ci: install keychain for use in scripts

This commit is contained in:
Aaron Bieber 2023-03-03 07:48:42 -07:00
parent 336973e5b5
commit f83024c42d
No known key found for this signature in database
4 changed files with 21 additions and 9 deletions

2
bin/ci
View File

@ -6,6 +6,8 @@ direnv allow
CMD=${1:-""}
eval $(keychain --eval --agents ssh --inherit any)
start_ci
trap ci_error INT TERM

View File

@ -59,14 +59,16 @@ in with lib; {
owner = config.services.tsrevprox.user;
};
};
environment.systemPackages = [ inputs.po.packages.${pkgs.system}.po ];
environment.systemPackages = with pkgs; [
inputs.po.packages.${pkgs.system}.po
keychain
];
nix = {
settings.allowed-users = [ "root" config.xinCI.user "nix-serve" ];
};
systemd.services =
lib.listToAttrs (builtins.map xinlib.jobToService jobs);
systemd.services = lib.listToAttrs (builtins.map xinlib.jobToService jobs);
services = {
tsrevprox = {

View File

@ -674,8 +674,16 @@ in {
};
};
managementRoom = "#moderation:tapenet.org";
automaticallyRedactForReasons =
[ "spam" "advertising" "racism" "nazi" "nazism" "trolling" "porn" "csam" ];
automaticallyRedactForReasons = [
"spam"
"advertising"
"racism"
"nazi"
"nazism"
"trolling"
"porn"
"csam"
];
aditionalPrefixes = [ "hammer" ];
confirmWildcardBan = false;
};

View File

@ -8,9 +8,6 @@ let
jobToUserService = job: {
name = "${job.name}";
value = {
serviceConfig = {
User = "${job.user}";
};
script = mkCronScript "${job.name}_script" job.script;
inherit (job) startAt path;
};
@ -20,6 +17,7 @@ let
value = {
script = mkCronScript "${job.name}_script" job.script;
inherit (job) startAt path;
serviceConfig = { User = "${job.user}"; };
};
};
buildShell = pkgs:
@ -51,6 +49,8 @@ let
system.autoUpgrade.enable = state != "DIRTY";
};
xinlib = { inherit buildVer mkCronScript jobToUserService jobToService buildShell; };
xinlib = {
inherit buildVer mkCronScript jobToUserService jobToService buildShell;
};
in xinlib