forked from malobeo/infrastructure
78 lines
2.0 KiB
Nix
78 lines
2.0 KiB
Nix
{ config, self, lib, inputs, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.services.malobeo.gitea-translator;
|
|
in
|
|
{
|
|
options = {
|
|
services.malobeo.gitea-translator = {
|
|
enable = mkOption {
|
|
default = false;
|
|
type = types.bool;
|
|
description = lib.mdDoc "Start a webserver for hydra to use the gitea pull request api.";
|
|
};
|
|
|
|
baseurl = mkOption {
|
|
type = types.str;
|
|
default = "git.dynamicdiscord.de";
|
|
description = lib.mdDoc "Base URL of the Gitea instance.";
|
|
};
|
|
|
|
owner = mkOption {
|
|
type = types.str;
|
|
default = "malobeo";
|
|
description = lib.mdDoc "Repository owner on the Gitea instance.";
|
|
};
|
|
|
|
repo = mkOption {
|
|
type = types.str;
|
|
default = "infrastructure";
|
|
description = lib.mdDoc "Repository name on the Gitea instance.";
|
|
};
|
|
|
|
host = mkOption {
|
|
type = types.str;
|
|
default = "127.0.0.1";
|
|
description = lib.mdDoc "Address the server binds to.";
|
|
};
|
|
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 27364;
|
|
description = lib.mdDoc "Port the server listens on.";
|
|
};
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
systemd.services.gitea-translator = {
|
|
description = "Gitea Pull Request Translator for Hydra";
|
|
after = [ "network-online.target" ];
|
|
wants = [ "network-online.target" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
serviceConfig = {
|
|
ExecStart = ''
|
|
${pkgs.python3}/bin/python3 ${inputs.self + /scripts/gitea_hydra_server.py} \
|
|
--baseurl ${cfg.baseurl} \
|
|
--owner ${cfg.owner} \
|
|
--repo ${cfg.repo} \
|
|
--host ${cfg.host} \
|
|
--port ${toString cfg.port}
|
|
'';
|
|
Restart = "on-failure";
|
|
RestartSec = 5;
|
|
|
|
# Hardening because why not
|
|
DynamicUser = true;
|
|
NoNewPrivileges = true;
|
|
ProtectSystem = "strict";
|
|
ProtectHome = true;
|
|
PrivateTmp = true;
|
|
PrivateDevices = true;
|
|
};
|
|
};
|
|
};
|
|
} |