diff options
author | Franck Cuny <franck@fcuny.net> | 2022-05-26 09:08:23 -0700 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2022-05-26 09:08:23 -0700 |
commit | 78539c2f9b3e1203cada307caca99d1ce920bb90 (patch) | |
tree | 80264f40d9e67f26770604654e22291341a7afeb /modules/services/gerrit | |
parent | fix(gerrit): use localhost for the proxy (diff) | |
download | world-78539c2f9b3e1203cada307caca99d1ce920bb90.tar.gz |
fix(gerrit): force gerrit to run as the git user
The default configuration wants to run gerrit with a DynamicUser. However, this prevent the server to generate the ssh keys needed by gerrit. Instead, we can force the server to run with the 'git' user, which already exists.
Diffstat (limited to 'modules/services/gerrit')
-rw-r--r-- | modules/services/gerrit/default.nix | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/modules/services/gerrit/default.nix b/modules/services/gerrit/default.nix index 6eaece4..df285d3 100644 --- a/modules/services/gerrit/default.nix +++ b/modules/services/gerrit/default.nix @@ -42,6 +42,17 @@ in { }; }; + systemd.services.gerrit = { + serviceConfig = { + # Using DynamicUser fails to generate correctly the ssh keys + # needed for the ssh server that is managed by gerrit. + # Instead, let's re-use the git user. + DynamicUser = lib.mkForce false; + User = "git"; + Group = "git"; + }; + }; + services.nginx.virtualHosts."${cfg.vhostName}" = { forceSSL = true; enableACME = true; |