diff options
author | Franck Cuny <franck@fcuny.net> | 2022-05-26 09:08:23 -0700 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2022-05-26 09:08:23 -0700 |
commit | 78539c2f9b3e1203cada307caca99d1ce920bb90 (patch) | |
tree | 80264f40d9e67f26770604654e22291341a7afeb | |
parent | fix(gerrit): use localhost for the proxy (diff) | |
download | world-78539c2f9b3e1203cada307caca99d1ce920bb90.tar.gz |
fix(gerrit): force gerrit to run as the git user
The default configuration wants to run gerrit with a DynamicUser. However, this prevent the server to generate the ssh keys needed by gerrit. Instead, we can force the server to run with the 'git' user, which already exists.
-rw-r--r-- | modules/services/gerrit/default.nix | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/modules/services/gerrit/default.nix b/modules/services/gerrit/default.nix index 6eaece4..df285d3 100644 --- a/modules/services/gerrit/default.nix +++ b/modules/services/gerrit/default.nix @@ -42,6 +42,17 @@ in { }; }; + systemd.services.gerrit = { + serviceConfig = { + # Using DynamicUser fails to generate correctly the ssh keys + # needed for the ssh server that is managed by gerrit. + # Instead, let's re-use the git user. + DynamicUser = lib.mkForce false; + User = "git"; + Group = "git"; + }; + }; + services.nginx.virtualHosts."${cfg.vhostName}" = { forceSSL = true; enableACME = true; |