forked from the-distro/infra
Compare commits
6 commits
65a4e417eb
...
660122477f
Author | SHA1 | Date | |
---|---|---|---|
Kiara Grouwstra | 660122477f | ||
Kiara Grouwstra | 524b598b2c | ||
Kiara Grouwstra | be0863836d | ||
Kiara Grouwstra | feebc56f97 | ||
Kiara Grouwstra | cdfe405e96 | ||
Kiara Grouwstra | 1f05410770 |
|
@ -12,6 +12,5 @@ in {
|
|||
keys.users.maxine ++
|
||||
keys.users.raito ++
|
||||
keys.users.thubrecht ++
|
||||
keys.users.yuka ++
|
||||
keys.users.winter;
|
||||
keys.users.yuka;
|
||||
}
|
||||
|
|
|
@ -51,6 +51,5 @@
|
|||
];
|
||||
thubrecht = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPM1jpXR7BWQa7Sed7ii3SbvIPRRlKb3G91qC0vOwfJn" ];
|
||||
yuka = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKath4/fDnlv/4fzxkPrQN1ttmoPRNu/m9bEtdPJBDfY cardno:16_933_242" ];
|
||||
winter = [ "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIH/LDRUG+U+++UmlxvA2kspioTjktQZ8taDcHq8gVlkfAAAABHNzaDo=" ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -41,7 +41,6 @@ let
|
|||
|
||||
newsletter-secrets = [ machines.public01 ];
|
||||
s3-revproxy-api-keys = [ machines.public01 ];
|
||||
stateless-uptime-kuma-password = [ machines.public01 ];
|
||||
};
|
||||
in
|
||||
builtins.listToAttrs (
|
||||
|
|
|
@ -1,20 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 CyxfgQ D2o8bUccO13DKF4COLBQ9mJbACsE2XsRa5S+N71WnTk
|
||||
ZaldT7HhQxbxf2ptIwdMYkC60eGtzihc7uwcAkq7s00
|
||||
-> ssh-ed25519 K3b7BA AiUCG5CnNyv1DPu+iEwEgW9GqZ8zgpgxKJTAp350ADc
|
||||
cUVaDv7F1haQIF11/UhhDAR5DrfJlPttGfDjkv+z9vY
|
||||
-> ssh-ed25519 +qVung 1JXeXyea+2Pcwoln/NLRiR8IPPIiB3gaFCP4imyv4DA
|
||||
JWmAY6ZnyU46KxzhRrQigGmUPba9lJDDyRQ2GjQShqc
|
||||
-> ssh-rsa krWCLQ
|
||||
ciLu/+cXfQrB1ms8oTv+xi4eADyL4j0qwnY/6TE0wAXkQHuNXDmpF6ccWZoS2DqN
|
||||
NcnGXL6+WyWxmwlyBEq/rsBPvi1g0M6Md7Z4gXn2UvjJ+S7WyA8QEwkxoTDkJS7x
|
||||
k/NvtunmggVsWVK4Xdi5DKRw+f32qr/8GysDhIPrTt43iReBKNbyuYWmC5Ec85ep
|
||||
JU4JzCNZjJ07kixS5Y9BhaJbpEr47lCXE/KtJUvm3VAxS9IwfUn7KHHdFWynbExi
|
||||
F898j3zOR/kgYmeA0oTiexRD3Y2LCvjXIHQZ3MobbZ/PBrjWxe78Sw2vy2t5JLtB
|
||||
gFG0K8M1z8DT6a8TtvXEgg
|
||||
-> ssh-ed25519 /vwQcQ kUM21TO9iSa8oVXMlNxR7Kc+8TV4C/uTzyQ+t3xnARA
|
||||
oXt+egWWONsKT48H4vZ2CPdy3Zfb2QeQVe9l7dDyO/w
|
||||
-> ssh-ed25519 0R97PA e/piqf2RD5QgPaQs6jsJdzJgfZR9n1JDIWpbvLZErSs
|
||||
UTJH8POFdZ4+N9WkLoNESl1pvcVD0MS1qn7AdS/mg34
|
||||
--- 9aYEP0eHDKMacIf09h+OJqIYw+N99+FrW/x/do8Lbo4
|
||||
$ ÖëWÛ\zú—¾=s/à@.Ç,?ƒW6n^ù#–i!§Ã–ï¶1]±Nvù±Ž'Ï¥¹6?‚'mµpPÒqýŸº
|
|
@ -41,7 +41,6 @@ in
|
|||
imports = [
|
||||
./www.nix
|
||||
./one-way-sync.nix
|
||||
./git-gc-preserve.nix
|
||||
];
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
@ -319,13 +318,6 @@ in
|
|||
environment.REVWALK_USE_PRIORITY_QUEUE = "true";
|
||||
};
|
||||
|
||||
bagel.services.git-gc-preserve = {
|
||||
nixpkgs = {
|
||||
enable = true;
|
||||
repoPath = "/var/lib/gerrit/git/nixpkgs.git";
|
||||
};
|
||||
};
|
||||
|
||||
