This tool supersedes the previous //ops/sync-gcsr, which no longer
exists.
Besadii runs as a git post-receive hook and triggers builds for the
depot on sourcehut. Builds are only triggered for branches, not for
tags.
The sourcehut token is read from /etc/secrets where it has been
manually placed on camden.
Besadii was a hutt kajidic, and also part of the Hutt Clan.
Submitting a build with a branch containing a slash (which is common
for my branches) returns this error:
Invalid tag name, tags must use lowercase alphanumeric characters,
underscores, dashes, or dots
This commit replaces all slashes with underscores to work around that.
Refactors //ops/sync-gcsr which was previously responsible for
synchronising the git repository between GCSR and the git.tazj.in cgit
instance to simply be responsible for triggering builds on sourcehut.
This program is intended to run as a git post-update hook.
Note: Not yet feature complete, as interpolation of concrete git
values and also sourcehut secrets is missing.
Enables the journaldriver service to forward logs into a "home"
log-stream in the "tazjins-infrastructure" project.
The service account key for camden has been placed on the machine
manually.
This change, which I've been meaning to do for a while, renames the
attributes passed by readTree to things in the tree so that:
* the depot root is now 'depot'
* depot.third_party is additionally passed as 'pkgs' (for
compatibility with exported subtrees)
At the moment there is no other way for requests from nugget to camden
to resolve correctly, as the Hyperoptic router is eating this traffic
on the LAN.
Adds a user & group which are configured to own the local depot copy,
and a cgit service to serve it.
The depot checkout was configured as:
mkdir -p /var/git && chown git: /var/git
# now, as the git user, in /var/git
git clone --bare ... depot
chmod -R g+rw /var/git
chmod g+s (find /var/git -type d)
git init --bare --shared=all depot
My personal user is a member of the git group, which means that after
the above configuration I can push to the bare repo as my user and
things work.
Also, crucially, the `post-update` hook must be enabled as cgit uses
the dumb HTTP transport.
This nginx does not currently log access correctly because for some
impenetrable reason (as is tradition), neither /dev/stdout nor
/dev/fd/1 exist for nginx at runtime. This is probably systemd's
doing, but I'll debug it later.
