services.postgresql.enable = mkOverride 999 true;
# Mail server
services.postfix.enable = mkOverride 999 true;
- # Cron daemon
- services.cron.enable = mkOverride 999 true;
# Redis server
services.redis.enable = mkOverride 999 true;
services.redis.bind = mkOverride 999 "127.0.0.1";
};
services = {
- cron.systemCronJobs = [ "*/20 * * * * ${cfg.python}/bin/gitsrht-periodic" ];
fcgiwrap.enable = true;
openssh.authorizedKeysCommand = ''/etc/ssh/gitsrht-dispatch "%u" "%h" "%t" "%k"'';
gitsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
after = [ "redis.service" "postgresql.service" "network.target" ];
requires = [ "redis.service" "postgresql.service" ];
- wantedBy = [ "multi-user.target" ];
+ wantedBy = [ "gitsrht.target" ];
# Needs internally to create repos at the very least
path = [ pkgs.git ];
serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
};
+ gitsrht-periodic = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
+ after = [ "gitsrht.service" ];
+ requires = [ "gitsrht.service" ];
+
+ description = "git.sr.ht periodic service";
+
+ serviceConfig.Type = mkForce "oneshot";
+ serviceConfig.Restart = mkForce "no";
+ serviceConfig.ExecStart = "${cfg.python}/bin/gitsrht-periodic";
+ };
+
gitsrht-webhooks = {
after = [ "postgresql.service" "network.target" ];
requires = [ "postgresql.service" ];
};
};
+ systemd.timers = {
+ gitsrht-periodic = {
+ description = "gitsrht periodic timer";
+ wantedBy = [ "timers.target" ];
+ timerConfig = {
+ OnCalendar = "20min";
+ Persistent = true;
+ };
+ };
+ };
+
services.sourcehut.settings = {
# The authorized keys hook uses this to dispatch to various handlers
# The format is a program to exec into as the key, and the user to match as the
};
services = {
- cron.systemCronJobs = [ "*/20 * * * * ${cfg.python}/bin/hgsrht-periodic" ]
- ++ optional cloneBundles "0 * * * * ${cfg.python}/bin/hgsrht-clonebundles";
-
openssh.authorizedKeysCommand = ''/etc/ssh/hgsrht-dispatch "%u" "%h" "%t" "%k"'';
openssh.authorizedKeysCommandUser = "root";
openssh.extraConfig = ''
"d ${cfg.settings."${iniKey}".repos} 2755 ${user} ${user} -"
];
- services.hgsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
- after = [ "redis.service" "postgresql.service" "network.target" ];
- requires = [ "redis.service" "postgresql.service" ];
- wantedBy = [ "multi-user.target" ];
+ services = {
+ hgsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
+ after = [ "redis.service" "postgresql.service" "network.target" ];
+ requires = [ "redis.service" "postgresql.service" ];
+ wantedBy = [ "multi-user.target" ];
+
+ path = [ pkgs.mercurial ];
+ description = "hg.sr.ht website service";
+
+ serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
+ };
+
+ hgsrht-periodic = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
+ after = [ "hgsrht.service" ];
+ requires = [ "hgsrht.service" ];
+
+ description = "hg.sr.ht periodic service";
+
+ serviceConfig.Type = mkForce "oneshot";
+ serviceConfig.Restart = mkForce "no";
+ serviceConfig.ExecStart = "${cfg.python}/bin/hgsrht-periodic";
+ };
+
+ hgsrht-clonebundles = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
+ after = [ "hgsrht.service" ];
+ requires = [ "hgsrht.service" ];
+
+ description = "hg.sr.ht periodic service";
- path = [ pkgs.mercurial ];
- description = "hg.sr.ht website service";
+ serviceConfig.Type = mkForce "oneshot";
+ serviceConfig.Restart = mkForce "no";
+ serviceConfig.ExecStart = "${cfg.python}/bin/hgsrht-periodic";
+ };
+ };
+ };
- serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
+ systemd.timers = {
+ hgsrht-periodic = {
+ description = "hgsrht periodic timer";
+ wantedBy = [ "timers.target" ];
+ timerConfig = {
+ OnCalendar = "20min";
+ Persistent = true;
+ };
+ };
+ hgsrht-clonebundles = {
+ description = "hgsrht daily timer";
+ wantedBy = [ "timers.target" ];
+ timerConfig = {
+ OnCalendar = "daily";
+ Persistent = true;
+ AccuracySec = "1h";
+ };
};
};
};
};
- services.cron.systemCronJobs = [ "0 0 * * * ${cfg.python}/bin/metasrht-daily" ];
services.postgresql = {
authentication = ''
local ${database} ${user} trust
metasrht-api = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
after = [ "postgresql.service" "network.target" ];
requires = [ "postgresql.service" ];
- wantedBy = [ "multi-user.target" ];
+ wantedBy = [ "metasrht.service" ];
description = "meta.sr.ht api service";
serviceConfig.ExecStart = "${pkgs.sourcehut.metasrht}/bin/metasrht-api -b :${toString (port + 100)}";
};
+ metasrht-daily = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
+ after = [ "metasrht.service" ];
+ requires = [ "metasrht.service" ];
+
+ description = "meta.sr.ht daily service";
+
+ serviceConfig.Type = mkForce "oneshot";
+ serviceConfig.Restart = mkForce "no";
+ serviceConfig.ExecStart = "${cfg.python}/bin/metasrht-daily";
+ };
+
metasrht-webhooks = {
after = [ "postgresql.service" "network.target" ];
requires = [ "postgresql.service" ];
- wantedBy = [ "multi-user.target" ];
+ wantedBy = [ "multi-user.service" ];
description = "meta.sr.ht webhooks service";
serviceConfig = {
};
};
+ systemd.timers = {
+ metasrht-daily = {
+ description = "metasrht daily timer";
+ wantedBy = [ "timers.target" ];
+ timerConfig = {
+ OnCalendar = "daily";
+ Persistent = true;
+ AccuracySec = "1h";
+ };
+ };
+ };
+
services.nginx.virtualHosts."meta.${cfg.originBase}" = {
forceSSL = true;
locations."/".proxyPass = "http://${cfg.address}:${toString port}";
User = user;
Group = user;
Restart = "always";
+ RestartSec = "2min";
WorkingDirectory = statePath;
StateDirectory = [ "sourcehut/${serviceDrv.pname}" ];
};
sourcephile / git / sourcephile-nix.git / commitdiff