pyrox.dev
Merge pull request #270260 from SuperSandro2000/gitea-camo-hmac
nixos/gitea: add hmacKey support
authored by Maximilian Bosch and committed by GitHub 571f06ad 3d19c43d
+15
nixos/modules/services/misc/gitea.nix
+15
nixos/modules/services/misc/gitea.nix
···
234
234
description = lib.mdDoc "Path to the git repositories.";
235
235
};
236
236
237
+
camoHmacKeyFile = mkOption {
238
+
type = types.nullOr types.str;
239
+
default = null;
240
+
example = "/var/lib/secrets/gitea/camoHmacKey";
241
+
description = lib.mdDoc "Path to a file containing the camo HMAC key.";
242
+
};
243
+
237
244
mailerPasswordFile = mkOption {
238
245
type = types.nullOr types.str;
239
246
default = null;
···
429
436
LFS_JWT_SECRET = "#lfsjwtsecret#";
430
437
};
431
438
439
+
camo = mkIf (cfg.camoHmacKeyFile != null) {
440
+
HMAC_KEY = "#hmackey#";
441
+
};
442
+
432
443
session = {
433
444
COOKIE_NAME = lib.mkDefault "session";
434
445
};
···
568
579
569
580
${lib.optionalString cfg.lfs.enable ''
570
581
${replaceSecretBin} '#lfsjwtsecret#' '${lfsJwtSecret}' '${runConfig}'
582
+
''}
583
+
584
+
${lib.optionalString (cfg.camoHmacKeyFile != null) ''
585
+
${replaceSecretBin} '#hmackey#' '${cfg.camoHmacKeyFile}' '${runConfig}'
571
586
''}
572
587
573
588
${lib.optionalString (cfg.mailerPasswordFile != null) ''