GLiCID/guix-glicid
7
0
Fork 0
mirror of https://gitlab.univ-nantes.fr/glicid-public/guix-glicid.git synced 2025-04-29 13:48:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
guix-glicid/glicid/services/gitlab.scm

117 lines
6.2 KiB
Scheme
Raw Blame History

(define-module (glicid services gitlab)
#:use-module (glicid packages gitlab)
#:use-module (gnu services)
#:use-module (gnu services shepherd)
#:use-module (gnu system shadow)
#:use-module (gnu system pam)
#:use-module (gnu packages admin)
#:use-module (gnu packages base)
#:use-module (gnu packages certs)
#:use-module (gnu packages version-control)
#:use-module (guix gexp)
#:use-module (guix modules)
#:use-module (guix records)
#:use-module (ice-9 match)
#:export (gitlab-runner-configuration
gitlab-runner-configuration?
gitlab-runner-service-type))
(define-record-type* <gitlab-runner-configuration>
gitlab-runner-configuration
make-gitlab-runner-configuration
gitlab-runner-configuration?
(package gitlab-runner-configuration-package (default gitlab-runner))
(name gitlab-runner-configuration-name (default "guix-runner"))
(url gitlab-runner-configuration-url (default "gitlab.com"))
(token gitlab-runner-configuration-token (default ""))
(executor gitlab-runner-configuration-executor (default "shell"))
(output-limit gitlab-runner-configuration-output-limit (default 16384)))
(define %gitlab-runner-accounts
(list (user-account
(name "gitlab-runner")
(group "gitlab-runner")
(system? #t)
(comment "gitlab-runner daemon user")
(home-directory "/var/empty")
(shell (file-append shadow "/sbin/nologin")))
(user-group
(name "gitlab-runner")
(system? #t))))
(define %gitlab-runner-activation
(match-lambda
(($ <gitlab-runner-configuration> package name url token executor output-limit)
#~(begin
(use-modules (guix build utils))
(define (mkdir-p/perms directory owner perms)
(mkdir-p directory)
(chown directory
(passwd:uid owner)
(passwd:gid owner))
(chmod directory perms))
(let ((user (getpwnam "gitlab-runner"))
(config-dir "/var/cache/guix/gitlab-runner"))
(mkdir-p/perms "/builds" user #o755)
(mkdir-p/perms config-dir user #o755))))))
(define gitlab-runner-shepherd-service
(match-lambda
(($ <gitlab-runner-configuration> package name url token
executor output-limit)
(with-imported-modules (source-module-closure
'((gnu build shepherd)))
(shepherd-service
(documentation "Gitlab-runner daemon")
(provision '(gitlab-runner))
(requirement '(networking))
(modules '((gnu build shepherd)
(shepherd service)))
(start
#~(lambda ()
(let ((config-file "/var/cache/guix/gitlab-runner/gitlab.toml")
(certs-dir #$(file-append nss-certs "/etc/ssl/certs/")))
(define (register-runner)
(if (not (file-exists? config-file))
(zero?
(system* #$(file-append package "/bin/gitlab-runner")
"register"
"--non-interactive"
"--config" config-file
"--name" #$name
"--url" #$url
"--executor" #$executor
"--output-limit"
(number->string #$output-limit)
"--registration-token" #$token))
#t))
(let ((command (list #$(file-append package "/bin/gitlab-runner") "run" "--config" config-file))
(environment (list "HOME=/builds" ;for 'guix pull'
"PATH=/run/current-system/profile/bin"
(string-append "SSL_CERT_DIR=" certs-dir)
(string-append "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale"))))
(if (register-runner)
(fork+exec-command command
#:user "gitlab-runner"
#:group "gitlab-runner"
#:log-file
"/var/log/gitlab-runner.log"
#:environment-variables
environment)
#f)))))
(stop #~(make-kill-destructor)))))))
(define gitlab-runner-service-type
(service-type
(name 'gitlab-runner)
(description
"Run gitlab-runner daemon @command{gitlab-runner run}.")
(extensions
(list (service-extension account-service-type (const %gitlab-runner-accounts))
(service-extension shepherd-root-service-type (compose list gitlab-runner-shepherd-service))
(service-extension activation-service-type %gitlab-runner-activation)
(service-extension profile-service-type (const (list git-minimal)))))
(default-value (gitlab-runner-configuration))))
Reference in a new issue View git blame Copy permalink