mirror of https://git.jolheiser.com/ugit.git
testing vm
parent
070544ef18
commit
9f3ca2ae1e
|
@ -2,3 +2,4 @@
|
|||
.ssh/
|
||||
.ugit/
|
||||
.tsnet/
|
||||
*.qcow2
|
||||
|
|
14
flake.nix
14
flake.nix
|
@ -54,5 +54,19 @@
|
|||
}
|
||||
);
|
||||
nixosModules.default = import ./nix/module.nix;
|
||||
nixosConfigurations.ugitVM = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
./nix/vm.nix
|
||||
{
|
||||
virtualisation.vmVariant.virtualisation = {
|
||||
cores = 2;
|
||||
memorySize = 2048;
|
||||
graphics = false;
|
||||
};
|
||||
system.stateVersion = "23.11";
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -12,6 +12,7 @@ let
|
|||
{ name, config, ... }:
|
||||
let
|
||||
inherit (lib) mkEnableOption mkOption types;
|
||||
baseDir = "/var/lib/ugit-${name}";
|
||||
in
|
||||
{
|
||||
options = {
|
||||
|
@ -26,13 +27,13 @@ let
|
|||
homeDir = mkOption {
|
||||
type = types.str;
|
||||
description = "ugit home directory";
|
||||
default = "/var/lib/${name}";
|
||||
default = baseDir;
|
||||
};
|
||||
|
||||
repoDir = mkOption {
|
||||
type = types.str;
|
||||
description = "where ugit stores repositories";
|
||||
default = "/var/lib/${name}/repos";
|
||||
default = "${baseDir}/repos";
|
||||
};
|
||||
|
||||
authorizedKeys = mkOption {
|
||||
|
@ -44,13 +45,13 @@ let
|
|||
authorizedKeysFile = mkOption {
|
||||
type = types.str;
|
||||
description = "path to authorized_keys file ugit uses for auth";
|
||||
default = "/var/lib/${name}/authorized_keys";
|
||||
default = "${baseDir}/authorized_keys";
|
||||
};
|
||||
|
||||
hostKeyFile = mkOption {
|
||||
type = types.str;
|
||||
description = "path to host key file (will be created if it doesn't exist)";
|
||||
default = "/var/lib/${name}/ugit_ed25519";
|
||||
default = "${baseDir}/ugit_ed25519";
|
||||
};
|
||||
|
||||
config = mkOption {
|
||||
|
@ -223,28 +224,5 @@ in
|
|||
}
|
||||
)
|
||||
) { } (builtins.attrNames cfg);
|
||||
|
||||
systemd.tmpfiles.settings = lib.mapAttrs' (
|
||||
name: instanceCfg:
|
||||
lib.nameValuePair "ugit-${name}" (
|
||||
builtins.listToAttrs (
|
||||
map (
|
||||
hook:
|
||||
let
|
||||
script = pkgs.writeShellScript hook.name hook.content;
|
||||
path = "${instanceCfg.repoDir}/hooks/pre-receive.d/${hook.name}";
|
||||
in
|
||||
{
|
||||
name = path;
|
||||
value = {
|
||||
"L" = {
|
||||
argument = "${script}";
|
||||
};
|
||||
};
|
||||
}
|
||||
) instanceCfg.hooks
|
||||
)
|
||||
)
|
||||
) (lib.filterAttrs (name: instanceCfg: instanceCfg.enable) cfg);
|
||||
};
|
||||
}
|
||||
|
|
22
nix/test.nix
22
nix/test.nix
|
@ -1,22 +0,0 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
imports = [ ./module.nix ];
|
||||
|
||||
users.users.jolheiser = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" ];
|
||||
initialPassword = "test";
|
||||
};
|
||||
|
||||
services.ugit = {
|
||||
enable = true;
|
||||
hooks = [
|
||||
{
|
||||
name = "pre-receive";
|
||||
content = ''
|
||||
echo "Pre-receive hook executed"
|
||||
'';
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
|
@ -0,0 +1,84 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
privKey = ''
|
||||
-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
|
||||
QyNTUxOQAAACBIpmLtcHhECei1ls6s0kKUehjpRCP9yel/c5YCIb5DpQAAAIgAYtkzAGLZ
|
||||
MwAAAAtzc2gtZWQyNTUxOQAAACBIpmLtcHhECei1ls6s0kKUehjpRCP9yel/c5YCIb5DpQ
|
||||
AAAEDFY3M69VfnFbyE67r3l4lDcf5eht5qgNemE9xtMhRkBkimYu1weEQJ6LWWzqzSQpR6
|
||||
GOlEI/3J6X9zlgIhvkOlAAAAAAECAwQF
|
||||
-----END OPENSSH PRIVATE KEY-----
|
||||
'';
|
||||
pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEimYu1weEQJ6LWWzqzSQpR6GOlEI/3J6X9zlgIhvkOl";
|
||||
sshConfig = ''
|
||||
Host ugit
|
||||
HostName localhost
|
||||
Port 8448
|
||||
User ugit
|
||||
IdentityFile ~/.ssh/vm
|
||||
IdentitiesOnly yes
|
||||
'';
|
||||
in
|
||||
{
|
||||
imports = [ ./module.nix ];
|
||||
environment.systemPackages = with pkgs; [ git ];
|
||||
services.getty.autologinUser = "root";
|
||||
services.openssh.enable = true;
|
||||
services.ugit.vm = {
|
||||
enable = true;
|
||||
authorizedKeys = [ pubKey ];
|
||||
hooks = [
|
||||
{
|
||||
name = "pre-receive";
|
||||
content = ''
|
||||
echo "Pre-receive hook executed"
|
||||
'';
|
||||
}
|
||||
];
|
||||
};
|
||||
systemd.services."setup-vm" = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "ugit-vm.service" ];
|
||||
path = with pkgs; [
|
||||
git
|
||||
];
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = true;
|
||||
User = "root";
|
||||
Group = "root";
|
||||
ExecStart =
|
||||
let
|
||||
privSSH = pkgs.writeText "vm-privkey" privKey;
|
||||
sshConfigFile = pkgs.writeText "vm-sshconfig" sshConfig;
|
||||
in
|
||||
pkgs.writeShellScript "setup-vm-script" ''
|
||||
# Hack to let ugit start up and generate its SSH keypair
|
||||
sleep 3
|
||||
|
||||
# Set up git
|
||||
git config --global user.name "NixUser"
|
||||
git config --global user.email "nixuser@example.com"
|
||||
git config --global init.defaultBranch main
|
||||
git config --global push.autoSetupRemote true
|
||||
|
||||
# Set up SSH files
|
||||
mkdir ~/.ssh
|
||||
ln -sf ${sshConfigFile} ~/.ssh/config
|
||||
cp ${privSSH} ~/.ssh/vm
|
||||
chmod 600 ~/.ssh/vm
|
||||
echo "[localhost]:8448 $(cat /var/lib/ugit-vm/ugit_ed25519.pub)" > ~/.ssh/known_hosts
|
||||
|
||||
# Stage some git activity
|
||||
mkdir ~/repo
|
||||
cd ~/repo
|
||||
git init
|
||||
git remote add origin ugit:repo.git
|
||||
touch README.md
|
||||
git add README.md
|
||||
git commit -m "Test"
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
}
|
Loading…
Reference in New Issue