commit 571f06ad0dadf17f2f90e4860c9ca288bbf00e58 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

Merge pull request #270260 from SuperSandro2000/gitea-camo-hmac

nixos/gitea: add hmacKey support

authored by Maximilian Bosch and committed by GitHub 2 years ago 571f06ad 3d19c43d

+15

1 changed file

expand all

unified split

nixos

modules

services

misc

gitea.nix

+15

nixos/modules/services/misc/gitea.nix

··· 234 description = lib.mdDoc "Path to the git repositories."; 235 }; 236 237 mailerPasswordFile = mkOption { 238 type = types.nullOr types.str; 239 default = null; ··· 429 LFS_JWT_SECRET = "#lfsjwtsecret#"; 430 }; 431 432 session = { 433 COOKIE_NAME = lib.mkDefault "session"; 434 }; ··· 568 569 ${lib.optionalString cfg.lfs.enable '' 570 ${replaceSecretBin} '#lfsjwtsecret#' '${lfsJwtSecret}' '${runConfig}' 571 ''} 572 573 ${lib.optionalString (cfg.mailerPasswordFile != null) ''

··· 234 description = lib.mdDoc "Path to the git repositories."; 235 }; 236 237 + camoHmacKeyFile = mkOption { 238 + type = types.nullOr types.str; 239 + default = null; 240 + example = "/var/lib/secrets/gitea/camoHmacKey"; 241 + description = lib.mdDoc "Path to a file containing the camo HMAC key."; 242 + }; 243 + 244 mailerPasswordFile = mkOption { 245 type = types.nullOr types.str; 246 default = null; ··· 436 LFS_JWT_SECRET = "#lfsjwtsecret#"; 437 }; 438 439 + camo = mkIf (cfg.camoHmacKeyFile != null) { 440 + HMAC_KEY = "#hmackey#"; 441 + }; 442 + 443 session = { 444 COOKIE_NAME = lib.mkDefault "session"; 445 }; ··· 579 580 ${lib.optionalString cfg.lfs.enable '' 581 ${replaceSecretBin} '#lfsjwtsecret#' '${lfsJwtSecret}' '${runConfig}' 582 + ''} 583 + 584 + ${lib.optionalString (cfg.camoHmacKeyFile != null) '' 585 + ${replaceSecretBin} '#hmackey#' '${cfg.camoHmacKeyFile}' '${runConfig}' 586 ''} 587 588 ${lib.optionalString (cfg.mailerPasswordFile != null) ''