = fetch;
- } ++
- optional (length (repo.collaborators or []) > 0) {
- user = repo.collaborators;
- repo = [ repo ];
- perm = fetch;
- };
-
-in out