snippet = builtins.readFile ./ldap_gitolite.sh;
dependencies = [ pkgs.gitolite ];
}];
- services.duplyBackup.profiles.gitolite = {
- rootDir = cfg.gitoliteDir;
- };
networking.firewall.allowedTCPPorts = [ 9418 ];
+ secrets.keys."gitolite/ldap_password" = {
+ user = "gitolite";
+ group = "gitolite";
+ permissions = "0400";
+ text = config.myEnv.tools.gitolite.ldap.password;
+ };
+
services.gitDaemon = {
enable = true;
user = "gitolite";
} ''
makeWrapper "${./gitolite_ldap_groups.sh}" "$out" \
--prefix PATH : ${lib.makeBinPath deps} \
- --set LDAP_PASS ${pkgs.lib.escapeShellArg config.myEnv.tools.gitolite.ldap.password}
+ --set LDAP_PASS_PATH ${config.secrets.fullPaths."gitolite/ldap_password"}
'';
in {
deps = [ "users" ];
};
users.users.wwwrun.extraGroups = [ "gitolite" ];
+ users.users.gitolite.extraGroups = [ "keys" ];
users.users.gitolite.packages = let
python-packages = python-packages: with python-packages; [
in
[
(pkgs.python3.withPackages python-packages)
+ pkgs.nettools
+ pkgs.findutils
];
# Installation: https://git.immae.eu/mantisbt/view.php?id=93
services.gitolite = {
enable = true;
- adminPubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDXqRbiHw7QoHADNIEuo4nUT9fSOIEBMdJZH0bkQAxXyJFyCM1IMz0pxsHV0wu9tdkkr36bPEUj2aV5bkYLBN6nxcV2Y49X8bjOSCPfx3n6Own1h+NeZVBj4ZByrFmqCbTxUJIZ2bZKcWOFncML39VmWdsVhNjg0X4NBBehqXRIKr2gt3E/ESAxTYJFm0BnU0baciw9cN0bsRGqvFgf5h2P48CIAfwhVcGmPQnnAwabnosYQzRWxR0OygH5Kd8mePh6FheIRIigfXsDO8f/jdxwut8buvNIf3m5EBr3tUbTsvM+eV3M5vKGt7sk8T64DVtepTSdOOWtp+47ktsnHOMh immae@immae.eu";
+ adminPubkey = config.myEnv.sshd.rootKeys.immae_dilion;
};
};
}
projects / perso / Immae / Config / Nix.git / blobdiff