From 78539c2f9b3e1203cada307caca99d1ce920bb90 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Thu, 26 May 2022 09:08:23 -0700 Subject: fix(gerrit): force gerrit to run as the git user The default configuration wants to run gerrit with a DynamicUser. However, this prevent the server to generate the ssh keys needed by gerrit. Instead, we can force the server to run with the 'git' user, which already exists. --- modules/services/gerrit/default.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/modules/services/gerrit/default.nix b/modules/services/gerrit/default.nix index 6eaece4..df285d3 100644 --- a/modules/services/gerrit/default.nix +++ b/modules/services/gerrit/default.nix @@ -42,6 +42,17 @@ in { }; }; + systemd.services.gerrit = { + serviceConfig = { + # Using DynamicUser fails to generate correctly the ssh keys + # needed for the ssh server that is managed by gerrit. + # Instead, let's re-use the git user. + DynamicUser = lib.mkForce false; + User = "git"; + Group = "git"; + }; + }; + services.nginx.virtualHosts."${cfg.vhostName}" = { forceSSL = true; enableACME = true; -- cgit 1.4.1