in rec {
version = json.tag;
name = "${json.meta.name}-${version}";
- src = fetchgitPrivate json.git;
+ src = builtins.fetchGit {
+ url = json.git.url;
+ ref = "master";
+ rev = json.git.rev;
+ };
};
wrap = { paths ? [], vars ? {}, file ? null, script ? null, name ? "wrap" }:
TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files)
chmod go-rwx $TEMP
-# __noChroot: ssh-config-file requires relaxed
-export NIX_PATH="ssh-config-file=$(dirname $DIR)/ssh/config:$NIX_PATH"
-
-
finish() {
rm -rf "$TEMP"
$nixops set-args --unset privateFiles
fi
done
-nix_group=$(stat -c %G /nix/store)
-if [ "$nix_group" = "nixbld" ]; then
- nix_user="nixbld1"
-else
- nix_user="$(stat -c %U /nix/store)"
-fi
-
-if [ ! -f /etc/ssh/ssh_rsa_key_nixops ]; then
- cat <<-EOF
- The key to access private git repositories (websites hosted by the
- server) needs to be accessible to nix builders. It will be put in
- /etc/ssh/ssh_rsa_key_nixops (sudo right is needed for that)
- > pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey | sudo tee /etc/ssh/ssh_rsa_key_nixops > /dev/null
- > pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey.pub | sudo tee /etc/ssh/ssh_rsa_key_nixops.pub > /dev/null
- > sudo chmod u=r,go-rwx /etc/ssh/ssh_rsa_key_nixops
- > sudo chown $nix_user:$nix_group /etc/ssh/ssh_rsa_key_nixops /etc/ssh/ssh_rsa_key_nixops.pub
- Continue? [y/N]
- EOF
- read y
- if [ "$y" = "y" -o "$y" = "Y" ]; then
- if ! id -u $nix_user 2>/dev/null >/dev/null; then
- echo "User $nix_user seems inexistant, did you install nix?"
- exit 1
- fi
- mask=$(umask)
- umask 0777
- # Don’t forward it directly to tee, it would break ncurse pinentry
- key=$(pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey)
- echo "$key" | sudo tee /etc/ssh/ssh_rsa_key_nixops > /dev/null
- sudo chmod u=r,go=- /etc/ssh/ssh_rsa_key_nixops
- pubkey=$(pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey.pub)
- echo "$pubkey" | sudo tee /etc/ssh/ssh_rsa_key_nixops.pub > /dev/null
- sudo chmod a=r /etc/ssh/ssh_rsa_key_nixops.pub
- sudo chown $nix_user:$nix_group /etc/ssh/ssh_rsa_key_nixops /etc/ssh/ssh_rsa_key_nixops.pub
- umask $mask
- else
- echo "Aborting"
- exit 1
- fi
-fi
-
if nix show-config --json | jq -e '.sandbox.value == "true"' >/dev/null; then
cat <<-EOF
There are some impure derivations in the repo currently (grep __noChroot), please put
+++ /dev/null
-Host git.immae.eu
-IdentityFile /etc/ssh/ssh_rsa_key_nixops
-StrictHostKeyChecking no
-UserKnownHostsFile /dev/null
-CheckHostIP no
"tag": "b99537f-master",
"meta": {
"name": "aten",
- "url": "gitolite@git.immae.eu:perso/Immae/Sites/Aten",
+ "url": "ssh://gitolite@git.immae.eu/perso/Immae/Sites/Aten",
"branch": "master"
},
"git": {
- "url": "gitolite@git.immae.eu:perso/Immae/Sites/Aten",
+ "url": "ssh://gitolite@git.immae.eu/perso/Immae/Sites/Aten",
"rev": "b99537fdad41291afb4f1bb8b2e2aa4081c71fae",
"sha256": "15mlyik6zivxwry6zc906bqnivxhby27yr8kj4lg5n68pvb877dn",
"fetchSubmodules": true
"tag": "96fc4eb-master",
"meta": {
"name": "chloe",
- "url": "gitolite@git.immae.eu:perso/Immae/Sites/Chloe",
+ "url": "ssh://gitolite@git.immae.eu/perso/Immae/Sites/Chloe",
"branch": "master"
},
"git": {
- "url": "gitolite@git.immae.eu:perso/Immae/Sites/Chloe",
+ "url": "ssh://gitolite@git.immae.eu/perso/Immae/Sites/Chloe",
"rev": "96fc4eb0099a29b0f9a58fb4eaec4bf14ac65f0a",
"sha256": "0mf15j6z86j2smm2k360cmm5djhcjbs9949pznwi57kw97vkm1s3",
"fetchSubmodules": true
"tag": "dfcdce0-master",
"meta": {
"name": "connexionswing",
- "url": "gitolite@git.immae.eu:perso/Immae/Projets/Connexionswing",
+ "url": "ssh://gitolite@git.immae.eu/perso/Immae/Projets/Connexionswing",
"branch": "master"
},
"git": {
- "url": "gitolite@git.immae.eu:perso/Immae/Projets/Connexionswing",
+ "url": "ssh://gitolite@git.immae.eu/perso/Immae/Projets/Connexionswing",
"rev": "dfcdce04d11a75f5e850e6dc3a049de4517fc107",
"sha256": "0ddirwxs2ify3bni6nv787nb31ckyn2hsrcq8g01b5cfv5havkwq",
"fetchSubmodules": true
"tag": "0dacc32-master",
"meta": {
"name": "ludivinecassal",
- "url": "gitolite@git.immae.eu:perso/Immae/Sites/Ludivine",
+ "url": "ssh://gitolite@git.immae.eu/perso/Immae/Sites/Ludivine",
"branch": "master"
},
"git": {
- "url": "gitolite@git.immae.eu:perso/Immae/Sites/Ludivine",
+ "url": "ssh://gitolite@git.immae.eu/perso/Immae/Sites/Ludivine",
"rev": "0dacc320ea052b69f79861c84bceaa89be53de60",
"sha256": "10khg1fq9ixly3xak591n3v0rv3f2hn91rd46d75yv3wjxaj1c2d",
"fetchSubmodules": true
"tag": "4ee4538-master",
"meta": {
"name": "piedsjaloux",
- "url": "gitolite@git.immae.eu:Pieds_jaloux/NewSite",
+ "url": "ssh://gitolite@git.immae.eu/Pieds_jaloux/NewSite",
"branch": "master"
},
"git": {
- "url": "gitolite@git.immae.eu:Pieds_jaloux/NewSite",
+ "url": "ssh://gitolite@git.immae.eu/Pieds_jaloux/NewSite",
"rev": "4ee45386ad9ec9c081234a2fbde66e5b0c3294be",
"sha256": "10a41chh4crn95z6lk6nhkx27089djkngypa9m76bg7ph508mvnq",
"fetchSubmodules": true
"tag": "1793d5c-master",
"meta": {
"name": "tellesflorian",
- "url": "gitolite@git.immae.eu:perso/florian_telles/stabilo",
+ "url": "ssh://gitolite@git.immae.eu/perso/florian_telles/stabilo",
"branch": "master"
},
"git": {
- "url": "gitolite@git.immae.eu:perso/florian_telles/stabilo",
+ "url": "ssh://gitolite@git.immae.eu/perso/florian_telles/stabilo",
"rev": "1793d5c7912d1b20ad1df1ac59be9d7f1220e919",
"sha256": "1zhxcrbglbjb6xfr8sfm4m2miabbkkb0a7543va3b5akrn6yk0cb",
"fetchSubmodules": true
projects / perso / Immae / Config / Nix.git / commitdiff
