Loading nixos/modules/services/misc/gitea.nix +15 −0 Original line number Diff line number Diff line Loading @@ -246,6 +246,13 @@ in description = lib.mdDoc "Path to a file containing the SMTP password."; }; metricsTokenFile = mkOption { type = types.nullOr types.str; default = null; example = "/var/lib/secrets/gitea/metrics_token"; description = lib.mdDoc "Path to a file containing the metrics authentication token."; }; settings = mkOption { default = {}; description = lib.mdDoc '' Loading Loading @@ -433,6 +440,10 @@ in PASSWD = "#mailerpass#"; }; metrics = mkIf (cfg.metricsTokenFile != null) { TOKEN = "#metricstoken#"; }; oauth2 = { JWT_SECRET = "#oauth2jwtsecret#"; }; Loading Loading @@ -559,6 +570,10 @@ in ${lib.optionalString (cfg.mailerPasswordFile != null) '' ${replaceSecretBin} '#mailerpass#' '${cfg.mailerPasswordFile}' '${runConfig}' ''} ${lib.optionalString (cfg.metricsTokenFile != null) '' ${replaceSecretBin} '#metricstoken#' '${cfg.metricsTokenFile}' '${runConfig}' ''} chmod u-w '${runConfig}' } (umask 027; gitea_setup) Loading nixos/tests/gitea.nix +8 −0 Original line number Diff line number Diff line Loading @@ -35,9 +35,11 @@ let enable = true; database = { inherit type; }; package = giteaPackage; metricsTokenFile = (pkgs.writeText "metrics_secret" "fakesecret").outPath; settings.service.DISABLE_REGISTRATION = true; settings."repository.signing".SIGNING_KEY = signingPrivateKeyId; settings.actions.ENABLED = true; settings.metrics.ENABLED = true; }; environment.systemPackages = [ giteaPackage pkgs.gnupg pkgs.jq ]; services.openssh.enable = true; Loading Loading @@ -143,6 +145,12 @@ let + '-H "Accept: application/json" | jq length)" = "1"' ) with subtest("Testing metrics endpoint"): server.succeed('curl ' + '-H "Authorization: Bearer fakesecret" ' + 'http://localhost:3000/metrics ' + '| grep gitea_accesses') with subtest("Testing runner registration"): server.succeed( "su -l gitea -c 'GITEA_WORK_DIR=/var/lib/gitea gitea actions generate-runner-token' | sed 's/^/TOKEN=/' | tee /var/lib/gitea/runner_token" Loading Loading
nixos/modules/services/misc/gitea.nix +15 −0 Original line number Diff line number Diff line Loading @@ -246,6 +246,13 @@ in description = lib.mdDoc "Path to a file containing the SMTP password."; }; metricsTokenFile = mkOption { type = types.nullOr types.str; default = null; example = "/var/lib/secrets/gitea/metrics_token"; description = lib.mdDoc "Path to a file containing the metrics authentication token."; }; settings = mkOption { default = {}; description = lib.mdDoc '' Loading Loading @@ -433,6 +440,10 @@ in PASSWD = "#mailerpass#"; }; metrics = mkIf (cfg.metricsTokenFile != null) { TOKEN = "#metricstoken#"; }; oauth2 = { JWT_SECRET = "#oauth2jwtsecret#"; }; Loading Loading @@ -559,6 +570,10 @@ in ${lib.optionalString (cfg.mailerPasswordFile != null) '' ${replaceSecretBin} '#mailerpass#' '${cfg.mailerPasswordFile}' '${runConfig}' ''} ${lib.optionalString (cfg.metricsTokenFile != null) '' ${replaceSecretBin} '#metricstoken#' '${cfg.metricsTokenFile}' '${runConfig}' ''} chmod u-w '${runConfig}' } (umask 027; gitea_setup) Loading
nixos/tests/gitea.nix +8 −0 Original line number Diff line number Diff line Loading @@ -35,9 +35,11 @@ let enable = true; database = { inherit type; }; package = giteaPackage; metricsTokenFile = (pkgs.writeText "metrics_secret" "fakesecret").outPath; settings.service.DISABLE_REGISTRATION = true; settings."repository.signing".SIGNING_KEY = signingPrivateKeyId; settings.actions.ENABLED = true; settings.metrics.ENABLED = true; }; environment.systemPackages = [ giteaPackage pkgs.gnupg pkgs.jq ]; services.openssh.enable = true; Loading Loading @@ -143,6 +145,12 @@ let + '-H "Accept: application/json" | jq length)" = "1"' ) with subtest("Testing metrics endpoint"): server.succeed('curl ' + '-H "Authorization: Bearer fakesecret" ' + 'http://localhost:3000/metrics ' + '| grep gitea_accesses') with subtest("Testing runner registration"): server.succeed( "su -l gitea -c 'GITEA_WORK_DIR=/var/lib/gitea gitea actions generate-runner-token' | sed 's/^/TOKEN=/' | tee /var/lib/gitea/runner_token" Loading
