JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #270260 from SuperSandro2000/gitea-camo-hmac

Browse Source 
nixos/gitea: add hmacKey support
This commit is contained in:
Maximilian Bosch 2023-12-20 19:02:20 +01:00 committed by GitHub
commit 571f06ad0d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
nixos/modules/services/misc/gitea.nix
View File

@ -234,6 +234,13 @@ in
description = lib.mdDoc "Path to the git repositories."; description = lib.mdDoc "Path to the git repositories.";
}; };
camoHmacKeyFile = mkOption {
type = types.nullOr types.str;
default = null;
example = "/var/lib/secrets/gitea/camoHmacKey";
description = lib.mdDoc "Path to a file containing the camo HMAC key.";
};
mailerPasswordFile = mkOption { mailerPasswordFile = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;
@ -429,6 +436,10 @@ in
LFS_JWT_SECRET = "#lfsjwtsecret#"; LFS_JWT_SECRET = "#lfsjwtsecret#";
}; };
camo = mkIf (cfg.camoHmacKeyFile != null) {
HMAC_KEY = "#hmackey#";
};
session = { session = {
COOKIE_NAME = lib.mkDefault "session"; COOKIE_NAME = lib.mkDefault "session";
}; };
@ -570,6 +581,10 @@ in
${replaceSecretBin} '#lfsjwtsecret#' '${lfsJwtSecret}' '${runConfig}' ${replaceSecretBin} '#lfsjwtsecret#' '${lfsJwtSecret}' '${runConfig}'
''} ''}
${lib.optionalString (cfg.camoHmacKeyFile != null) ''
${replaceSecretBin} '#hmackey#' '${cfg.camoHmacKeyFile}' '${runConfig}'
''}
${lib.optionalString (cfg.mailerPasswordFile != null) '' ${lib.optionalString (cfg.mailerPasswordFile != null) ''
${replaceSecretBin} '#mailerpass#' '${cfg.mailerPasswordFile}' '${runConfig}' ${replaceSecretBin} '#mailerpass#' '${cfg.mailerPasswordFile}' '${runConfig}'
''} ''}