Admins will be upgrading ORNL GitLab Servers on Saturday, 16 May 2026, from 7 AM until 11 AM EST. Repositories will experience intermittent outages during this time.

Unverified Commit 93c1d370 authored Mar 01, 2023 by IndeedNotJames

nixos/gitea: fix commit signing (`gpg`) core dump

Gitea spawns `gpg` processes for commit signing related actions.
Those `gpg` processes need `mlock` (probably to prevent secrets
in the memory to swap).
Blocking it (as part of the `@memlock` preset) causes any
commit signing related actions to error out as http/500

parent 249f6c4c

nixos/modules/services/misc/gitea.nix

+1 −1

Original line number	Diff line number	Diff line
		@@ -597,7 +597,7 @@ in
		PrivateMounts = true;
		# System Call Filtering
		SystemCallArchitectures = "native";
		SystemCallFilter = "~@clock @cpu-emulation @debug @keyring @memlock @module @mount @obsolete @raw-io @reboot @setuid @swap";
		SystemCallFilter = "~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @setuid @swap";
		};

		environment = {

Admin message