Unverified Commit 1ebb7d7b authored by Sandro Jäckel's avatar Sandro Jäckel
Browse files

nixos/gitea: add hmacKey support

parent 6dd2f029

nixos/modules/services/misc/gitea.nix

+15 −0
Original line number Diff line number Diff line
@@ -239,6 +239,13 @@ in 
        description = lib.mdDoc "Path to the git repositories.";

      };



      camoHmacKeyFile = mkOption {

        type = types.nullOr types.str;

        default = null;

        example = "/var/lib/secrets/gitea/camoHmacKey";

        description = lib.mdDoc "Path to a file containing the camo HMAC key.";

      };



      mailerPasswordFile = mkOption {

        type = types.nullOr types.str;

        default = null;
@@ -434,6 +441,10 @@ in 
        LFS_JWT_SECRET = "#lfsjwtsecret#";

      };



      camo = mkIf (cfg.camoHmacKeyFile != null) {

        HMAC_KEY = "#hmackey#";

      };



      session = {

        COOKIE_NAME = lib.mkDefault "session";

      };
@@ -575,6 +586,10 @@ in 
              ${replaceSecretBin} '#lfsjwtsecret#' '${lfsJwtSecret}' '${runConfig}'

            ''}



            ${lib.optionalString (cfg.camoHmacKeyFile != null) ''

              ${replaceSecretBin} '#hmackey#' '${cfg.camoHmacKeyFile}' '${runConfig}'

            ''}



            ${lib.optionalString (cfg.mailerPasswordFile != null) ''

              ${replaceSecretBin} '#mailerpass#' '${cfg.mailerPasswordFile}' '${runConfig}'

            ''}