oysteikt/nix-dotfiles
1
1
Fork 0
Code Issues 138 Pull Requests Activity

home/git: use upstream git-maintenance units

Browse Source
This commit is contained in:
Oystein Kristoffer Tveit
2025-03-27 15:06:44 +01:00
parent 0b24782307
commit 1b1fd42b61
2 changed files with 2 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
home/programs/git/default.nix
View File

@@ -14,10 +14,6 @@ let
];
in
{
imports = [
./maintenance-timers.nix
];
# TODO: convert to template once nix-sops supports it in hm module
sops.secrets."git/nordicsemi-config" = { };
@@ -35,6 +31,8 @@ in
signByDefault = true;
};
maintenance.enable = true;
lfs.enable = true;
delta = {

56
home/programs/git/maintenance-timers.nix
View File

@@ -1,56 +0,0 @@
{ config, pkgs, lib, ... }:
let
cfg = config.programs.git;
in
{
systemd.user.services."git-maintenance@" = {
Unit = {
Description = "Optimize Git repositories data";
Documentation = [ "man:git-maintenance(1)" ];
};
Service = {
Type = "oneshot";
ExecStart = "${lib.getExe pkgs.git} for-each-repo --config=maintenance.repo maintenance run --no-quiet --schedule=%i";
Environment = [
"PATH=${lib.makeBinPath (with pkgs; [ cfg.package openssh ])}"
];
LockPersonality = "yes";
MemoryDenyWriteExecute = "yes";
NoNewPrivileges = "yes";
RestrictAddressFamilies = [
"AF_UNIX"
"AF_INET"
"AF_INET6"
"AF_VSOCK"
];
RestrictNamespaces = "yes";
RestrictRealtime = "yes";
RestrictSUIDSGID = "yes";
SystemCallArchitectures = "native";
SystemCallFilter = "@system-service";
};
};
systemd.user.timers."git-maintenance@" = {
Unit = {
Description = "Optimize Git repositories data";
Documentation = [ "man:git-maintenance(1)" ];
};
Timer = {
Persistent = true;
OnCalendar = "%i";
};
Install = {
WantedBy = [ "timers.target" ];
};
};
systemd.user.timers."git-maintenance@hourly".Timer.OnCalendar = "*-*-* 1..23:05:00";
systemd.user.timers."git-maintenance@daily".Timer.OnCalendar = "Tue..Sun *-*-* 0:05:00";
systemd.user.timers."git-maintenance@weekly".Timer.OnCalendar = "Mon 0:05:00";
}