commit 6b6ff5d0e34af1410e954653bd171d21e25f2ad5 · julien.rbrt.fr/tangled-core

+23 -5
flake.nix
···

       92
       92
        
                 pname = "knotserver";

     

       93
       93
        
                 version = "0.1.0";

     

       94
       94
        
                 src = gitignoreSource ./.;

     

       95
       95
       +
                 nativeBuildInputs = [ final.makeWrapper ];

     

       95
       96
        
                 subPackages = ["cmd/knotserver"];

     

       96
       97
        
                 vendorHash = goModHash;

     

       98
       98
       +
                 installPhase = ''

     

       99
       99
       +
                     runHook preInstall

     

       100
       100
       +
       

     

       101
       101
       +
                     mkdir -p $out/bin

     

       102
       102
       +
                     cp $GOPATH/bin/knotserver $out/bin/knotserver

     

       103
       103
       +
       

     

       104
       104
       +
                     wrapProgram $out/bin/knotserver \

     

       105
       105
       +
                     --prefix PATH : ${pkgs.git}/bin

     

       106
       106
       +
       

     

       107
       107
       +
                     runHook postInstall

     

       108
       108
       +
                 '';

     

       97
       109
        
                 env.CGO_ENABLED = 1;

     

       98
       110
        
               };

     

       99
       111
        
             repoguard = buildCmdPackage "repoguard";

     
···

       282
       294
        
               config = mkIf config.services.tangled-knotserver.enable {

     

       283
       295
        
                 nixpkgs.overlays = [self.overlays.default];

     

       284
       296
        
       

     

       285
       285
       -
                 environment.systemPackages = with pkgs; [

     

       286
       286
       -
                     git

     

       287
       287
       -
                 ];

     

       297
       297
       +
                 environment.systemPackages = with pkgs; [ git ];

     

       288
       298
        
       

     

       289
       299
        
                 users.users.git = {

     

       290
       300
        
                   isSystemUser = true;

     
···

       302
       312
        
                   enable = true;

     

       303
       313
        
                   extraConfig = ''

     

       304
       314
        
                     Match User git

     

       305
       305
       -
                     AuthorizedKeysCommand ${pkgs.keyfetch}/bin/keyfetch -repoguard-path ${pkgs.repoguard}/bin/repoguard -log-path /home/git/repoguard.log

     

       306
       306
       -
                     AuthorizedKeysCommandUser nobody

     

       315
       315
       +
                         AuthorizedKeysCommand /etc/ssh/keyfetch_wrapper

     

       316
       316
       +
                         AuthorizedKeysCommandUser nobody

     

       307
       317
        
                   '';

     

       318
       318
       +
                 };

     

       319
       319
       +
       

     

       320
       320
       +
                 environment.etc."ssh/keyfetch_wrapper" = {

     

       321
       321
       +
                     mode = "0555";

     

       322
       322
       +
                     text = ''

     

       323
       323
       +
                         #!${pkgs.stdenv.shell}

     

       324
       324
       +
                         ${pkgs.keyfetch}/bin/keyfetch -repoguard-path ${pkgs.repoguard}/bin/repoguard -log-path /home/git/repoguard.log

     

       325
       325
       +
                     '';

     

       308
       326
        
                 };

     

       309
       327
        
       

     

       310
       328
        
                 systemd.services.knotserver = {