From a294daf7e328db7388349244f75e6830e93b449c Mon Sep 17 00:00:00 2001 From: Rodrigo Arias Mallo Date: Mon, 27 Oct 2025 12:54:20 +0100 Subject: [PATCH 1/2] Use specific mail-robot group to send mail MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Allows any user to be able to send mail from the robot account as long as it is added to the mail-robot group. Reviewed-by: Aleix Boné --- m/hut/gitea.nix | 3 +++ m/hut/msmtp.nix | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/m/hut/gitea.nix b/m/hut/gitea.nix index 02e0d50b..433b2016 100644 --- a/m/hut/gitea.nix +++ b/m/hut/gitea.nix @@ -29,6 +29,9 @@ }; }; + # Allow gitea user to send mail + users.users.gitea.extraGroups = [ "mail-robot" ]; + services.gitea-actions-runner.instances = { runrun = { enable = true; diff --git a/m/hut/msmtp.nix b/m/hut/msmtp.nix index aaeaf5d0..73a9a49a 100644 --- a/m/hut/msmtp.nix +++ b/m/hut/msmtp.nix @@ -1,8 +1,11 @@ { config, lib, ... }: { + # Robot user that can see the password to send mail from jungle-robot + users.groups.mail-robot = {}; + age.secrets.jungleRobotPassword = { file = ../../secrets/jungle-robot-password.age; - group = "gitea"; + group = "mail-robot"; mode = "440"; }; -- 2.49.0 From 019826d09eebb342146d40d7f3251f81fc126c3d Mon Sep 17 00:00:00 2001 From: Rodrigo Arias Mallo Date: Tue, 21 Oct 2025 17:47:35 +0200 Subject: [PATCH 2/2] Add OmpSs-2 release timers and services MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Send a reminder email to the STAR group to mark the release cycle dates. Reviewed-by: Aleix Boné --- m/hut/configuration.nix | 1 + m/hut/ompss2-timer.nix | 85 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+) create mode 100644 m/hut/ompss2-timer.nix diff --git a/m/hut/configuration.nix b/m/hut/configuration.nix index 9e8c1a2f..7fabe4fb 100644 --- a/m/hut/configuration.nix +++ b/m/hut/configuration.nix @@ -17,6 +17,7 @@ ./postgresql.nix ./nginx.nix ./p.nix + ./ompss2-timer.nix #./pxe.nix ]; diff --git a/m/hut/ompss2-timer.nix b/m/hut/ompss2-timer.nix new file mode 100644 index 00000000..c1c4549e --- /dev/null +++ b/m/hut/ompss2-timer.nix @@ -0,0 +1,85 @@ +{ config, pkgs, ... }: +{ + systemd.timers = { + "ompss2-closing" = { + wantedBy = [ "timers.target" ]; + timerConfig = { + Unit = "ompss2-closing.service"; + OnCalendar = [ "*-03-15 07:00:00" "*-09-15 07:00:00"]; + }; + }; + "ompss2-freeze" = { + wantedBy = [ "timers.target" ]; + timerConfig = { + Unit = "ompss2-freeze.service"; + OnCalendar = [ "*-04-15 07:00:00" "*-10-15 07:00:00" ]; + }; + }; + "ompss2-release" = { + wantedBy = [ "timers.target" ]; + timerConfig = { + Unit = "ompss2-release.service"; + OnCalendar = [ "*-05-15 07:00:00" "*-11-15 07:00:00" ]; + }; + }; + }; + + systemd.services = + let + closing = pkgs.writeText "closing.txt" + '' + Subject: OmpSs-2 release enters closing period + + Hi, + + You have one month to merge the remaining features for the next OmpSs-2 + release. Please, identify what needs to be merged and discuss it in the next + OmpSs-2 meeting. + + Thanks!, + Jungle robot + ''; + freeze = pkgs.writeText "freeze.txt" + '' + Subject: OmpSs-2 release enters freeze period + + Hi, + + The period to introduce new features or breaking changes is over, only bug + fixes are allowed now. During this time, please prepare the release notes + to be included in the next OmpSs-2 release. + + Thanks!, + Jungle robot + ''; + release = pkgs.writeText "release.txt" + '' + Subject: OmpSs-2 release now + + Hi, + + The period to introduce bug fixes is now over. Please, proceed to do the + OmpSs-2 release. + + Thanks!, + Jungle robot + ''; + mkServ = name: mail: { + "ompss2-${name}" = { + script = '' + set -eu + set -o pipefail + cat ${mail} | ${config.security.wrapperDir}/sendmail star@bsc.es + ''; + serviceConfig = { + Type = "oneshot"; + DynamicUser = true; + Group = "mail-robot"; + }; + }; + }; + in + (mkServ "closing" closing) // + (mkServ "freeze" freeze) // + (mkServ "release" release); +} -- 2.49.0