wiki: allow push to git
This commit is contained in:
parent
b42fe392f3
commit
03939b14e1
|
@ -1,23 +1,37 @@
|
|||
{ config, pkgs, ... }:
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
|
||||
setupGit = ''
|
||||
export PATH=${makeBinPath [ pkgs.git ]}
|
||||
export GIT_SSH_COMMAND='${pkgs.openssh}/bin/ssh -i ${config.krebs.gollum.stateDir}/.ssh/id_ed25519'
|
||||
repo='git@localhost:wiki'
|
||||
cd ${config.krebs.gollum.stateDir}
|
||||
if ! url=$(git config remote.origin.url); then
|
||||
git remote add origin "$repo"
|
||||
elif test "$url" != "$repo"; then
|
||||
git remote set-url origin "$repo"
|
||||
fi
|
||||
'';
|
||||
|
||||
pushGollum = pkgs.writeDash "push_gollum" ''
|
||||
${setupGit}
|
||||
git fetch origin
|
||||
git merge --ff-only origin/master
|
||||
'';
|
||||
|
||||
pushCgit = pkgs.writeDash "push_cgit" ''
|
||||
${setupGit}
|
||||
git push origin master
|
||||
'';
|
||||
|
||||
in
|
||||
{
|
||||
krebs.gollum = {
|
||||
enable = true;
|
||||
extraConfig = ''
|
||||
Gollum::Hook.register(:post_commit, :hook_id) do |committer, sha1|
|
||||
system('${toString (pkgs.writers.writeDash "push_cgit" ''
|
||||
export PATH=${makeBinPath [ pkgs.git ]}
|
||||
export GIT_SSH_COMMAND='${pkgs.openssh}/bin/ssh -i ${config.krebs.gollum.stateDir}/.ssh/id_ed25519'
|
||||
repo='git@localhost:wiki'
|
||||
cd ${config.krebs.gollum.stateDir}
|
||||
if ! url=$(git config remote.origin.url); then
|
||||
git remote add origin "$repo"
|
||||
elif test "$url" != "$repo"; then
|
||||
git remote set-url origin "$repo"
|
||||
fi
|
||||
git push origin master
|
||||
'')}')
|
||||
system('${pushCgit}')
|
||||
end
|
||||
'';
|
||||
};
|
||||
|
@ -47,27 +61,27 @@ with import <stockholm/lib>;
|
|||
name = "gollum";
|
||||
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMXbjDnQWg8EECsNRZZWezocMIiuENhCSQFcFUXcsOQ6";
|
||||
}
|
||||
config.krebs.users.lass-mors
|
||||
];
|
||||
] ++ (attrValues config.krebs.users);
|
||||
repo = [ config.krebs.git.repos.wiki ];
|
||||
perm = push ''refs/*'' [ create merge ];
|
||||
perm = push ''refs/heads/master'' [ create merge ];
|
||||
}
|
||||
];
|
||||
repos.wiki = {
|
||||
public = true;
|
||||
name = "wiki";
|
||||
hooks = {
|
||||
post-receive = pkgs.git-hooks.irc-announce {
|
||||
channel = "#xxx";
|
||||
refs = [
|
||||
"refs/heads/master"
|
||||
"refs/heads/newest"
|
||||
"refs/tags/*"
|
||||
];
|
||||
nick = config.networking.hostName;
|
||||
server = "irc.r";
|
||||
verbose = true;
|
||||
};
|
||||
post-receive = ''
|
||||
${pkgs.git-hooks.irc-announce {
|
||||
channel = "#xxx";
|
||||
refs = [
|
||||
"refs/heads/master"
|
||||
];
|
||||
nick = config.networking.hostName;
|
||||
server = "irc.r";
|
||||
verbose = true;
|
||||
}}
|
||||
/run/wrappers/bin/sudo -S -u gollum ${pushGollum}
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -77,4 +91,8 @@ with import <stockholm/lib>;
|
|||
owner = { name = "gollum"; };
|
||||
source-path = "${<secrets/gollum.id_ed25519>}";
|
||||
};
|
||||
|
||||
security.sudo.extraConfig = ''
|
||||
git ALL=(gollum) NOPASSWD: ${pushGollum}
|
||||
'';
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue