{ config, lib, pkgs, inputs, ... }: let repo-updater = pkgs.writeShellScriptBin "repo-updater" (builtins.readFile ../../scripts/gitea/update-repo.sh); environment = { XDG_RUNTIME_DIR = "/tmp"; HOME = "/home/strangerbot"; NIX_PATH = "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels"; XDG_CONFIG_DIRS = "/etc/profiles/per-user/strangerbot/etc/xdg:/nix/var/nix/profiles/default/etc/xdg:/run/current-system/sw/etc/xdg"; XDG_CONFIG_HOME = "/home/strangerbot/.config"; }; path = with pkgs; [ git inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.nurl jq curl openssh bash nix nix-prefetch ]; update-flake = { name, repo, schedule, branch ? "trunk" }: { systemd.services."update-flake-${name}" = { inherit environment; inherit path; script = '' env ${repo-updater}/bin/repo-updater ${repo} ${branch} ''; serviceConfig = { Type = "oneshot"; User = "strangerbot"; Group = "users"; }; }; systemd.timers."update-flake-${name}" = { wantedBy = [ "timers.target" ]; partOf = [ "update-flake-${name}.service" ]; timerConfig = { OnCalendar = schedule; Unit = "update-flake-${name}.service"; }; }; }; in lib.mkMerge [ { # Setup hosts for gitea automation networking.hosts = { "100.99.69.14" = [ "git.stranger.systems" ]; }; # Setup the bot user users.users."strangerbot" = { home = "/home/strangerbot"; description = "Stranger Bot"; isNormalUser = true; }; home-manager.users."strangerbot" = { programs.git = { userName = "Stranger Bot"; userEmail = "bot@stranger.systems"; extraConfig = { commit.gpgsign = true; gpg.format = "ssh"; user.signingkey = "~/.ssh/id_ed25519.pub"; }; }; }; } (update-flake { name = "system"; repo = "gitea@git.stranger.systems:nix/System.git"; schedule = "Sun, 4:00"; }) (update-flake { name = "rust-util"; repo = "gitea@git.stranger.systems:nix/Rust.git"; schedule = "Mon, 8:00"; }) (update-flake { name = "java"; repo = "gitea@git.stranger.systems:nix/java.git"; branch = "master"; schedule = "6:00"; }) ]