nix/vm.nix at main · jolheiser.com/ugit

jolheiser.com / ugit
fork atom
Mirror of https://git.jolheiser.com/ugit
fork atom
ugit / nix / vm.nix
at main 84 lines 2.4 kB view raw
wrap content
jolheiser.com testing vm 10mo ago
9f3ca2ae
 1{ pkgs, ... }:
 2let
 3  privKey = ''
 4    -----BEGIN OPENSSH PRIVATE KEY-----
 5    b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
 6    QyNTUxOQAAACBIpmLtcHhECei1ls6s0kKUehjpRCP9yel/c5YCIb5DpQAAAIgAYtkzAGLZ
 7    MwAAAAtzc2gtZWQyNTUxOQAAACBIpmLtcHhECei1ls6s0kKUehjpRCP9yel/c5YCIb5DpQ
 8    AAAEDFY3M69VfnFbyE67r3l4lDcf5eht5qgNemE9xtMhRkBkimYu1weEQJ6LWWzqzSQpR6
 9    GOlEI/3J6X9zlgIhvkOlAAAAAAECAwQF
10    -----END OPENSSH PRIVATE KEY-----
11  '';
12  pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEimYu1weEQJ6LWWzqzSQpR6GOlEI/3J6X9zlgIhvkOl";
13  sshConfig = ''
14    Host ugit
15        HostName localhost
16        Port 8448
17        User ugit
18        IdentityFile ~/.ssh/vm
19        IdentitiesOnly yes
20  '';
21in
22{
23  imports = [ ./module.nix ];
24  environment.systemPackages = with pkgs; [ git ];
25  services.getty.autologinUser = "root";
26  services.openssh.enable = true;
27  services.ugit.vm = {
28    enable = true;
29    authorizedKeys = [ pubKey ];
30    hooks = [
31      {
32        name = "pre-receive";
33        content = ''
34          echo "Pre-receive hook executed"
35        '';
36      }
37    ];
38  };
39  systemd.services."setup-vm" = {
40    wantedBy = [ "multi-user.target" ];
41    after = [ "ugit-vm.service" ];
42    path = with pkgs; [
43      git
44    ];
45    serviceConfig = {
46      Type = "oneshot";
47      RemainAfterExit = true;
48      User = "root";
49      Group = "root";
50      ExecStart =
51        let
52          privSSH = pkgs.writeText "vm-privkey" privKey;
53          sshConfigFile = pkgs.writeText "vm-sshconfig" sshConfig;
54        in
55        pkgs.writeShellScript "setup-vm-script" ''
56          # Hack to let ugit start up and generate its SSH keypair
57          sleep 3
58
59          # Set up git
60          git config --global user.name "NixUser"
61          git config --global user.email "nixuser@example.com"
62          git config --global init.defaultBranch main
63          git config --global push.autoSetupRemote true
64
65          # Set up SSH files
66          mkdir ~/.ssh
67          ln -sf ${sshConfigFile} ~/.ssh/config
68          cp ${privSSH} ~/.ssh/vm
69          chmod 600 ~/.ssh/vm
70          echo "[localhost]:8448 $(cat /var/lib/ugit-vm/ugit_ed25519.pub)" > ~/.ssh/known_hosts
71
72          # Stage some git activity
73          mkdir ~/repo
74          cd ~/repo
75          git init
76          git remote add origin ugit:repo.git
77          touch README.md
78          git add README.md
79          git commit -m "Test"
80        '';
81    };
82  };
83
84}