From bb0af02e5c28952c9c9d937861007955ac25e490 Mon Sep 17 00:00:00 2001
From: echtnurich <ich@echtnurich.de>
Date: Fri, 24 Jan 2025 18:00:26 +0100
Subject: [PATCH 1/2] use nix option for ExecReload
---
config/hosts/yate/yate.nix | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff --git a/config/hosts/yate/yate.nix b/config/hosts/yate/yate.nix
index d5e64f1..89f225e 100644
--- a/config/hosts/yate/yate.nix
+++ b/config/hosts/yate/yate.nix
@@ -45,11 +45,6 @@
};
serviceConfig = {
ExecStart = "${pkgs.yate}/bin/yate -c /etc/yate -e /etc/yate/share";
- ExecReload= ''
- ${pkgs.git}/bin/git config --global --add safe.directory /var/lib/yate
- /usr/bin/env GIT_SSH_COMMAND=\\"${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key\\" ${pkgs.git}/bin/git -C /var/lib/yate fetch --all
- /usr/bin/env GIT_SSH_COMMAND=\\"${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key\\" ${pkgs.git}/bin/git -C /var/lib/yate reset --hard origin/main
- '';
Type="simple";
Restart="always";
User="yate";
@@ -61,15 +56,22 @@
requires = [ "network-online.target" ];
preStart = ''
echo \"\n\" >> /run/secrets/git_clone_key
+ id
sleep 5
SSH_SUCCESS=1
${pkgs.openssh}/bin/ssh -q -i /run/secrets/git_clone_key forgejo@git.hamburg.ccc.de 2> /var/lib/yate/SSH_CHECK_LOG || SSH_SUCCESS=0
if [ $SSH_SUCCESS = 1 ]; then
rm -rf /var/lib/yate/*
rm -rf /var/lib/yate/.*
- env GIT_SSH_COMMAND=\"${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key\" ${pkgs.git}/bin/git clone forgejo@git.hamburg.ccc.de:CCCHH/yate-config.git /var/lib/yate
- ${pkgs.git}/bin/git -C /var/lib/yate config --add safe.directory \"/var/lib/yate\"
+ env GIT_SSH_COMMAND="${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key" ${pkgs.git}/bin/git clone forgejo@git.hamburg.ccc.de:CCCHH/yate-config.git /var/lib/yate
+ ${pkgs.git}/bin/git -C /var/lib/yate config --add safe.directory "/var/lib/yate"
fi
'';
+ reload= ''
+ id
+ ${pkgs.git}/bin/git config --global --add safe.directory /var/lib/yate
+ /usr/bin/env GIT_SSH_COMMAND="${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key" ${pkgs.git}/bin/git -C /var/lib/yate fetch --all
+ /usr/bin/env GIT_SSH_COMMAND="${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key" ${pkgs.git}/bin/git -C /var/lib/yate reset --hard origin/master
+ '';
};
}
--
2.47.2
From 5cf9cffa77b4e1e1179305b9ad7eca6d40cce177 Mon Sep 17 00:00:00 2001
From: echtnurich <ich@echtnurich.de>
Date: Fri, 24 Jan 2025 19:54:31 +0100
Subject: [PATCH 2/2] add more checks before config reinit
---
config/hosts/yate/yate.nix | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/config/hosts/yate/yate.nix b/config/hosts/yate/yate.nix
index 89f225e..236e1f0 100644
--- a/config/hosts/yate/yate.nix
+++ b/config/hosts/yate/yate.nix
@@ -55,12 +55,13 @@
wantedBy = [ "default.target" ];
requires = [ "network-online.target" ];
preStart = ''
- echo \"\n\" >> /run/secrets/git_clone_key
- id
+ echo "\n" >> /run/secrets/git_clone_key
sleep 5
+ id
+ echo "$(stat -c '%U' /var/lib/yate/.git) owns /var/lib/yate/.git"
SSH_SUCCESS=1
${pkgs.openssh}/bin/ssh -q -i /run/secrets/git_clone_key forgejo@git.hamburg.ccc.de 2> /var/lib/yate/SSH_CHECK_LOG || SSH_SUCCESS=0
- if [ $SSH_SUCCESS = 1 ]; then
+ if [[ $SSH_SUCCESS = 1 && $(stat -c '%U' /var/lib/yate/.git) == *yate* ]]; then
rm -rf /var/lib/yate/*
rm -rf /var/lib/yate/.*
env GIT_SSH_COMMAND="${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key" ${pkgs.git}/bin/git clone forgejo@git.hamburg.ccc.de:CCCHH/yate-config.git /var/lib/yate
--
2.47.2