new git-hooks based deployment

2026-01-09 22:07:29 -05:00 · 2026-01-09 22:07:29 -05:00 · a8e9884c3c
commit a8e9884c3c
parent e65718178e
5 changed files with 85 additions and 80 deletions
--- a/README.md
+++ b/README.md
@ -6,4 +6,20 @@ Declaratively keep your stuff up to date in your nixos config.
 ## Usage
 ```nix
 services.fooud = {
  enable = true;
  repos = [
    {
      path = "/full/path/to/your/repo.git";
      hooks = [
        pkgs.writeScriptBin "post-recieve" ''
          git clone . /var/www/your/deployed/location
        '';
      ];
    }
  ];
 };
 ```
 # TODO
 - [ ] add support for non-git files
--- a/flake.lock
+++ b/flake.lock
@ -2,18 +2,17 @@
  "nodes": {
    "nixpkgs": {
      "locked": {
-        "lastModified": 1764733908,
+        "lastModified": 1767892417,
-        "narHash": "sha256-QJiih52NU+nm7XQWCj+K8SwUdIEayDQ1FQgjkYISt4I=",
+        "narHash": "sha256-dhhvQY67aboBk8b0/u0XB6vwHdgbROZT3fJAjyNh5Ww=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "cadcc8de247676e4751c9d4a935acb2c0b059113",
+        "rev": "3497aa5c9457a9d88d71fa93a4a8368816fbeeba",
        "type": "github"
      },
      "original": {
-        "owner": "NixOS",
+        "id": "nixpkgs",
-        "ref": "nixpkgs-unstable",
+        "ref": "nixos-unstable",
-        "repo": "nixpkgs",
+        "type": "indirect"
        "type": "github"
      }
    },
    "root": {
--- a/flake.nix
+++ b/flake.nix
@ -1,6 +1,10 @@
 {
  description = "Declaratively update your data.";
-  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+  inputs.nixpkgs.url = "nixpkgs/nixos-unstable";
  outputs = { ... }: {
    nixosModules = rec {
      fooud = builtins.import ./module.nix;
      default = fooud;
    };
  };
 }
--- a/lib.nix
+++ b/lib.nix
@ -1,72 +0,0 @@
 { pkgs, ... }:
 let
  defaultUpdater = { git ? null, url ? null, path ? null, keys ? null, dest, check, config }:
    let
      config.systemd.services."fooud-${dest}" = {
        serviceConfig = {
          Type = "oneshot";
          User = "root";
          Group = "root";
          ExecStart = let
            dest = pkgs.lib.assertMsg dest "dest must be set";
            remote =
              if git then "--git " + git
              else if url then "--url " + url
              else if path then "--path " + path
              else builtins.throw "one of git, url or path must be set";
            keys_str = if git then
              pkgs.lib.strings.concatStrings builtins.map (x: "--key ${x} ") keys
            else throw "cannot use keys with git";
          in pkgs.writeShellScript "fooud-${dest}-wrapper" ''
              ${pkgs.fooud}/bin/fooud ${keys_str} ${remote} ${dest}
              '';
        };
      };
      config.systemd.timers."fooud-${dest}" = {
        wantedBy = [ "timers.target" ];
        timerConfig = {
          OnActiveSec = "0s";
          OnUnitActiveSec = check;
          Unit = "fooud-${dest}.service";
          Persistent = true;
        };
      };
    in
      {
        config = config;
        dest = dest;
      };
 in
 let
  gitUpdater = config: { git, keys, dest, check }:
    (defaultUpdater {
      git = git;
      keys = keys;
      dest = dest;
      check = check;
      config = config;
    }).dest;
  fsUpdater = config: { path, dest, check }:
    (defaultUpdater {
      path = path;
      dest = dest;
      check = check;
      config = config;
    }).dest;
  urlUpdater = config: { url, dest, check }:
    (defaultUpdater {
      url = url;
      dest = dest;
      check = check;
      config = config;
    }).dest;
  lib = {
    inherit
      gitUpdater
      fsUpdater
      urlUpdater;
  };
 in
  lib
--- a/module.nix
+++ b/module.nix
@ -0,0 +1,58 @@
 { config, pkgs, lib, ... }:
 {
  options.services.fooud = {
    enable = lib.mkEnableOption config.description;
    repos = lib.mkOption {
      type = lib.listOf {
        path = lib.mkOption {
          description = "fullpath to the repositiory on your server";
          type = lib.types.string;
        };
        hooks = lib.mkOption {
          type = lib.listOf lib.types.path;
          example = [
            pkgs.writeScriptBin "post-recieve" ''
              git clone . /var/www/your/deployed/location
            ''
          ];
        };
      };
    };
    user = lib.mkOption {
      type = lib.types.str;
      default = "fooud-deploy";
    };
  };
  config = let
    cfg = config.services.fooud;
  in lib.mkIf cfg.enable {
    users.users."${cfg.user}" = {
      group = "${cfg.user}";
      isSystemUser = true;
      createHome = true;
      home = "/var/lib/${cfg.user}";
      shell = "${pkgs.git}/bin/git-shell";
    };
    users.groups."${cfg.user}" = {};
    systemd = {
      services."fooud" = {
        wantedBy = [ "multi-user.target" ];
        serviceConfig = {
          Type = "oneshot";
          User = cfg.user;
          ExecStart = pkgs.writeScriptBin "fooud-deploy"
            (lib.concatMapStrings
              (repo: ''
                if [ -d ${repo.path} ]; then
                  rm -f ${repo.path}/hooks/*
                  cp ${repo.hooks}/bin/* ${repo.name}/hooks/
                fi
              '')
            cfg.repos);
        };
      };
    };
  };
 }