veryroundbird.house / core
forked from tangled.org/core
this repo has no description
fork atom

nix/modules/knot: don't use an activation script to set up git user home

It's unidiomatic, and doesn't allow extension by way of changing the
systemd service options (like is done in the following commit).

Signed-off-by: Winter <winter@winter.cafe>

winter.bsky.social ecd7277d 9200ee97

options
unified split
Changed files
+27 -24
nix
modules
knot.nix
+27 -24
nix/modules/knot.nix 
···

       
126

       
126

       
 

       
        cfg.package


     

       
127

       
127

       
 

       
      ];


     

       
128

       
128

       
 

       



     

       
129

       

       
-

       
      system.activationScripts.gitConfig = let


     

       
130

       

       
-

       
        setMotd =


     

       
131

       

       
-

       
          if cfg.motdFile != null && cfg.motd != null


     

       
132

       

       
-

       
          then throw "motdFile and motd cannot be both set"


     

       
133

       

       
-

       
          else ''


     

       
134

       

       
-

       
            ${optionalString (cfg.motdFile != null) "cat ${cfg.motdFile} > ${cfg.stateDir}/motd"}


     

       
135

       

       
-

       
            ${optionalString (cfg.motd != null) ''printf "${cfg.motd}" > ${cfg.stateDir}/motd''}


     

       
136

       

       
-

       
          '';


     

       
137

       

       
-

       
      in ''


     

       
138

       

       
-

       
        mkdir -p "${cfg.repo.scanPath}"


     

       
139

       

       
-

       
        chown -R ${cfg.gitUser}:${cfg.gitUser} "${cfg.repo.scanPath}"


     

       
140

       

       
-

       



     

       
141

       

       
-

       
        mkdir -p "${cfg.stateDir}/.config/git"


     

       
142

       

       
-

       
        cat > "${cfg.stateDir}/.config/git/config" << EOF


     

       
143

       

       
-

       
        [user]


     

       
144

       

       
-

       
            name = Git User


     

       
145

       

       
-

       
            email = git@example.com


     

       
146

       

       
-

       
        [receive]


     

       
147

       

       
-

       
            advertisePushOptions = true


     

       
148

       

       
-

       
        EOF


     

       
149

       

       
-

       
        ${setMotd}


     

       
150

       

       
-

       
        chown -R ${cfg.gitUser}:${cfg.gitUser} "${cfg.stateDir}"


     

       
151

       

       
-

       
      '';


     

       
152

       

       
-

       



     

       
153

       
129

       
 

       
      users.users.${cfg.gitUser} = {


     

       
154

       
130

       
 

       
        isSystemUser = true;


     

       
155

       
131

       
 

       
        useDefaultShell = true;


     
···

       
185

       
161

       
 

       
        description = "knot service";


     

       
186

       
162

       
 

       
        after = ["network.target" "sshd.service"];


     

       
187

       
163

       
 

       
        wantedBy = ["multi-user.target"];


     

       

       
164

       
+

       
        enableStrictShellChecks = true;


     

       

       
165

       
+

       



     

       

       
166

       
+

       
        preStart = let


     

       

       
167

       
+

       
          setMotd =


     

       

       
168

       
+

       
            if cfg.motdFile != null && cfg.motd != null


     

       

       
169

       
+

       
            then throw "motdFile and motd cannot be both set"


     

       

       
170

       
+

       
            else ''


     

       

       
171

       
+

       
              ${optionalString (cfg.motdFile != null) "cat ${cfg.motdFile} > ${cfg.stateDir}/motd"}


     

       

       
172

       
+

       
              ${optionalString (cfg.motd != null) ''printf "${cfg.motd}" > ${cfg.stateDir}/motd''}


     

       

       
173

       
+

       
            '';


     

       

       
174

       
+

       
        in ''


     

       

       
175

       
+

       
          mkdir -p "${cfg.repo.scanPath}"


     

       

       
176

       
+

       
          chown -R ${cfg.gitUser}:${cfg.gitUser} "${cfg.repo.scanPath}"


     

       

       
177

       
+

       



     

       

       
178

       
+

       
          mkdir -p "${cfg.stateDir}/.config/git"


     

       

       
179

       
+

       
          cat > "${cfg.stateDir}/.config/git/config" << EOF


     

       

       
180

       
+

       
          [user]


     

       

       
181

       
+

       
              name = Git User


     

       

       
182

       
+

       
              email = git@example.com


     

       

       
183

       
+

       
          [receive]


     

       

       
184

       
+

       
              advertisePushOptions = true


     

       

       
185

       
+

       
          EOF


     

       

       
186

       
+

       
          ${setMotd}


     

       

       
187

       
+

       
          chown -R ${cfg.gitUser}:${cfg.gitUser} "${cfg.stateDir}"


     

       

       
188

       
+

       
        '';


     

       

       
189

       
+

       



     

       
188

       
190

       
 

       
        serviceConfig = {


     

       
189

       
191

       
 

       
          User = cfg.gitUser;


     

       

       
192

       
+

       
          PermissionsStartOnly = true;


     

       
190

       
193

       
 

       
          WorkingDirectory = cfg.stateDir;


     

       
191

       
194

       
 

       
          Environment = [


     

       
192

       
195

       
 

       
            "KNOT_REPO_SCAN_PATH=${cfg.repo.scanPath}"