fleet/pkgs/naut: a little commit notification bot

After a couple of days wrangling Rust's async ecosystem, we now have
an IRC bot that will announce new commits. This should hopefully give
people a better view into what we're working on!

Change-Id: Ie7b3be62afca3ad2a10cb04c15ff666c62408fa2

2 files changed, 51 insertions, 0 deletions

diff --git a/fleet/hosts/trieste/default.nix b/fleet/hosts/trieste/default.nix
index 08dce1f..2749961 100644
--- a/fleet/hosts/trieste/default.nix
+++ b/fleet/hosts/trieste/default.nix
@@ -12,6 +12,7 @@ with lib;
     ./git.nix
     ./lists.nix
     ./mail.nix
+    ./naut.nix
     ./web.nix
   ];
 
diff --git a/fleet/hosts/trieste/naut.nix b/fleet/hosts/trieste/naut.nix
new file mode 100644
index 0000000..85a9a5e
--- /dev/null
+++ b/fleet/hosts/trieste/naut.nix
@@ -0,0 +1,50 @@
+# SPDX-FileCopyrightText: V <v@unfathomable.blue>
+# SPDX-License-Identifier: OSL-3.0
+
+{ pkgs, ... }:
+
+let
+  socket = "/run/naut/naut.sock";
+  proxySocket = "/run/naut/naut-proxy.sock";
+
+  config = {
+      "#unfathomable" = [ "nixos-config" ];
+      "#ripple" = [ "ripple" "ripple-website" ];
+    };
+in {
+  systemd.sockets.naut-proxy = {
+    wantedBy = [ "sockets.target" ];
+    listenStreams = [ proxySocket ];
+    socketConfig.SocketUser = "git";
+  };
+
+  systemd.services.naut-proxy = {
+    serviceConfig.ExecStart = "${pkgs.systemd}/lib/systemd/systemd-socket-proxyd ${socket}";
+  };
+
+  systemd.services.naut = {
+    wantedBy = [ "multi-user.target" ];
+
+    environment.NAUT_SOCK = socket;
+    environment.NAUT_CONFIG = (pkgs.formats.toml {}).generate "naut.toml" config;
+
+    serviceConfig = {
+      ExecStart = "${pkgs.naut}/bin/naut";
+      EnvironmentFile = "/etc/naut/env";
+      Restart = "on-failure";
+
+      DynamicUser = true;
+      SupplementaryGroups = [ "git" ];
+      RuntimeDirectory = "naut";
+    };
+  };
+
+  declarative.git.hooks.post-receive = [
+    (pkgs.writeShellScript "nautify" ''
+      {
+        pwd
+        cat
+      } | nc -UN ${proxySocket}
+    '')
+  ];
+}