forked from the-distro/infra
123 lines
3.6 KiB
Nix
123 lines
3.6 KiB
Nix
{ lib, config, pkgs, ... }:
|
|
let
|
|
cfg = config.bagel.nixpkgs.one-way-sync;
|
|
inherit (lib) mkIf mkOption mkEnableOption types mapAttrs';
|
|
|
|
mkSyncTimer = { name, timer, ... }: {
|
|
wantedBy = [ "timers.target" ];
|
|
|
|
timerConfig = {
|
|
OnCalendar = timer;
|
|
Persistent = true;
|
|
Unit = "ows-${name}.service";
|
|
};
|
|
};
|
|
mkSyncService = targetRef: { name, fromUri, fromRefspec, localRefspec, ... }: {
|
|
path = [ pkgs.gitFull pkgs.openssh ];
|
|
script = ''
|
|
set -x
|
|
trap "git worktree prune && git worktree remove -f ${name}" EXIT
|
|
|
|
if [ ! -d "/var/lib/onewaysync/nixpkgs" ]; then
|
|
echo "First run, synchronizing nixpkgs..."
|
|
git clone https://cl.forkos.org/nixpkgs /var/lib/onewaysync/nixpkgs
|
|
fi
|
|
|
|
cd /var/lib/onewaysync/nixpkgs
|
|
echo "Syncing ${fromUri}:${fromRefspec} to /var/lib/onewaysync/nixpkgs:${targetRef}"
|
|
echo "Current ref: $EXPECTED_REF"
|
|
git worktree add -f ${cfg.workingDir}/${name} ${localRefspec}
|
|
cd ${cfg.workingDir}/${name}
|
|
git pull origin ${fromRefspec}
|
|
EXPECTED_REF=$(git rev-list ${localRefspec} | head -1)
|
|
git config user.name Fork-o-Tron
|
|
git config user.email noreply@forkos.org
|
|
git fetch ${fromUri} ${fromRefspec}
|
|
git merge FETCH_HEAD
|
|
GIT_SSH_COMMAND='ssh -i ${cfg.deployKeyPath}' git push ${cfg.pushUrl} HEAD:${targetRef}
|
|
'';
|
|
serviceConfig = {
|
|
User = "git";
|
|
Group = "git";
|
|
Type = "oneshot";
|
|
RuntimeDirectory = "onewaysync";
|
|
WorkingDirectory = cfg.workingDir;
|
|
StateDirectory = "onewaysync";
|
|
};
|
|
};
|
|
in
|
|
{
|
|
options.bagel.nixpkgs.one-way-sync = {
|
|
enable = mkEnableOption "the one-way sync from GitHub repositories";
|
|
|
|
referenceDir = mkOption {
|
|
type = types.str;
|
|
default = "/var/lib/gerrit/git/nixpkgs.git";
|
|
description = "Local repository reference";
|
|
};
|
|
|
|
workingDir = mkOption {
|
|
type = types.str;
|
|
default = "/run/onewaysync/";
|
|
description = "Working directory for the service";
|
|
};
|
|
|
|
pushUrl = mkOption {
|
|
type = types.str;
|
|
example = "ssh://...";
|
|
description = "Push URL for the target repository";
|
|
};
|
|
|
|
deployKeyPath = mkOption {
|
|
type = types.path;
|
|
example = "/run/agenix.d/ows-priv-key";
|
|
description = "Deployment private SSH key to push to the repository";
|
|
};
|
|
|
|
branches = mkOption {
|
|
type = types.attrsOf (types.submodule ({ ... }:
|
|
{
|
|
options = {
|
|
name = mkOption {
|
|
type = types.str;
|
|
description = "User-friendly name";
|
|
};
|
|
|
|
fromUri = mkOption {
|
|
type = types.str;
|
|
description = "Git URI from which we need to sync";
|
|
};
|
|
|
|
fromRefspec = mkOption {
|
|
type = types.str;
|
|
description = "refspec for the fetch";
|
|
};
|
|
|
|
localRefspec = mkOption {
|
|
type = types.str;
|
|
default = "local refspec in the local repository to get the expected reference and avoid stale info";
|
|
};
|
|
|
|
timer = mkOption {
|
|
type = types.str;
|
|
description = "Calendar format everytime we need to run the sync";
|
|
};
|
|
};
|
|
}));
|
|
|
|
description = "Set of branches mapping from cl.forkos.org to other Git repositories";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
systemd.timers = mapAttrs' (name: value: {
|
|
name = "ows-${value.name}";
|
|
value = mkSyncTimer value;
|
|
}) cfg.branches;
|
|
|
|
systemd.services = mapAttrs' (name: value: {
|
|
name = "ows-${value.name}";
|
|
value = mkSyncService name value;
|
|
}) cfg.branches;
|
|
};
|
|
}
|