summary refs log tree commit diff
path: root/nixos/modules/services/misc/gitea.nix
diff options
context:
space:
mode:
authorAaron Andersen <aaron@fosslib.net>2019-05-22 21:07:08 -0400
committerAaron Andersen <aaron@fosslib.net>2019-06-10 20:32:35 -0400
commit9d251d8b21229c1bc307d87e3258e90bdf0968bb (patch)
treecb0d928a4ac5c5253785cd09fae0eb9374417565 /nixos/modules/services/misc/gitea.nix
parent615f8b8982b26bbb1a3e202be020d27a9f205c62 (diff)
downloadnixpkgs-9d251d8b21229c1bc307d87e3258e90bdf0968bb.tar
nixpkgs-9d251d8b21229c1bc307d87e3258e90bdf0968bb.tar.gz
nixpkgs-9d251d8b21229c1bc307d87e3258e90bdf0968bb.tar.bz2
nixpkgs-9d251d8b21229c1bc307d87e3258e90bdf0968bb.tar.lz
nixpkgs-9d251d8b21229c1bc307d87e3258e90bdf0968bb.tar.xz
nixpkgs-9d251d8b21229c1bc307d87e3258e90bdf0968bb.tar.zst
nixpkgs-9d251d8b21229c1bc307d87e3258e90bdf0968bb.zip
nixos/gitea: define a gitea group to avoid "nogroup" ownership
Diffstat (limited to 'nixos/modules/services/misc/gitea.nix')
-rw-r--r--nixos/modules/services/misc/gitea.nix12


1 files changed, 10 insertions, 2 deletions
diff --git a/nixos/modules/services/misc/gitea.nix b/nixos/modules/services/misc/gitea.nix
index 5f654230bf4..b3b7ec10e6e 100644
--- a/nixos/modules/services/misc/gitea.nix
+++ b/nixos/modules/services/misc/gitea.nix
@@ -304,6 +304,10 @@ in
       ];
     };
 
+    systemd.tmpfiles.rules = [
+      "Z '${cfg.stateDir}' - ${cfg.user} gitea - -"
+    ];
+
     systemd.services.gitea = {
       description = "gitea";
       after = [ "network.target" ] ++ lib.optional usePostgresql "postgresql.service" ++ lib.optional useMysql "mysql.service";
@@ -363,6 +367,7 @@ in
       serviceConfig = {
         Type = "simple";
         User = cfg.user;
+        Group = "gitea";
         WorkingDirectory = cfg.stateDir;
         PermissionsStartOnly = true;
         ExecStart = "${gitea.bin}/bin/gitea web";
@@ -376,15 +381,18 @@ in
       };
     };
 
-    users = mkIf (cfg.user == "gitea") {
-      users.gitea = {
+    users.users = mkIf (cfg.user == "gitea") {
+      gitea = {
         description = "Gitea Service";
         home = cfg.stateDir;
         createHome = true;
         useDefaultShell = true;
+        group = "gitea";
       };
     };
 
+    users.groups.gitea = {};
+
     warnings = optional (cfg.database.password != "")
       ''config.services.gitea.database.password will be stored as plaintext
         in the Nix store. Use database.passwordFile instead.'';

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-17 15:40:12 +0000