about summary refs log tree commit diff
path: root/ops/modules/gerrit-autosubmit.nix
diff options
context:
space:
mode:
Diffstat (limited to 'ops/modules/gerrit-autosubmit.nix')
-rw-r--r--ops/modules/gerrit-autosubmit.nix42
1 files changed, 42 insertions, 0 deletions
diff --git a/ops/modules/gerrit-autosubmit.nix b/ops/modules/gerrit-autosubmit.nix
new file mode 100644
index 000000000000..03b293ce2e9b
--- /dev/null
+++ b/ops/modules/gerrit-autosubmit.nix
@@ -0,0 +1,42 @@
+# Configuration for the Gerrit autosubmit bot (//ops/gerrit-autosubmit)
+{ depot, pkgs, config, lib, ... }:
+
+let
+  cfg = config.services.depot.gerrit-autosubmit;
+  description = "gerrit-autosubmit - autosubmit bot for Gerrit";
+  mkStringOption = default: lib.mkOption {
+    inherit default;
+    type = lib.types.str;
+  };
+in
+{
+  options.services.depot.gerrit-autosubmit = {
+    enable = lib.mkEnableOption description;
+    gerritUrl = mkStringOption "https://cl.tvl.fyi";
+
+    secretsFile = with lib; mkOption {
+      description = "Path to a systemd EnvironmentFile containing secrets";
+      default = config.age.secretsDir + "/gerrit-autosubmit";
+      type = types.str;
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    systemd.services.gerrit-autosubmit = {
+      inherit description;
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network-online.target" ];
+
+      serviceConfig = {
+        ExecStart = "${depot.ops.gerrit-autosubmit}/bin/gerrit-autosubmit";
+        DynamicUser = true;
+        Restart = "always";
+        EnvironmentFile = cfg.secretsFile;
+      };
+
+      environment = {
+        GERRIT_URL = cfg.gerritUrl;
+      };
+    };
+  };
+}