aforemny · March 14, 2013 15:21
diff --git a/git.nix b/git.nix
 { config, pkgs, ... }:

 with pkgs.lib;

 let

  mainCfg = config.services.git;

  repositoryOpts = { name, config, ... }: {
    
    options = {
    
      name = mkOption {
        type = with types; uniq string;
        description = "";
      };

      owner = mkOption {
        type = with types; uniq string;
        default = mainCfg.user;
        description = "";
      };

      users = mkOption {
        type = with types; listOf string;
        default = [];
        description = "";
      };

      private = mkOption {
        type = with types; uniq bool;
        default = false;
        description = "";
      };

    };

    config = {
      name = mkDefault name;
    };

  };

  serializedRepository = r: "${r.name}\n${r.owner}\n${toString r.private}\n";

  gitFile = pkgs.writeText "git" (concatStrings (map serializedRepository (attrValues mainCfg.repositories)));

 in {

  options.services.git = {

    enable = mkOption {
      default = false;
      description = "";
    };

    user = mkOption {
      default = "git";
      description = "";
    };

    group = mkOption {
      default = "git";
      description = "";
    };

    repositories = mkOption {
      default = {};
      type = types.loaOf types.optionSet;
      description = "";
       options = repositoryOpts;
    };

  };

  config = mkIf config.services.git.enable {

    environment.systemPackages = [ pkgs.git ];

    users.extraUsers = optionalAttrs (mainCfg.user == "git")
      (singleton { name = mainCfg.user; description = "Git user"; })
      ++ concatMap (r: map (u: { name = u; extraGroups = singleton "git-${r.name}"; }) r.users)
             (attrValues mainCfg.repositories);

    users.extraGroups = optionalAttrs (mainCfg.group == "git")
                          (singleton { name = "git"; })
                     ++ map (r: { name = "git-${r.name}"; })
                          (attrValues mainCfg.repositories);

    system.activationScripts.git = stringAfter [ "users" "groups" ]
      ''
        echo "updating git repositories..."

        mkdir -m 750 -p /var/srv/git
        chown ${mainCfg.user}:${mainCfg.group} /var/srv/git
        chmod 750 /var/srv/git

        cat ${gitFile} | while true; do
          read name || break
          read owner
          read private

          path=/var/srv/git/$name
          mode=770

          if [ ! -z $private ]; then
            path=/var/srv/git/$owner

            mkdir -m 750 -p $path
            chown $owner:${mainCfg.group} $path
            chmod 750 $path

            path=$path/$name
            mode=750
          fi

          mkdir -m $mode -p $path
          chown $owner:git-$name $path
          chmod $mode $path
        done
      '';
  };

 }
	{ config, pkgs, ... }:

	with pkgs.lib;

	let

	mainCfg = config.services.git;

	repositoryOpts = { name, config, ... }: {

	options = {

	name = mkOption {
	type = with types; uniq string;
	description = "";
	};

	owner = mkOption {
	type = with types; uniq string;
	default = mainCfg.user;
	description = "";
	};

	users = mkOption {
	type = with types; listOf string;
	default = [];
	description = "";
	};

	private = mkOption {
	type = with types; uniq bool;
	default = false;
	description = "";
	};

	};

	config = {
	name = mkDefault name;
	};

	};

	serializedRepository = r: "${r.name}\n${r.owner}\n${toString r.private}\n";

	gitFile = pkgs.writeText "git" (concatStrings (map serializedRepository (attrValues mainCfg.repositories)));

	in {

	options.services.git = {

	enable = mkOption {
	default = false;
	description = "";
	};

	user = mkOption {
	default = "git";
	description = "";
	};

	group = mkOption {
	default = "git";
	description = "";
	};

	repositories = mkOption {
	default = {};
	type = types.loaOf types.optionSet;
	description = "";
	options = repositoryOpts;
	};

	};

	config = mkIf config.services.git.enable {

	environment.systemPackages = [ pkgs.git ];

	users.extraUsers = optionalAttrs (mainCfg.user == "git")
	(singleton { name = mainCfg.user; description = "Git user"; })
	++ concatMap (r: map (u: { name = u; extraGroups = singleton "git-${r.name}"; }) r.users)
	(attrValues mainCfg.repositories);

	users.extraGroups = optionalAttrs (mainCfg.group == "git")
	(singleton { name = "git"; })
	++ map (r: { name = "git-${r.name}"; })
	(attrValues mainCfg.repositories);

	system.activationScripts.git = stringAfter [ "users" "groups" ]
	''
	echo "updating git repositories..."

	mkdir -m 750 -p /var/srv/git
	chown ${mainCfg.user}:${mainCfg.group} /var/srv/git
	chmod 750 /var/srv/git

	cat ${gitFile} \| while true; do
	read name \|\| break
	read owner
	read private

	path=/var/srv/git/$name
	mode=770

	if [ ! -z $private ]; then
	path=/var/srv/git/$owner

	mkdir -m 750 -p $path
	chown $owner:${mainCfg.group} $path
	chmod 750 $path

	path=$path/$name
	mode=750
	fi

	mkdir -m $mode -p $path
	chown $owner:git-$name $path
	chmod $mode $path
	done
	'';
	};

	}
No results found