about summary refs log tree commit diff
path: root/nixos/modules/services/continuous-integration/jenkins
diff options
context:
space:
mode:
authorBjørn Forsman <bjorn.forsman@gmail.com>2015-10-06 21:41:13 +0200
committerBjørn Forsman <bjorn.forsman@gmail.com>2015-10-06 22:11:03 +0200
commit04e748e61fd8613cc35a5966eb51cfaa2a633be2 (patch)
tree4df1c468158df21551e85698268187447abc0544 /nixos/modules/services/continuous-integration/jenkins
parent302a76d1ad8e35d1dd9488198259ca1b63afb5f5 (diff)
downloadnixlib-04e748e61fd8613cc35a5966eb51cfaa2a633be2.tar
nixlib-04e748e61fd8613cc35a5966eb51cfaa2a633be2.tar.gz
nixlib-04e748e61fd8613cc35a5966eb51cfaa2a633be2.tar.bz2
nixlib-04e748e61fd8613cc35a5966eb51cfaa2a633be2.tar.lz
nixlib-04e748e61fd8613cc35a5966eb51cfaa2a633be2.tar.xz
nixlib-04e748e61fd8613cc35a5966eb51cfaa2a633be2.tar.zst
nixlib-04e748e61fd8613cc35a5966eb51cfaa2a633be2.zip
nixos/jenkins: reduce default environment
Don't pull in all of environment.sessionVariables, only add what's
needed for nix and HTTPS to work (which was the point of the previous
patch).
Diffstat (limited to 'nixos/modules/services/continuous-integration/jenkins')
-rw-r--r--nixos/modules/services/continuous-integration/jenkins/default.nix28
1 files changed, 19 insertions, 9 deletions
diff --git a/nixos/modules/services/continuous-integration/jenkins/default.nix b/nixos/modules/services/continuous-integration/jenkins/default.nix
index cf13c73ab4df..7a118ac72071 100644
--- a/nixos/modules/services/continuous-integration/jenkins/default.nix
+++ b/nixos/modules/services/continuous-integration/jenkins/default.nix
@@ -69,10 +69,11 @@ in {
         type = with types; attrsOf str;
         description = ''
           Additional environment variables to be passed to the jenkins process.
-          This setting will merge with everything in
-          <option>config.environment.sessionVariables</option>,
-          JENKINS_HOME and NIX_REMOTE. This option takes precedence and can
-          override any previously set environment variable.
+          As a base environment, jenkins receives NIX_PATH, SSL_CERT_FILE and
+          GIT_SSL_CAINFO from <option>environment.sessionVariables</option>,
+          NIX_REMOTE is set to "daemon" and JENKINS_HOME is set to
+          the value of <option>services.jenkins.home</option>. This option has
+          precedence and can be used to override those mentioned variables.
         '';
       };
 
@@ -110,11 +111,20 @@ in {
       wantedBy = [ "multi-user.target" ];
 
       environment =
-        config.environment.sessionVariables //
-        { JENKINS_HOME = cfg.home;
-          NIX_REMOTE = "daemon";
-        } //
-        cfg.environment;
+        let
+          selectedSessionVars =
+            lib.filterAttrs (n: v: builtins.elem n
+                [ "NIX_PATH"
+                  "SSL_CERT_FILE"
+                  "GIT_SSL_CAINFO"
+                ])
+              config.environment.sessionVariables;
+        in
+          selectedSessionVars //
+          { JENKINS_HOME = cfg.home;
+            NIX_REMOTE = "daemon";
+          } //
+          cfg.environment;
 
       path = cfg.packages;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-31 05:09:45 +0000