Add automation around git-plan

This commit is contained in:
Konstantin Nazarov 2023-08-15 15:25:03 +01:00
parent f76900ff9d
commit 7d603f5a81
Signed by: knazarov
GPG key ID: 4CFE0A42FA409C22
4 changed files with 77 additions and 9 deletions

View file

@ -5,7 +5,8 @@
{ config, lib, nixpkgs, pkgs, home-manager, ... }: { config, lib, nixpkgs, pkgs, home-manager, ... }:
let let
my_python = (pkgs.python3.withPackages (ps: with ps; [
git_plan]));
in in
{ {
imports = imports =
@ -30,6 +31,14 @@ in
owner = config.users.users.knazarov.name; owner = config.users.users.knazarov.name;
group = config.users.users.knazarov.group; group = config.users.users.knazarov.group;
}; };
git_plan_config = {
owner = config.users.users.knazarov.name;
group = config.users.users.knazarov.group;
};
git_plan_credentials = {
owner = config.users.users.knazarov.name;
group = config.users.users.knazarov.group;
};
mullvad_account = {}; mullvad_account = {};
}; };
}; };
@ -162,8 +171,7 @@ in
]; ];
}) })
# wget # wget
(python3.withPackages (ps: with ps; [ my_python
git_plan]))
]; ];
services.mullvad-vpn = { services.mullvad-vpn = {
@ -346,7 +354,10 @@ in
programs.gpg = { programs.gpg = {
enable = true; enable = true;
package = pkgs.gnupg; package = pkgs.gnupg;
publicKeys = [{source = ./gpg_public_key.asc; trust="ultimate"; }]; publicKeys = [
{source = ./gpg_public_key.asc; trust="ultimate"; }
{source = ./pgp_keys/FB4809DC51A4F483.asc; trust= "ultimate"; }
];
settings = { settings = {
default-key = "0x0560020C9C577C1B"; default-key = "0x0560020C9C577C1B";
}; };
@ -587,4 +598,45 @@ in
services.udev.extraRules = '' services.udev.extraRules = ''
ACTION=="add", SUBSYSTEMS=="usb", SUBSYSTEM=="block", ENV{ID_FS_USAGE}=="filesystem", ENV{ID_SERIAL_SHORT}=="Hidizs_AP80PRO", RUN{program}+="${pkgs.systemd}/bin/systemd-mount --owner knazarov --no-block --automount=yes --collect $devnode /media" ACTION=="add", SUBSYSTEMS=="usb", SUBSYSTEM=="block", ENV{ID_FS_USAGE}=="filesystem", ENV{ID_SERIAL_SHORT}=="Hidizs_AP80PRO", RUN{program}+="${pkgs.systemd}/bin/systemd-mount --owner knazarov --no-block --automount=yes --collect $devnode /media"
''; '';
systemd.timers."git_plan" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec="1h";
OnUnitActiveSec="1h";
Unit = "git_plan.service";
};
};
systemd.services."git_plan" = {
script = ''
${my_python}/bin/python3 -m git_plan -c /var/run/secrets/git_plan_config -r /var/run/secrets/git_plan_credentials oneshot
'';
serviceConfig = {
Type = "oneshot";
User = "knazarov";
StateDirectory="git_plan";
Environment="PYTHONUNBUFFERED=1";
};
};
systemd.timers."git_plan_pr" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar= "Mon,Tue,Wed,Thu,Fri *-*-* 10:00:00";
Unit = "git_plan_pr.service";
};
};
systemd.services."git_plan_pr" = {
script = ''
${my_python}/bin/python3 -m git_plan -c /var/run/secrets/git_plan_config -r /var/run/secrets/git_plan_credentials pr
'';
serviceConfig = {
Type = "oneshot";
User = "knazarov";
StateDirectory="git_plan";
Environment="PYTHONUNBUFFERED=1";
};
};
} }

View file

@ -49,11 +49,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1692049717, "lastModified": 1692109167,
"narHash": "sha256-Htsfis2u/WdjqW5l8n5cx9Ai+GdOd+GRqQAssBfLQp4=", "narHash": "sha256-2GkXwsPfoPM1zdqMnyRArItgcTINhxR6aiKvzonz+Uo=",
"owner": "~knazarov", "owner": "~knazarov",
"repo": "git-plan", "repo": "git-plan",
"rev": "569d267cd4f15b55618c965b868a7361b5901c86", "rev": "b10514e4bab6d935da3a7441014fd37ea1d7e5fd",
"type": "sourcehut" "type": "sourcehut"
}, },
"original": { "original": {

