git: setup git maintenance declarativly using home manager
This commit is contained in:
parent
4b0c65c750
commit
bf0017a7ee
GPG key ID:
249300664F2AF2C7
1 changed files with 59 additions and 0 deletions
|
|
@ -21,6 +21,65 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
|
systemd.user = {
|
||||||
|
services."git-maintenance@" = {
|
||||||
|
Unit = {
|
||||||
|
Description = "Optimize Git repositories data";
|
||||||
|
};
|
||||||
|
Service = {
|
||||||
|
Type = "oneshot";
|
||||||
|
ExecStart = ''"${lib.getExe config.programs.git.package}" --exec-path="${lib.getBin config.programs.git.package}/bin -c credential.interactive=false -c core.askPass=true for-each-repo --config=maintenance.repo maintenance run --schedule=%i"'';
|
||||||
|
LockPersonality = "yes";
|
||||||
|
MemoryDenyWriteExecute = "yes";
|
||||||
|
NoNewPrivileges = "yes";
|
||||||
|
RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6 AF_VSOCK";
|
||||||
|
RestrictNamespaces = "yes";
|
||||||
|
RestrictRealtime = "yes";
|
||||||
|
RestrictSUIDSGID = "yes";
|
||||||
|
SystemCallArchitectures = "native";
|
||||||
|
SystemCallFilter = "@system-service";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
timers = {
|
||||||
|
"git-maintenance@hourly" = {
|
||||||
|
Unit = {
|
||||||
|
Description = "Optimize Git repositories data";
|
||||||
|
};
|
||||||
|
Timer = {
|
||||||
|
OnCalendar = "*-*-* *:00:00";
|
||||||
|
Persistent = true;
|
||||||
|
};
|
||||||
|
Install = {
|
||||||
|
WantedBy = [ "timers.target" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"git-maintenance@daily" = {
|
||||||
|
Unit = {
|
||||||
|
Description = "Optimize Git repositories data";
|
||||||
|
};
|
||||||
|
Timer = {
|
||||||
|
OnCalendar = "*-*-* 20:00:00";
|
||||||
|
Persistent = true;
|
||||||
|
};
|
||||||
|
Install = {
|
||||||
|
WantedBy = [ "timers.target" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"git-maintenance@weekly" = {
|
||||||
|
Unit = {
|
||||||
|
Description = "Optimize Git repositories data";
|
||||||
|
};
|
||||||
|
Timer = {
|
||||||
|
OnCalendar = "Sun *-*-* 20:00:00";
|
||||||
|
Persistent = true;
|
||||||
|
};
|
||||||
|
Install = {
|
||||||
|
WantedBy = [ "timers.target" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
programs.git = {
|
programs.git = {
|
||||||
enable = true;
|
enable = true;
|
||||||
inherit (cfg) userName userEmail;
|
inherit (cfg) userName userEmail;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue