commit 6648488333f66dd8fee678f27fb33016b046090f

pyrox.dev / nixpkgs

lol

fork atom

sourcehut: fix logging of git/hg ssh commands

Signed-off-by: Christoph Heiss <christoph@c8h4.io>

Christoph Heiss 2 years ago 66484883 6e518021

+41 -4

3 changed files

expand all

unified split

nixos

modules

services

misc

sourcehut

default.nix

pkgs

applications

version-management

sourcehut

git.nix

hg.nix

+13 -4

nixos/modules/services/misc/sourcehut/default.nix

··· 801 ''; 802 }; 803 systemd.services.sshd = { 804 - #path = optional cfg.git.enable [ cfg.git.package ]; 805 serviceConfig = { 806 - BindPaths = optionals cfg.git.enable [ 807 - "/var/log:/var/log" 808 - ]; 809 BindReadOnlyPaths = 810 # Note that those /usr/bin/* paths are hardcoded in multiple places in *.sr.ht, 811 # for instance to get the user from the [git.sr.ht::dispatch] settings.

··· 801 ''; 802 }; 803 systemd.services.sshd = { 804 + preStart = concatStringsSep "\n" ( 805 + optionals cfg.git.enable (map (n: '' 806 + touch /var/log/sourcehut/gitsrht-${n} # create if it does not exist yet 807 + chown --silent ${cfg.git.user}:${cfg.git.group} /var/log/sourcehut/gitsrht-${n} || true 808 + '') [ 809 + "keys" 810 + "shell" 811 + "update-hook" 812 + ]) ++ 813 + optional cfg.hg.enable [ 814 + "chown ${cfg.hg.user}:${cfg.hg.group} /var/log/sourcehut/hgsrht-keys" 815 + ]); 816 serviceConfig = { 817 + LogsDirectory = mkIf (cfg.git.enable || cfg.hg.enable) "sourcehut"; 818 BindReadOnlyPaths = 819 # Note that those /usr/bin/* paths are hardcoded in multiple places in *.sr.ht, 820 # for instance to get the user from the [git.sr.ht::dispatch] settings.

+20

pkgs/applications/version-management/sourcehut/git.nix

··· 31 pname = "gitsrht-dispatch"; 32 modRoot = "gitsrht-dispatch"; 33 vendorHash = "sha256-EDvSZ3/g0xDSohrsAIpNhk+F0yy8tbnTW/3tURTonMc="; 34 }; 35 36 gitKeys = buildGoModule { ··· 38 pname = "gitsrht-keys"; 39 modRoot = "gitsrht-keys"; 40 vendorHash = "sha256-9pojS69HCKVHUceyOpGtv9ewcxFD4WsOVsEzkmWJkF4="; 41 }; 42 43 gitShell = buildGoModule { ··· 45 pname = "gitsrht-shell"; 46 modRoot = "gitsrht-shell"; 47 vendorHash = "sha256-WqfvSPuVsOHA//86u33atMfeA11+DJhjLmWy8Ivq0NI="; 48 }; 49 50 gitUpdateHook = buildGoModule { ··· 52 pname = "gitsrht-update-hook"; 53 modRoot = "gitsrht-update-hook"; 54 vendorHash = "sha256-Bc3yPabS2S+qiroHFKrtkII/CfzBDYQ6xWxKHAME+Tc="; 55 }; 56 57 in

··· 31 pname = "gitsrht-dispatch"; 32 modRoot = "gitsrht-dispatch"; 33 vendorHash = "sha256-EDvSZ3/g0xDSohrsAIpNhk+F0yy8tbnTW/3tURTonMc="; 34 + 35 + postPatch = '' 36 + substituteInPlace gitsrht-dispatch/main.go \ 37 + --replace /var/log/gitsrht-dispatch /var/log/sourcehut/gitsrht-dispatch 38 + ''; 39 }; 40 41 gitKeys = buildGoModule { ··· 43 pname = "gitsrht-keys"; 44 modRoot = "gitsrht-keys"; 45 vendorHash = "sha256-9pojS69HCKVHUceyOpGtv9ewcxFD4WsOVsEzkmWJkF4="; 46 + 47 + postPatch = '' 48 + substituteInPlace gitsrht-keys/main.go \ 49 + --replace /var/log/gitsrht-keys /var/log/sourcehut/gitsrht-keys 50 + ''; 51 }; 52 53 gitShell = buildGoModule { ··· 55 pname = "gitsrht-shell"; 56 modRoot = "gitsrht-shell"; 57 vendorHash = "sha256-WqfvSPuVsOHA//86u33atMfeA11+DJhjLmWy8Ivq0NI="; 58 + 59 + postPatch = '' 60 + substituteInPlace gitsrht-shell/main.go \ 61 + --replace /var/log/gitsrht-shell /var/log/sourcehut/gitsrht-shell 62 + ''; 63 }; 64 65 gitUpdateHook = buildGoModule { ··· 67 pname = "gitsrht-update-hook"; 68 modRoot = "gitsrht-update-hook"; 69 vendorHash = "sha256-Bc3yPabS2S+qiroHFKrtkII/CfzBDYQ6xWxKHAME+Tc="; 70 + 71 + postPatch = '' 72 + substituteInPlace gitsrht-update-hook/main.go \ 73 + --replace /var/log/gitsrht-update-hook /var/log/sourcehut/gitsrht-update-hook 74 + ''; 75 }; 76 77 in

pkgs/applications/version-management/sourcehut/hg.nix

··· 25 postPatch = '' 26 substituteInPlace Makefile \ 27 --replace "all: api hgsrht-keys" "" 28 ''; 29 30 hgsrht-api = buildGoModule ({ ··· 39 pname = "hgsrht-keys"; 40 modRoot = "hgsrht-keys"; 41 vendorHash = "sha256-7ti8xCjSrxsslF7/1X/GY4FDl+69hPL4UwCDfjxmJLU="; 42 }; 43 44 propagatedBuildInputs = [

··· 25 postPatch = '' 26 substituteInPlace Makefile \ 27 --replace "all: api hgsrht-keys" "" 28 + 29 + substituteInPlace hgsrht-shell \ 30 + --replace /var/log/hgsrht-shell /var/log/sourcehut/hgsrht-shell 31 ''; 32 33 hgsrht-api = buildGoModule ({ ··· 42 pname = "hgsrht-keys"; 43 modRoot = "hgsrht-keys"; 44 vendorHash = "sha256-7ti8xCjSrxsslF7/1X/GY4FDl+69hPL4UwCDfjxmJLU="; 45 + 46 + postPatch = '' 47 + substituteInPlace hgsrht-keys/main.go \ 48 + --replace /var/log/hgsrht-keys /var/log/sourcehut/hgsrht-keys 49 + ''; 50 }; 51 52 propagatedBuildInputs = [