diff options
author | Robin Gloster <mail@glob.in> | 2019-07-16 03:48:13 +0200 |
---|---|---|
committer | Robin Gloster <mail@glob.in> | 2019-07-16 03:51:17 +0200 |
commit | 52fd300b8cce730e50a8afd9dd3de655df1c8af6 (patch) | |
tree | f4ffd8e1a31f78e66df9ebcfd1bc4d9706f47788 /nixos/modules/services | |
parent | 3469c206f2b895ff7f6cacd7d3d08cf0b70c41d3 (diff) | |
download | nixlib-52fd300b8cce730e50a8afd9dd3de655df1c8af6.tar nixlib-52fd300b8cce730e50a8afd9dd3de655df1c8af6.tar.gz nixlib-52fd300b8cce730e50a8afd9dd3de655df1c8af6.tar.bz2 nixlib-52fd300b8cce730e50a8afd9dd3de655df1c8af6.tar.lz nixlib-52fd300b8cce730e50a8afd9dd3de655df1c8af6.tar.xz nixlib-52fd300b8cce730e50a8afd9dd3de655df1c8af6.tar.zst nixlib-52fd300b8cce730e50a8afd9dd3de655df1c8af6.zip |
gitlab module: fix permissions
Diffstat (limited to 'nixos/modules/services')
-rw-r--r-- | nixos/modules/services/misc/gitlab.nix | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix index 4810e993ba29..a416efc3ddec 100644 --- a/nixos/modules/services/misc/gitlab.nix +++ b/nixos/modules/services/misc/gitlab.nix @@ -497,12 +497,12 @@ in { systemd.tmpfiles.rules = [ "d /run/gitlab 0755 ${cfg.user} ${cfg.group} -" "d ${gitlabEnv.HOME} 0750 ${cfg.user} ${cfg.group} -" + "z ${gitlabEnv.HOME}/.ssh/authorized_keys 0600 ${cfg.user} ${cfg.group} -" "d ${cfg.backupPath} 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath} 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/builds 0750 ${cfg.user} ${cfg.group} -" - "D ${cfg.statePath}/config 0750 ${cfg.user} ${cfg.group} -" - "D ${cfg.statePath}/config/initializers 0750 ${cfg.user} ${cfg.group} -" - "D ${cfg.statePath}/db 0750 ${cfg.user} ${cfg.group} -" + "d ${cfg.statePath}/config 0750 ${cfg.user} ${cfg.group} -" + "d ${cfg.statePath}/db 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/log 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/repositories 2770 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/shell 0750 ${cfg.user} ${cfg.group} -" @@ -625,9 +625,9 @@ in { ]; preStart = '' ${pkgs.sudo}/bin/sudo -u ${cfg.user} cp -f ${cfg.packages.gitlab}/share/gitlab/VERSION ${cfg.statePath}/VERSION - ${pkgs.sudo}/bin/sudo -u ${cfg.user} cp -rf ${cfg.packages.gitlab}/share/gitlab/config.dist/* ${cfg.statePath}/config - ${pkgs.sudo}/bin/sudo -u ${cfg.user} cp -rf ${cfg.packages.gitlab}/share/gitlab/db/* ${cfg.statePath}/db - ${pkgs.sudo}/bin/sudo -u ${cfg.user} chmod u+w ${cfg.statePath}/db/* + ${pkgs.sudo}/bin/sudo -u ${cfg.user} rm -rf ${cfg.statePath}/db/* + ${pkgs.sudo}/bin/sudo -u ${cfg.user} cp -rf --no-preserve=mode ${cfg.packages.gitlab}/share/gitlab/config.dist/* ${cfg.statePath}/config + ${pkgs.sudo}/bin/sudo -u ${cfg.user} cp -rf --no-preserve=mode ${cfg.packages.gitlab}/share/gitlab/db/* ${cfg.statePath}/db ${pkgs.openssl}/bin/openssl rand -hex 32 > ${cfg.statePath}/gitlab_shell_secret |