age.secrets.gerrit-prometheus-bearer-token.file = ../../secrets/gerrit-prometheus-bearer-token.age;
|
||||
bagel.monitoring.grafana-agent.exporters.gerrit = {
|
||||
port = 4778; # grrt
|
||||
|
|
|
@ -1,86 +0,0 @@
|
|||
{ lib, utils, config, pkgs, ... }: let
|
||||
inherit (lib) mkOption mkEnableOption types;
|
||||
cfg = config.bagel.services.git-gc-preserve;
|
||||
enabledServices = lib.filterAttrs (_: gcConfig: gcConfig.enable) cfg;
|
||||
in
|
||||
{
|
||||
options.bagel.services.git-gc-preserve = mkOption {
|
||||
default = { };
|
||||
description = "Repositories that should be garbage collected";
|
||||
type = types.attrsOf (types.submodule {
|
||||
options = {
|
||||
enable = mkEnableOption "git-gc-preserve";
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "git";
|
||||
description = "The user which will run the garbage collection script";
|
||||
example = "forgejo";
|
||||
};
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
default = "git";
|
||||
description = "The group which will run the garbage collection script";
|
||||
example = "forgejo";
|
||||
};
|
||||
repoPath = mkOption {
|
||||
type = types.path;
|
||||
description = "The path to the git repository that should be garbage collected";
|
||||
example = "/var/lib/gerrit/git/nixpkgs";
|
||||
};
|
||||
timeoutSec = mkOption {
|
||||
type = types.str;
|
||||
default = "1h";
|
||||
description = "Garbage collection Systemd unit timeout";
|
||||
example = "infinity";
|
||||
};
|
||||
timerConfig = mkOption {
|
||||
type = types.attrsOf utils.systemdUtils.unitOptions.unitOption;
|
||||
default = {
|
||||
OnCalendar = "daily";
|
||||
};
|
||||
description = ''
|
||||
When to run the git-gc-preserve. See {manpage}`systemd.timer(5)` for details.
|
||||
'';
|
||||
example = {
|
||||
OnCalendar = "00:05";
|
||||
RandomizedDelaySec = "5h";
|
||||
Persistent = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
});
|
||||
};
|
||||
config = {
|
||||
systemd.services =
|
||||
let
|
||||
mkGCService = name: gcConfig: {
|
||||
name = "git-gc-preserve-${name}";
|
||||
value = {
|
||||
description = "Git-GC-Preserve Service - ${name}";
|
||||
serviceConfig = {
|
||||
WorkingDirectory = gcConfig.repoPath;
|
||||
Type = "oneshot";
|
||||
User = gcConfig.user;
|
||||
Group = gcConfig.group;
|
||||
ExecStart = lib.getExe pkgs.git-gc-preserve;
|
||||
TimeoutSec = gcConfig.timeoutSec;
|
||||
};
|
||||
};
|
||||
};
|
||||
mkServices = lib.mapAttrs' mkGCService;
|
||||
in
|
||||
mkServices enabledServices;
|
||||
|
||||
systemd.timers = let
|
||||
mkGCTimer = name: gcConfig: {
|
||||
name = "git-gc-preserve-${name}";
|
||||
value = {
|
||||
wantedBy = [ "timers.target" ];
|
||||
after = [ "multi-user.target" ];
|
||||
timerConfig = gcConfig.timerConfig;
|
||||
};
|
||||
};
|
||||
mkTimer = lib.mapAttrs' mkGCTimer;
|
||||
in mkTimer enabledServices;
|
||||
};
|
||||
}
|
Loading…
Reference in a new issue