summary refs log tree commit diff
path: root/nixos/modules/services/misc/gitea.nix
diff options
context:
space:
mode:
authorIzorkin <izorkin@elven.pw>2020-07-31 00:04:23 +0300
committerIzorkin <izorkin@elven.pw>2020-08-05 11:19:32 +0300
commit4e68da6337638e49af9a17b0857196a60934c13f (patch)
tree7d5005ca442efe580dfb2e5f10a1850643c91303 /nixos/modules/services/misc/gitea.nix
parentf77e28d83df6ac53ac44156e06203d152ec5f667 (diff)
downloadnixpkgs-4e68da6337638e49af9a17b0857196a60934c13f.tar
nixpkgs-4e68da6337638e49af9a17b0857196a60934c13f.tar.gz
nixpkgs-4e68da6337638e49af9a17b0857196a60934c13f.tar.bz2
nixpkgs-4e68da6337638e49af9a17b0857196a60934c13f.tar.lz
nixpkgs-4e68da6337638e49af9a17b0857196a60934c13f.tar.xz
nixpkgs-4e68da6337638e49af9a17b0857196a60934c13f.tar.zst
nixpkgs-4e68da6337638e49af9a17b0857196a60934c13f.zip
nixos/gitea: add 'backupDir' option
Diffstat (limited to 'nixos/modules/services/misc/gitea.nix')
-rw-r--r--nixos/modules/services/misc/gitea.nix13


1 files changed, 11 insertions, 2 deletions
diff --git a/nixos/modules/services/misc/gitea.nix b/nixos/modules/services/misc/gitea.nix
index 15aeb191f57..28609f8ec8a 100644
--- a/nixos/modules/services/misc/gitea.nix
+++ b/nixos/modules/services/misc/gitea.nix
@@ -162,6 +162,12 @@ in
             <manvolnum>7</manvolnum></citerefentry>.
           '';
         };
+
+        backupDir = mkOption {
+          type = types.str;
+          default = "${cfg.stateDir}/dump";
+          description = "Path to the dump files.";
+        };
       };
 
       appName = mkOption {
@@ -357,6 +363,9 @@ in
     };
 
     systemd.tmpfiles.rules = [
+      "d '${cfg.dump.backupDir}' 0750 ${cfg.user} gitea - -"
+      "z '${cfg.dump.backupDir}' 0750 ${cfg.user} gitea - -"
+      "Z '${cfg.dump.backupDir}' - ${cfg.user} gitea - -"
       "d '${cfg.repositoryRoot}' 0750 ${cfg.user} gitea - -"
       "z '${cfg.repositoryRoot}' 0750 ${cfg.user} gitea - -"
       "Z '${cfg.repositoryRoot}' - ${cfg.user} gitea - -"
@@ -448,7 +457,7 @@ in
         ProtectKernelTunables = true;
         ProtectKernelModules = true;
         ProtectControlGroups = true;
-        ReadWritePaths = [ cfg.repositoryRoot cfg.stateDir ];
+        ReadWritePaths = [ cfg.dump.backupDir cfg.repositoryRoot cfg.stateDir ];
         UMask = "0027";
         # Caps
         CapabilityBoundingSet = "";
@@ -513,7 +522,7 @@ in
          Type = "oneshot";
          User = cfg.user;
          ExecStart = "${gitea}/bin/gitea dump";
-         WorkingDirectory = cfg.stateDir;
+         WorkingDirectory = cfg.dump.backupDir;
        };
     };
 

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-17 12:27:40 +0000