nixos/cgit: handle unset `strict-export` option (#477185) (c4d3bbe3) · Commits · nix / nixpkgs

nixos/modules/services/networking/cgit.nix

+16 −9

Original line number	Diff line number	Diff line
		@@ -217,7 +217,8 @@ in
		When enabled you must also configure `strict-export = "git-daemon-export-ok"`
		in `settings` to make cgit check for the same files.
		'';
		type = lib.types.bool;
		type = lib.types.nullOr lib.types.bool;
		default = null;
		};
		};
		}
		@@ -235,18 +236,24 @@ in
		}
		{
		assertion =
		!cfg.enable
		\|\| !cfg.gitHttpBackend.enable
		\|\| !cfg.gitHttpBackend.checkExportOkFiles
		\|\| cfg.settings.strict-export == "git-daemon-export-ok";
		cfg.enable -> cfg.gitHttpBackend.enable -> cfg.gitHttpBackend.checkExportOkFiles != null;
		message = "Misconfigured services.cgit.${vhost}: When gitHttpBackend.enable is true then gitHttpBackend.checkExportOkFiles must be set, see the documentation for the option for further information.";
		}
		{
		assertion =
		cfg.enable
		-> cfg.gitHttpBackend.enable
		-> cfg.gitHttpBackend.checkExportOkFiles
		-> (cfg.settings ? strict-export && cfg.settings.strict-export == "git-daemon-export-ok");
		message = "Misconfigured services.cgit.${vhost}: When gitHttpBackend.checkExportOkFiles is true then settings.strict-export must be \"git-daemon-export-ok\".";
		}
		{
		assertion =
		!cfg.enable
		\|\| !cfg.gitHttpBackend.enable
		\|\| cfg.settings.strict-export == null
		\|\| cfg.gitHttpBackend.checkExportOkFiles;
		cfg.enable
		-> cfg.gitHttpBackend.enable
		-> !cfg.gitHttpBackend.checkExportOkFiles
		-> cfg.settings ? strict-export
		-> cfg.settings.strict-export == null;
		message = "Misconfigured services.cgit.${vhost}: settings.strict-export is set but the gitHttpBackend is enabled and checkExportOkFiles is false.";
		}
		]) cfgs

Admin message