Alice Huston
241c66f5ec
* external SMTP for hydra Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * nix-serve sops Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * add binary cache * add hydra jobs * cleanup (#50) * finish up cleanup branch merge * switched back to nixpkgs-fmt * add nixpkgs-fmt to hydrajobs.build --------- Signed-off-by: ahuston-0 <aliceghuston@gmail.com> Co-authored-by: Dennis Wuitz <dennish@wuitz.de> Co-authored-by: Dennis <52411861+DerDennisOP@users.noreply.github.com>
64 lines
2.1 KiB
Nix
64 lines
2.1 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let cfg = config.services.autopull;
|
|
in {
|
|
options = {
|
|
services.autopull = {
|
|
enable = lib.mkEnableOption "autopull";
|
|
name = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "dotfiles";
|
|
description = "A name for the service which needs to be pulled";
|
|
};
|
|
path = lib.mkOption {
|
|
type = lib.types.nullOr lib.types.path;
|
|
default = null;
|
|
description = "Path that needs to be updated via git pull";
|
|
};
|
|
frequency = lib.mkOption {
|
|
type = lib.types.str;
|
|
description = "systemd-timer compatible time between pulls";
|
|
default = "1h";
|
|
};
|
|
ssh-key = lib.mkOption {
|
|
type = lib.types.str;
|
|
description = "ssh-key used to pull the repository";
|
|
};
|
|
triggersRebuild = lib.mkOption {
|
|
type = lib.types.bool;
|
|
default = false;
|
|
description =
|
|
"Whether or not the rebuild service should be triggered after pulling. Note that system.autoUpgrade must be pointed at the same directory as this service if you'd like to use this option.";
|
|
};
|
|
};
|
|
};
|
|
|
|
# implementation
|
|
config = lib.mkIf (cfg.enable && !(builtins.isNull cfg.path)) {
|
|
systemd.services."autopull@${cfg.name}" = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "network.target" ];
|
|
description = "Pull the latest data for ${cfg.name}";
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
# TODO: See how we can migrate this to DynamicUser=yes instead
|
|
User = "root";
|
|
WorkingDirectory = cfg.path;
|
|
Environment = lib.mkIf (cfg.ssh-key != "") "GIT_SSH_COMMAND=${pkgs.openssh}/bin/ssh -i ${cfg.ssh-key} -o IdentitiesOnly=yes";
|
|
ExecStart = "${pkgs.git}/bin/git pull --all";
|
|
Before = "nixos-upgrade.service";
|
|
Wants = "nixos-upgrade.service";
|
|
};
|
|
};
|
|
systemd.timers."autopull@${cfg.name}" = {
|
|
wantedBy = [ "timers.target" ];
|
|
timerConfig = {
|
|
OnBootSec = cfg.frequency;
|
|
OnUnitActiveSec = cfg.frequency;
|
|
Unit = "autopull@${cfg.name}.service";
|
|
};
|
|
};
|
|
environment.systemPackages = [ pkgs.openssh pkgs.git ];
|
|
};
|
|
}
|