Admins will be upgrading ORNL GitLab Servers on Saturday, 16 May 2026, from 7 AM until 11 AM EST. Repositories will experience intermittent outages during this time.
# hack in special logic for secrets so we read them from a separate file avoiding the nix store
# hack in special logic for secrets so we read them from a separate file avoiding the Nix store
secretKeys=[
"force_install_databasepass"
"dolibarr_main_db_pass"
@@ -313,7 +313,7 @@ in
inherit(cfg)usergroup;
phpPackage=pkgs.php83.buildEnv{
extensions={enabled,all}:enabled++[all.calendar];
# recommended by dolibarr web application
# recommended by Dolibarr web application
extraConfig=''
session.use_strict_mode = 1
session.cookie_samesite = "Lax"
@@ -331,10 +331,10 @@ in
//cfg.poolConfig;
};
# there are several challenges with dolibarr and NixOS which we can address here
# - the dolibarr installer cannot be entirely automated, though it can partially be by including a file called install.forced.php
# - the dolibarr installer requires write access to its config file during installation, though not afterwards
# - the dolibarr config file generally holds secrets generated by the installer, though the config file is a php file so we can read and write these secrets from an external file
# There are several challenges with Dolibarr and NixOS which we can address here
# - the Dolibarr installer cannot be entirely automated, though it can partially be by including a file called install.forced.php
# - the Dolibarr installer requires write access to its config file during installation, though not afterwards
# - the Dolibarr config file generally holds secrets generated by the installer, though the config file is a PHP file so we can read and write these secrets from an external file
systemd.services.dolibarr-config={
description="dolibarr configuration file management via NixOS";
