public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gitlab-shell: fix config path finding 

and remove TimeoutSec for gitlab
This commit is contained in:
Robin Gloster 2018-03-19 21:52:36 +01:00
parent fa347164b6
commit 31d77fd4f3
No known key found for this signature in database
GPG Key ID: D5C458DF6DD97EDF
3 changed files with 6 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nixos/modules/services/misc/gitlab.nix
View File

@ -500,7 +500,7 @@ in {
Type = "simple"; Type = "simple";
User = cfg.user; User = cfg.user;
Group = cfg.group; Group = cfg.group;
TimeoutSec = "300"; TimeoutSec = "infinity";
Restart = "on-failure"; Restart = "on-failure";
WorkingDirectory = gitlabEnv.HOME; WorkingDirectory = gitlabEnv.HOME;
ExecStart = "${cfg.packages.gitaly}/bin/gitaly ${gitalyToml}"; ExecStart = "${cfg.packages.gitaly}/bin/gitaly ${gitalyToml}";
@ -580,6 +580,7 @@ in {
ln -sf ${cfg.statePath}/log /run/gitlab/log ln -sf ${cfg.statePath}/log /run/gitlab/log
ln -sf ${cfg.statePath}/uploads /run/gitlab/uploads ln -sf ${cfg.statePath}/uploads /run/gitlab/uploads
ln -sf ${cfg.statePath}/tmp /run/gitlab/tmp ln -sf ${cfg.statePath}/tmp /run/gitlab/tmp
ln -sf $GITLAB_SHELL_CONFIG_PATH /run/gitlab/shell-config.yml
chown -R ${cfg.user}:${cfg.group} /run/gitlab chown -R ${cfg.user}:${cfg.group} /run/gitlab
# Prepare home directory # Prepare home directory

26
pkgs/applications/version-management/gitlab-shell/default.nix
View File

@ -30,29 +30,9 @@ stdenv.mkDerivation rec {
# code by default which doesn't work in nixos because it's a # code by default which doesn't work in nixos because it's a
# read-only filesystem # read-only filesystem
postPatch = '' postPatch = ''
substituteInPlace lib/gitlab_config.rb --replace\ substituteInPlace lib/gitlab_config.rb --replace \
"File.join(ROOT_PATH, 'config.yml')"\ "File.join(ROOT_PATH, 'config.yml')" \
"ENV['GITLAB_SHELL_CONFIG_PATH']" "'/run/gitlab/shell-config.yml'"
# Note that we're running gitlab-shell from current-system/sw
# because otherwise updating gitlab-shell won't be reflected in
# the hardcoded path of the authorized-keys file:
substituteInPlace lib/gitlab_keys.rb --replace\
"\"#{ROOT_PATH}/bin/gitlab-shell"\
"\"GITLAB_SHELL_CONFIG_PATH=#{ENV['GITLAB_SHELL_CONFIG_PATH']} /run/current-system/sw/bin/gitlab-shell"
# We're setting GITLAB_SHELL_CONFIG_PATH in the ssh authorized key
# environment because we need it in gitlab_configrb
# . unsetenv_others will remove that so we're not doing it for
# now.
#
# TODO: Are there any security implications? The commit adding
# unsetenv_others didn't mention anything...
#
# Kernel::exec({'PATH' => ENV['PATH'], 'LD_LIBRARY_PATH' => ENV['LD_LIBRARY_PATH'], 'GL_ID' => ENV['GL_ID']}, *args, unsetenv_others: true)
substituteInPlace lib/gitlab_shell.rb --replace\
" *args, unsetenv_others: true)"\
" *args)"
''; '';
meta = with stdenv.lib; { meta = with stdenv.lib; {

2
pkgs/applications/version-management/gitlab-shell/remove-hardcoded-locations.patch
View File

@ -34,7 +34,7 @@ index c57b4de..88cfc95 100644
cfg.RootDir = dir cfg.RootDir = dir
- configBytes, err := ioutil.ReadFile(path.Join(cfg.RootDir, configFile)) - configBytes, err := ioutil.ReadFile(path.Join(cfg.RootDir, configFile))
+ configBytes, err := ioutil.ReadFile(os.Getenv("GITLAB_SHELL_CONFIG_PATH")) + configBytes, err := ioutil.ReadFile("/run/gitlab/shell-config.yml")
if err != nil { if err != nil {
return nil, err return nil, err
} }