41 lines
897 B
Nix
41 lines
897 B
Nix
{
|
|
config,
|
|
self,
|
|
pkgs,
|
|
...
|
|
}:
|
|
|
|
let
|
|
s = config.sops.secrets;
|
|
cfg = config.services.marge-bot;
|
|
|
|
secretConfig = {
|
|
owner = cfg.user;
|
|
group = cfg.group;
|
|
sopsFile = ../../secrets/stonehenge/default.yaml;
|
|
};
|
|
in
|
|
{
|
|
services.marge-bot = {
|
|
enable = true;
|
|
package = self.packages.${pkgs.system}.marge-bot;
|
|
gitlabUrl = "https://gitlab.wopus.dev";
|
|
authTokenFile = s."gitlab-marge-bot/token".path;
|
|
sshKeyFile = s."gitlab-marge-bot/ssh-secret-key".path;
|
|
settings = {
|
|
ci-timeout = "60min";
|
|
add-part-of = true;
|
|
add-reviewers = true;
|
|
keep-reviewers = true;
|
|
keep-commits = true;
|
|
impersonate-approvers = true;
|
|
|
|
batch = true;
|
|
use-no-ff-batches = true;
|
|
skip-ci-batches = true;
|
|
};
|
|
};
|
|
|
|
sops.secrets."gitlab-marge-bot/token" = secretConfig;
|
|
sops.secrets."gitlab-marge-bot/ssh-secret-key" = secretConfig;
|
|
}
|