jolheiser
/
ugit
mirror of https://git.jolheiser.com/ugit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

testing vm

jolheiser 2025-05-13 22:11:54 -05:00
parent 070544ef18
commit 62d71897b8
No known key found for this signature in database
3 changed files with 61 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -2,3 +2,4 @@
.ssh/
.ugit/
.tsnet/
*.qcow2

32
nix/module.nix
View File

@ -12,6 +12,7 @@ let
{ name, config, ... }:
let
inherit (lib) mkEnableOption mkOption types;
baseDir = "/var/lib/ugit-${name}";
in
{
options = {
@ -26,13 +27,13 @@ let
homeDir = mkOption {
type = types.str;
description = "ugit home directory";
default = "/var/lib/${name}";
default = baseDir;
};
repoDir = mkOption {
type = types.str;
description = "where ugit stores repositories";
default = "/var/lib/${name}/repos";
default = "${baseDir}/repos";
};
authorizedKeys = mkOption {
@ -44,13 +45,13 @@ let
authorizedKeysFile = mkOption {
type = types.str;
description = "path to authorized_keys file ugit uses for auth";
default = "/var/lib/${name}/authorized_keys";
default = "${baseDir}/authorized_keys";
};
hostKeyFile = mkOption {
type = types.str;
description = "path to host key file (will be created if it doesn't exist)";
default = "/var/lib/${name}/ugit_ed25519";
default = "${baseDir}/ugit_ed25519";
};
config = mkOption {
@ -223,28 +224,5 @@ in
}
)
) { } (builtins.attrNames cfg);
systemd.tmpfiles.settings = lib.mapAttrs' (
name: instanceCfg:
lib.nameValuePair "ugit-${name}" (
builtins.listToAttrs (
map (
hook:
let
script = pkgs.writeShellScript hook.name hook.content;
path = "${instanceCfg.repoDir}/hooks/pre-receive.d/${hook.name}";
in
{
name = path;
value = {
"L" = {
argument = "${script}";
};
};
}
) instanceCfg.hooks
)
)
) (lib.filterAttrs (name: instanceCfg: instanceCfg.enable) cfg);
};
}

64
nix/test.nix
View File

@ -1,15 +1,31 @@
{ config, pkgs, ... }:
{ pkgs, ... }:
let
privKey = ''
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACBIpmLtcHhECei1ls6s0kKUehjpRCP9yel/c5YCIb5DpQAAAIgAYtkzAGLZ
MwAAAAtzc2gtZWQyNTUxOQAAACBIpmLtcHhECei1ls6s0kKUehjpRCP9yel/c5YCIb5DpQ
AAAEDFY3M69VfnFbyE67r3l4lDcf5eht5qgNemE9xtMhRkBkimYu1weEQJ6LWWzqzSQpR6
GOlEI/3J6X9zlgIhvkOlAAAAAAECAwQF
-----END OPENSSH PRIVATE KEY-----'';
pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEimYu1weEQJ6LWWzqzSQpR6GOlEI/3J6X9zlgIhvkOl";
sshConfig = ''
Host ugit
HostName localhost
Port 8448
User ugit
IdentityFile ~/.ssh/vm
IdentitiesOnly yes
'';
in
{
imports = [ ./module.nix ];
users.users.jolheiser = {
isNormalUser = true;
extraGroups = [ "wheel" ];
initialPassword = "test";
};
services.ugit = {
environment.systemPackages = with pkgs; [ git ];
services.getty.autologinUser = "root";
services.openssh.enable = true;
services.ugit.vm = {
enable = true;
authorizedKeys = [ pubKey ];
hooks = [
{
name = "pre-receive";
@ -19,4 +35,34 @@
}
];
};
systemd.services."setup-vm" = {
wantedBy = [ "multi-user.target" ];
path = with pkgs; [
git
];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
User = "root";
Group = "root";
ExecStart =
let
privSSH = pkgs.writeText "vm-privkey" privKey;
sshConfigFile = pkgs.writeText "vm-sshconfig" sshConfig;
in
pkgs.writeShellScript "setup-vm-script" ''
git config --global user.name "NixUser"
git config --global user.email "nixuser@example.com"
mkdir ~/.ssh
ln -sf ${sshConfigFile} ~/.ssh/config
cp ${privSSH} ~/.ssh/vm
chmod 600 ~/.ssh/vm
mkdir ~/repo
cd ~/repo
'';
};
};
}