From c123a37be6b224a48466f6e4329927f366a72efd Mon Sep 17 00:00:00 2001 From: Christoph Heiss Date: Wed, 19 Apr 2023 23:43:58 +0200 Subject: sourcehut.gitsrht: 0.78.20 -> 0.84.2 Newer version of the gitsrht-api service call setrlimit() on startup, thus allow it in the `SystemCallFilter` definition for the service. Signed-off-by: Christoph Heiss --- pkgs/applications/version-management/sourcehut/git.nix | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'pkgs/applications/version-management/sourcehut/git.nix') diff --git a/pkgs/applications/version-management/sourcehut/git.nix b/pkgs/applications/version-management/sourcehut/git.nix index eae70b3724677..cf9089e1aa3f4 100644 --- a/pkgs/applications/version-management/sourcehut/git.nix +++ b/pkgs/applications/version-management/sourcehut/git.nix @@ -4,32 +4,33 @@ , buildPythonPackage , python , srht -, pygit2 , scmsrht +, pygit2 +, minio , unzip }: let - version = "0.78.20"; + version = "0.84.2"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "git.sr.ht"; rev = version; - sha256 = "sha256-rZsTtHobsgRVmMOjPa1fiKrPsNyFu/gOsmO0cTl5MqQ="; + sha256 = "sha256-sAkTsQlWtNDQ5vAhA2EeOvuJcj9A6AG8pgDyIKtr65s="; }; gitApi = buildGoModule ({ inherit src version; pname = "gitsrht-api"; modRoot = "api"; - vendorHash = "sha256-cCs9FUBusaAou9w4TDOg8GKxhRcsPbSNcQpxvFH/+so="; - } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); + vendorHash = "sha256-LAYp0zgosZnFEbtxzjuTH9++0lbxhACr705HqXJz3D0="; + } // import ./fix-gqlgen-trimpath.nix { inherit unzip; gqlgenVersion = "0.17.20"; }); gitDispatch = buildGoModule { inherit src version; pname = "gitsrht-dispatch"; modRoot = "gitsrht-dispatch"; - vendorHash = "sha256-qWXPHo86s6iuRBhRMtmD5jxnAWKdrWHtA/iSUkdw89M="; + vendorHash = "sha256-EDvSZ3/g0xDSohrsAIpNhk+F0yy8tbnTW/3tURTonMc="; }; gitKeys = buildGoModule { @@ -65,8 +66,9 @@ buildPythonPackage rec { propagatedBuildInputs = [ srht - pygit2 scmsrht + pygit2 + minio ]; preBuild = '' -- cgit 1.4.1 From 900664876c724d0ec8f14486c96462cb4953d5f2 Mon Sep 17 00:00:00 2001 From: Christoph Heiss Date: Wed, 29 Mar 2023 21:39:26 +0200 Subject: sourcehut: default gqlgenVersion 0.17.2 -> 0.17.20 Most packages now uses this version, so avoid having it specify it every time. Signed-off-by: Christoph Heiss --- pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix | 2 +- pkgs/applications/version-management/sourcehut/git.nix | 2 +- pkgs/applications/version-management/sourcehut/hg.nix | 2 +- pkgs/applications/version-management/sourcehut/hub.nix | 2 +- pkgs/applications/version-management/sourcehut/lists.nix | 2 +- pkgs/applications/version-management/sourcehut/man.nix | 2 +- pkgs/applications/version-management/sourcehut/meta.nix | 2 +- pkgs/applications/version-management/sourcehut/pages.nix | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) (limited to 'pkgs/applications/version-management/sourcehut/git.nix') diff --git a/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix index 4327e395d5333..8737e4266f452 100644 --- a/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix +++ b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix @@ -1,5 +1,5 @@ { unzip -, gqlgenVersion ? "0.17.2" +, gqlgenVersion ? "0.17.20" }: { overrideModAttrs = (_: { diff --git a/pkgs/applications/version-management/sourcehut/git.nix b/pkgs/applications/version-management/sourcehut/git.nix index cf9089e1aa3f4..af93057e670c5 100644 --- a/pkgs/applications/version-management/sourcehut/git.nix +++ b/pkgs/applications/version-management/sourcehut/git.nix @@ -24,7 +24,7 @@ let pname = "gitsrht-api"; modRoot = "api"; vendorHash = "sha256-LAYp0zgosZnFEbtxzjuTH9++0lbxhACr705HqXJz3D0="; - } // import ./fix-gqlgen-trimpath.nix { inherit unzip; gqlgenVersion = "0.17.20"; }); + } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); gitDispatch = buildGoModule { inherit src version; diff --git a/pkgs/applications/version-management/sourcehut/hg.nix b/pkgs/applications/version-management/sourcehut/hg.nix index 3ada1ac0c3cf2..2ac9861135d0d 100644 --- a/pkgs/applications/version-management/sourcehut/hg.nix +++ b/pkgs/applications/version-management/sourcehut/hg.nix @@ -32,7 +32,7 @@ buildPythonPackage rec { pname = "hgsrht-api"; modRoot = "api"; vendorHash = "sha256-vuOYpnF3WjA6kOe9MVSuVMhJBQqCmIex+QUBJrP+VDs="; - } // import ./fix-gqlgen-trimpath.nix { inherit unzip; gqlgenVersion = "0.17.20"; }); + } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); hgsrht-keys = buildGoModule { inherit src version; diff --git a/pkgs/applications/version-management/sourcehut/hub.nix b/pkgs/applications/version-management/sourcehut/hub.nix index 50fab20a34897..6f1b17b01c3e7 100644 --- a/pkgs/applications/version-management/sourcehut/hub.nix +++ b/pkgs/applications/version-management/sourcehut/hub.nix @@ -28,7 +28,7 @@ buildPythonPackage rec { pname = "hubsrht-api"; modRoot = "api"; vendorHash = "sha256-K5EmZ4U+xItTR85+SCwhwg5KUGLkKHo9Nr2pkvmJpfo="; - } // import ./fix-gqlgen-trimpath.nix { inherit unzip; gqlgenVersion = "0.17.20"; }); + } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); propagatedBuildInputs = [ srht diff --git a/pkgs/applications/version-management/sourcehut/lists.nix b/pkgs/applications/version-management/sourcehut/lists.nix index 0f4530d24e88e..24b56b9dd3c15 100644 --- a/pkgs/applications/version-management/sourcehut/lists.nix +++ b/pkgs/applications/version-management/sourcehut/lists.nix @@ -27,7 +27,7 @@ buildPythonPackage rec { pname = "listssrht-api"; modRoot = "api"; vendorHash = "sha256-E5Zzft9ANJT/nhhCuenZpdo3t9QYLmA+AyDyrbGectE="; - } // import ./fix-gqlgen-trimpath.nix { inherit unzip; gqlgenVersion = "0.17.20"; }); + } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); postPatch = '' substituteInPlace Makefile \ diff --git a/pkgs/applications/version-management/sourcehut/man.nix b/pkgs/applications/version-management/sourcehut/man.nix index e88f7338ee3cd..b01d739a06009 100644 --- a/pkgs/applications/version-management/sourcehut/man.nix +++ b/pkgs/applications/version-management/sourcehut/man.nix @@ -28,7 +28,7 @@ buildPythonPackage rec { pname = "mansrht-api"; modRoot = "api"; vendorHash = "sha256-K5EmZ4U+xItTR85+SCwhwg5KUGLkKHo9Nr2pkvmJpfo="; - } // import ./fix-gqlgen-trimpath.nix { inherit unzip; gqlgenVersion = "0.17.20"; }); + } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); propagatedBuildInputs = [ srht diff --git a/pkgs/applications/version-management/sourcehut/meta.nix b/pkgs/applications/version-management/sourcehut/meta.nix index b1acd0c5a47c3..28cab5852193c 100644 --- a/pkgs/applications/version-management/sourcehut/meta.nix +++ b/pkgs/applications/version-management/sourcehut/meta.nix @@ -29,7 +29,7 @@ let pname = "metasrht-api"; modRoot = "api"; vendorHash = "sha256-D3stDSb99uXze49kKZgGrAq5Zmg6hkIzIpsQKlnKVtE="; - } // import ./fix-gqlgen-trimpath.nix { inherit unzip; gqlgenVersion = "0.17.20"; }); + } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); in buildPythonPackage rec { diff --git a/pkgs/applications/version-management/sourcehut/pages.nix b/pkgs/applications/version-management/sourcehut/pages.nix index 6e7432ae427fb..ca608438687ba 100644 --- a/pkgs/applications/version-management/sourcehut/pages.nix +++ b/pkgs/applications/version-management/sourcehut/pages.nix @@ -35,4 +35,4 @@ buildGoModule (rec { }; # There is no ./loaders but this does not cause troubles # to go generate -} // import ./fix-gqlgen-trimpath.nix { inherit unzip; gqlgenVersion= "0.17.20"; }) +} // import ./fix-gqlgen-trimpath.nix { inherit unzip; }) -- cgit 1.4.1 From 6648488333f66dd8fee678f27fb33016b046090f Mon Sep 17 00:00:00 2001 From: Christoph Heiss Date: Fri, 21 Apr 2023 01:13:42 +0200 Subject: sourcehut: fix logging of git/hg