pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / web-apps / nixbot.nix
at 17.09-beta 3.6 kB view raw
1{ config, lib, pkgs, ... }: 2 3with lib; 4 5let 6 cfg = config.services.nixbot; 7 pyramidIni = '' 8 ### 9 # app configuration 10 # http://docs.pylonsproject.org/projects/pyramid/en/1.7-branch/narr/environment.html 11 ### 12 13 [app:main] 14 use = egg:nixbot 15 16 nixbot.github_token = ${cfg.githubToken} 17 nixbot.bot_name = ${cfg.botName} 18 nixbot.repo = ${cfg.repo} 19 nixbot.pr_repo = ${cfg.prRepo} 20 nixbot.hydra_jobsets_repo = ${cfg.hydraJobsetsRepo} 21 nixbot.github_secret = justnotsorandom 22 nixbot.public_url = ${cfg.publicUrl} 23 nixbot.repo_dir = ${cfg.repoDir} 24 25 pyramid.reload_templates = false 26 pyramid.debug_authorization = false 27 pyramid.debug_notfound = false 28 pyramid.debug_routematch = false 29 pyramid.default_locale_name = en 30 31 # By default, the toolbar only appears for clients from IP addresses 32 # '127.0.0.1' and '::1'. 33 # debugtoolbar.hosts = 127.0.0.1 ::1 34 35 ### 36 # wsgi server configuration 37 ### 38 39 [server:main] 40 use = egg:waitress#main 41 host = 0.0.0.0 42 port = 6543 43 44 ### 45 # logging configuration 46 # http://docs.pylonsproject.org/projects/pyramid/en/1.7-branch/narr/logging.html 47 ### 48 49 [loggers] 50 keys = root, nixbot 51 52 [handlers] 53 keys = console 54 55 [formatters] 56 keys = generic 57 58 [logger_root] 59 level = INFO 60 handlers = console 61 62 [logger_nixbot] 63 level = INFO 64 handlers = 65 qualname = nixbot 66 67 [handler_console] 68 class = StreamHandler 69 args = (sys.stderr,) 70 level = NOTSET 71 formatter = generic 72 73 [formatter_generic] 74 format = %(asctime)s %(levelname)-5.5s [%(name)s:%(lineno)s][%(threadName)s] %(message)s 75 ''; 76in { 77 options = { 78 services.nixbot = { 79 enable = mkEnableOption "nixbot"; 80 81 botName = mkOption { 82 type = types.str; 83 description = "The bot's github user account name."; 84 default = "nixbot"; 85 }; 86 87 githubToken = mkOption { 88 type = types.str; 89 description = "The bot's github user account token."; 90 example = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"; 91 }; 92 93 repo = mkOption { 94 type = types.str; 95 description = "The github repository to check for PRs."; 96 example = "nixos/nixpkgs"; 97 }; 98 99 prRepo = mkOption { 100 type = types.str; 101 description = "The github repository to push the testing branches to."; 102 example = "nixos/nixpkgs-pr"; 103 }; 104 105 hydraJobsetsRepo = mkOption { 106 type = types.str; 107 description = "The github repository to push the hydra jobset definitions to."; 108 example = "nixos/hydra-jobsets"; 109 }; 110 111 publicUrl = mkOption { 112 type = types.str; 113 description = "The public URL the bot is reachable at (Github hook endpoint)."; 114 example = "https://nixbot.nixos.org"; 115 }; 116 117 repoDir = mkOption { 118 type = types.path; 119 description = "The directory the repositories are stored in."; 120 default = "/var/lib/nixbot"; 121 }; 122 }; 123 }; 124 125 config = mkIf cfg.enable { 126 users.extraUsers.nixbot = { 127 createHome = true; 128 home = cfg.repoDir; 129 }; 130 131 systemd.services.nixbot = let 132 env = pkgs.python3.buildEnv.override { 133 extraLibs = [ pkgs.nixbot ]; 134 }; 135 in { 136 after = [ "network.target" ]; 137 wantedBy = [ "multi-user.target" ]; 138 script = '' 139 ${env}/bin/pserve ${pkgs.writeText "production.ini" pyramidIni} 140 ''; 141 142 serviceConfig = { 143 User = "nixbot"; 144 Group = "nogroup"; 145 PermissionsStartOnly = true; 146 }; 147 }; 148 }; 149}