View file

@ -0,0 +1,14 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEYUXnihYJKwYBBAHaRw8BAQdAk94cAXqZCdyDCswhtJr7kzJatc9/keC58/Fj
cuXfKtG0JktvbnN0YW50aW4gTmF6YXJvdiA8bWFpbEBrbmF6YXJvdi5jb20+iJoE
ExYKAEIWIQSKYaGWpjisvxzCNS9FkhIy7XLNWAUCYUXnigIbAwUJA8JnAAULCQgH
AgMiAgEGFQoJCAsCBBYCAwECHgcCF4AACgkQRZISMu1yzVg+KgD6AvJL+v9wLaLZ
WnPZ6KiqXgBma7LEWF/7PVgkLpfAxAMA/0U0hijNecloglBplxCBM35DVNRCtqYN
m3RqB6+kcEUEuDgEYUXnihIKKwYBBAGXVQEFAQEHQNFcVwoYkJ1L9K8SUU42Xp0C
TxULo2PSIG0RwI73smEMAwEIB4h+BBgWCgAmFiEEimGhlqY4rL8cwjUvRZISMu1y
zVgFAmFF54oCGwwFCQPCZwAACgkQRZISMu1yzViZYgEAyeNDqB3a7lbvFnnMuc6S
IJiuaXjcErscD5elqqK/0zUA/3Dot37BnhVKBxfHBmqEJk/Ub0vIK6GBhm3S9eNJ
gt0P
=RprX
-----END PGP PUBLIC KEY BLOCK-----