ssh commands Signed-off-by: Christoph Heiss --- nixos/modules/services/misc/sourcehut/default.nix | 17 +++++++++++++---- .../version-management/sourcehut/git.nix | 20 ++++++++++++++++++++ .../applications/version-management/sourcehut/hg.nix | 8 ++++++++ 3 files changed, 41 insertions(+), 4 deletions(-) (limited to 'pkgs/applications/version-management/sourcehut/git.nix') diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix index 9774917407e41..6e1347a52d6f7 100644 --- a/nixos/modules/services/misc/sourcehut/default.nix +++ b/nixos/modules/services/misc/sourcehut/default.nix @@ -801,11 +801,20 @@ in ''; }; systemd.services.sshd = { - #path = optional cfg.git.enable [ cfg.git.package ]; + preStart = concatStringsSep "\n" ( + optionals cfg.git.enable (map (n: '' + touch /var/log/sourcehut/gitsrht-${n} # create if it does not exist yet + chown --silent ${cfg.git.user}:${cfg.git.group} /var/log/sourcehut/gitsrht-${n} || true + '') [ + "keys" + "shell" + "update-hook" + ]) ++ + optional cfg.hg.enable [ + "chown ${cfg.hg.user}:${cfg.hg.group} /var/log/sourcehut/hgsrht-keys" + ]); serviceConfig = { - BindPaths = optionals cfg.git.enable [ - "/var/log:/var/log" - ]; + LogsDirectory = mkIf (cfg.git.enable || cfg.hg.enable) "sourcehut"; BindReadOnlyPaths = # Note that those /usr/bin/* paths are hardcoded in multiple places in *.sr.ht, # for instance to get the user from the [git.sr.ht::dispatch] settings. diff --git a/pkgs/applications/version-management/sourcehut/git.nix b/pkgs/applications/version-management/sourcehut/git.nix index af93057e670c5..3a5163f9d1712 100644 --- a/pkgs/applications/version-management/sourcehut/git.nix +++ b/pkgs/applications/version-management/sourcehut/git.nix @@ -31,6 +31,11 @@ let pname = "gitsrht-dispatch"; modRoot = "gitsrht-dispatch"; vendorHash = "sha256-EDvSZ3/g0xDSohrsAIpNhk+F0yy8tbnTW/3tURTonMc="; + + postPatch = '' + substituteInPlace gitsrht-dispatch/main.go \ + --replace /var/log/gitsrht-dispatch /var/log/sourcehut/gitsrht-dispatch + ''; }; gitKeys = buildGoModule { @@ -38,6 +43,11 @@ let pname = "gitsrht-keys"; modRoot = "gitsrht-keys"; vendorHash = "sha256-9pojS69HCKVHUceyOpGtv9ewcxFD4WsOVsEzkmWJkF4="; + + postPatch = '' + substituteInPlace gitsrht-keys/main.go \ + --replace /var/log/gitsrht-keys /var/log/sourcehut/gitsrht-keys + ''; }; gitShell = buildGoModule { @@ -45,6 +55,11 @@ let pname = "gitsrht-shell"; modRoot = "gitsrht-shell"; vendorHash = "sha256-WqfvSPuVsOHA//86u33atMfeA11+DJhjLmWy8Ivq0NI="; + + postPatch = '' + substituteInPlace gitsrht-shell/main.go \ + --replace /var/log/gitsrht-shell /var/log/sourcehut/gitsrht-shell + ''; }; gitUpdateHook = buildGoModule { @@ -52,6 +67,11 @@ let pname = "gitsrht-update-hook"; modRoot = "gitsrht-update-hook"; vendorHash = "sha256-Bc3yPabS2S+qiroHFKrtkII/CfzBDYQ6xWxKHAME+Tc="; + + postPatch = '' + substituteInPlace gitsrht-update-hook/main.go \ + --replace /var/log/gitsrht-update-hook /var/log/sourcehut/gitsrht-update-hook + ''; }; in diff --git a/pkgs/applications/version-management/sourcehut/hg.nix b/pkgs/applications/version-management/sourcehut/hg.nix index 2ac9861135d0d..f448109a6d7df 100644 --- a/pkgs/applications/version-management/sourcehut/hg.nix +++ b/pkgs/applications/version-management/sourcehut/hg.nix @@ -25,6 +25,9 @@ buildPythonPackage rec { postPatch = '' substituteInPlace Makefile \ --replace "all: api hgsrht-keys" "" + + substituteInPlace hgsrht-shell \ + --replace /var/log/hgsrht-shell /var/log/sourcehut/hgsrht-shell ''; hgsrht-api = buildGoModule ({ @@ -39,6 +42,11 @@ buildPythonPackage rec { pname = "hgsrht-keys"; modRoot = "hgsrht-keys"; vendorHash = "sha256-7ti8xCjSrxsslF7/1X/GY4FDl+69hPL4UwCDfjxmJLU="; + + postPatch = '' + substituteInPlace hgsrht-keys/main.go \ + --replace /var/log/hgsrht-keys /var/log/sourcehut/hgsrht-keys + ''; }; propagatedBuildInputs = [ -- cgit 1.4.1