View file

@ -2,6 +2,8 @@ hello: ENC[AES256_GCM,data:+LPt8J+Ks1m10+zZ2Q96r3K2W6Yeng7M7+c2TYDQ+/4AJl6Xc6hVn
fastmail_password: ENC[AES256_GCM,data:tHr8PqIg9DigRBu2bgjUeg==,iv:NI9bENFPuKcOt1cd2kg2DKU22J1dJ+3mK7UoceZagR4=,tag:oEgeQb1iLKisOqHi9Ds7xg==,type:str] fastmail_password: ENC[AES256_GCM,data:tHr8PqIg9DigRBu2bgjUeg==,iv:NI9bENFPuKcOt1cd2kg2DKU22J1dJ+3mK7UoceZagR4=,tag:oEgeQb1iLKisOqHi9Ds7xg==,type:str]
github_token: ENC[AES256_GCM,data:E1+wrI5VUlnsqfKNH6fY7IXqHIiagAByLYCfIfdd2+HcvniAvZzaIyKB3nma5eks3csN5A9XgYXRb09lELroW00obmIWbWZPdFhDccHRtVOqFq/r+x27O/3MAkDqID5mc8xD8SqWUibr9UZfXjFcXC4bx7+a4pyy45akz9RLIJRVKDzxMBGmZ/wQcuFS9uy2Pv2yWRL7q4olzvc/kzNFRWCLU7ThIAJSIx//NluOE8xjsA==,iv:Cdc2wwGdXprch1hHd0CwJM6vUAYmfhI4FpcKjcoIZYY=,tag:so8BJtjHGcGzayPqMwy43A==,type:str] github_token: ENC[AES256_GCM,data:E1+wrI5VUlnsqfKNH6fY7IXqHIiagAByLYCfIfdd2+HcvniAvZzaIyKB3nma5eks3csN5A9XgYXRb09lELroW00obmIWbWZPdFhDccHRtVOqFq/r+x27O/3MAkDqID5mc8xD8SqWUibr9UZfXjFcXC4bx7+a4pyy45akz9RLIJRVKDzxMBGmZ/wQcuFS9uy2Pv2yWRL7q4olzvc/kzNFRWCLU7ThIAJSIx//NluOE8xjsA==,iv:Cdc2wwGdXprch1hHd0CwJM6vUAYmfhI4FpcKjcoIZYY=,tag:so8BJtjHGcGzayPqMwy43A==,type:str]
mullvad_account: ENC[AES256_GCM,data:CO4wl2vNAMEC9oy37nIrpw==,iv:a3w64u8XQ/tihIDxIPPtdZ6F7dldLPvRzGUs1MpVe4M=,tag:HQxJVuGEvI0fVj8yGptbdA==,type:str] mullvad_account: ENC[AES256_GCM,data:CO4wl2vNAMEC9oy37nIrpw==,iv:a3w64u8XQ/tihIDxIPPtdZ6F7dldLPvRzGUs1MpVe4M=,tag:HQxJVuGEvI0fVj8yGptbdA==,type:str]
git_plan_config: ENC[AES256_GCM,data:45B89I6+mK4GkgeitNiizLmJUyIsOBNbmTPKOSIbMgpbqgR1QjuRNaJViOkQKFS8oZXFIEPbnoub1mDkMzMTB8KOvqnxUE4vnKwCzudepaO7f3WAJC8VlUORn6tX/Ujs4HeD4P8ozoh4bbAm8iT3VCiHZ28TurBqOtA3G/LVxtZ9NB87/BIu8/e8S10aZ2MGNORdEW2Rtbl0Tn0JjEiDZp8jrUm+pWQHhDdcvMtxyzoBqQsTU5eiea0qZOJP4Z5XK6/iWYss/vlGDwjD6S3rHFrHIJ22kq3pRezA0U42i6Uq8eTcVkzXlO7XvWsyA5CPsNbiEbbBvVkPvE4SUN3xVEpPHsSO0a/q3/0C2G1txvP9dd4CcVeuwqznBt25EYG9O3TQHt4h6GmjsgIWZaS7bSCmgANJTGmamFMJ4SdXzjTxXBXuTa64JceMQjmlykDwABJhThPRzMxMT1NFeHrc2OjuZ0NJHa28S/eoLUUq50QsiUD5E+wwkuxgXt9/DsBeirXf9dNjA58Z24nbxSQvq24Lp7Zlb15VP9FpoZIZb88kxNiJwT/4Uj4Px4pFdFVBZmCGiSXnBSxbypFapA+6AQ89z5ZMxdH6FP7EvsF7aDToLa0Q2Xovzd8Nt57w2j4YkS3Mc067KXkusbCzZ8C9DzkiYUDM9+ouSjIgXHL1JEBX+B4z17UTcSgNpsSztCScnjESaaI1xZ8JCKU9Zq53yiwRtYbhTTrpmA3xPI2Un3kvGCxYNtO5sWcLvzRKs6JP4o2WN40DvVJ7SgbSWWOA6cXMxLifEuiX8olgjsKP4tmaxXpiLE5b8xnXSHjzce23cEt9uN8R1hGdJak7iQWp/KZXov7fSA==,iv:Qdjmv27fsSXAQ6LCXdZtNVTbZlU9zFsRLor1BKJNHNE=,tag:5G5gk8JEHRx0CY48al5rvA==,type:str]
git_plan_credentials: ENC[AES256_GCM,data:d4egK2w4TGIDNaI2Wc3ViOBnH7/WpdeS1EoYe4/oaM4iayBXOEQMvT9qIgu/Hml34gvbBN9lRmlNkESVh7YpwO5wACkkRcO/0ZTyP8XzFUUo0IfUh1iHPjEQOF7vygW/woqBiQgFPRws9F+g6BW8aSQrBgvBF5IeNLhFBvSJUvTft1xEsNwFnkWnfZ2JWmYqLjEggoUEqtXMRw9KKcqm4DNXIzxmA8wSzDriIzeCVuSEV8sJD21saFPPaLw/jupLTLdWp5F8rAxLGa6e9coCNu8vSuqUgfv0jFET71bNw28xPrN38A/PIlUcR9MXe1SGqKAFxEv134ZkJr78g1PIWNoVDrmIlMpV6dYRLKM1FOcpAhJorIXooIl6quCdg2/U5onP8cQ7lt2LsEG5APKj7pz7huatdwM/CgxrcqPVb0E2Lk5c+wi3Rf9/Jz3BqcWQm3bwkHwivWyCD1Nw+qRXLFSfXGTovSBsxX0j4LbdP0o4iPuj068DGawpYC/AfcKfOCmh8aInQhGCQtIq14QGffU9GbW37gHu,iv:ZzOUYu3s+kfwbKajA+6fdu2EysipjoKD49muLNFBZ58=,tag:e0RI7rA8eLQI8h5L4pvS1A==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -26,8 +28,8 @@ sops:
U3loV2xDMkM5SWNXRDJobDloL0FVUUkK3OP7KvcKkE8mJ880dm6LMFZUxELjl8/P U3loV2xDMkM5SWNXRDJobDloL0FVUUkK3OP7KvcKkE8mJ880dm6LMFZUxELjl8/P
6+q8qAYiAvl0Cbd4GzkNpUuBbLlFFWfFmC0vbgg8gyZ6xI5AFhHAPw== 6+q8qAYiAvl0Cbd4GzkNpUuBbLlFFWfFmC0vbgg8gyZ6xI5AFhHAPw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2023-07-09T20:32:29Z" lastmodified: "2023-08-14T22:29:46Z"
mac: ENC[AES256_GCM,data:c9+qPvLsiCgZPZ2vguQGCb+5LEr8cg32VGCyUvqiqICq5xtMZeDK7Uj8n0yLj0USaZ7bttUiI2CBpEl6anRSrXUGoJwmvJboXVi9/Xex5tv45hvdGA4Hd3P88K8kVRankOVhpogBRzcOpp4JsrtgxDTKabekpnaEr2l7H+5sXDU=,iv:no7t2FUwUaQWiuDDHe3Z5C5zoG5rnMeD9ar8PhtxyE4=,tag:AJYWdPdRGhG5epTsiD+cTw==,type:str] mac: ENC[AES256_GCM,data:RrVV1xSuXU9cm1dja2EBQFU4FxyU1agGNCDuCbWNxD/xJo4U6e2Zg74rNfc8BrFatnCp47eMM37eGy2PKScbit05R3+CGdCpGlqb/6ULQNUC/rxWKavhoGnF9WaWQEDsKAP1zEVDgWtZFWkocWJAmB0KNQhSiBXxy/fwZv+eQAM=,iv:X39LvJ15Hl+scJyF19vnTGTRImPf1JLepFdamL0Cz/I=,tag:8d6v6ZiZiPukmbUOi3NOrQ==,type:str]
pgp: pgp:
- created_at: "2023-06-10T01:03:11Z" - created_at: "2023-06-10T01:03:11Z"
enc: |- enc: |-