From 92662a9920cf8b70ad8a061591dc37146123bde3 Mon Sep 17 00:00:00 2001 From: Colin Date: Tue, 21 Nov 2023 02:31:40 +0000 Subject: [PATCH] nixos/gitea: don't configure the database if `createDatabase == false` fixes fallout from . a common idiom is to run the git server as user `git`, instead of `gitea`, with configuration like this: ```nix services.gitea.user = "git"; services.gitea.database.user = "git"; ``` after #266270, this requires setting `services.gitea.database.createDatabase = false` (as recommended by the assertion). however, the module then plumbs defaults which no longer make sense into the gitea config causing a failed connection at runtime: ``` gitea-pre-start: cmd/migrate.go:40:runMigrate() [F] Failed to initialize ORM engine: pq: password authentication failed for user "git" ``` instead, don't default any of the connection settings when `createDatabase == false`: error at eval time (instead of runtime) if the user hasn't explicitly configured the remaining connection settings. --- nixos/modules/services/misc/gitea.nix | 65 ++++++++++++++++++--------- 1 file changed, 45 insertions(+), 20 deletions(-) diff --git a/nixos/modules/services/misc/gitea.nix b/nixos/modules/services/misc/gitea.nix index d43250c882683..9006f4ccbb58b 100644 --- a/nixos/modules/services/misc/gitea.nix +++ b/nixos/modules/services/misc/gitea.nix @@ -94,30 +94,37 @@ in host = mkOption { type = types.str; - default = "127.0.0.1"; + defaultText = literalExpression '' + lib.mkIf config.services.gitea.database.createDatabase "127.0.0.1" + ''; description = "Database host address."; }; port = mkOption { type = types.port; - default = if usePostgresql then pg.settings.port else 3306; defaultText = literalExpression '' - if config.${opt.database.type} != "postgresql" - then 3306 - else 5432 + lib.mkIf config.services.gitea.database.createDatabase ( + if config.${opt.database.type} != "postgresql" + then 3306 + else 5432 + ) ''; description = "Database host port."; }; name = mkOption { type = types.str; - default = "gitea"; + defaultText = literalExpression '' + lib.mkIf config.services.gitea.database.createDatabase "gitea" + ''; description = "Database name."; }; user = mkOption { type = types.str; - default = "gitea"; + defaultText = literalExpression '' + lib.mkIf config.services.gitea.database.createDatabase "gitea" + ''; description = "Database user."; }; @@ -143,23 +150,29 @@ in socket = mkOption { type = types.nullOr types.path; - default = if (cfg.database.createDatabase && usePostgresql) then "/run/postgresql" else if (cfg.database.createDatabase && useMysql) then "/run/mysqld/mysqld.sock" else null; - defaultText = literalExpression "null"; + default = null; example = "/run/mysqld/mysqld.sock"; description = "Path to the unix socket file to use for authentication."; }; path = mkOption { type = types.str; - default = "${cfg.stateDir}/data/gitea.db"; - defaultText = literalExpression ''"''${config.${opt.stateDir}}/data/gitea.db"''; + defaultText = literalExpression '' + lib.mkIf config.services.gitea.database.createDatabase ( + "''${config.${opt.stateDir}}/data/gitea.db" + ) + ''; description = "Path to the sqlite3 database file."; }; createDatabase = mkOption { type = types.bool; default = true; - description = "Whether to create a local database automatically."; + description = '' + Whether to create a local database automatically. + If set `false`, then the other database settings required by the + configured database type *must* be specified explicitly. + ''; }; }; @@ -400,12 +413,31 @@ in message = '' When creating a database via NixOS, the db user and db name must be equal! If you already have an existing DB+user and this assertion is new, you can safely set - `services.gitea.createDatabase` to `false` because removal of `ensureUsers` + `services.gitea.database.createDatabase` to `false` because removal of `ensureUsers` and `ensureDatabases` doesn't have any effect. ''; } ]; + services.gitea.database = lib.mkMerge [ + (lib.mkIf cfg.database.createDatabase { + host = lib.mkDefault "127.0.0.1"; + port = lib.mkDefault (if usePostgresql then pg.settings.port else 3306); + name = lib.mkDefault "gitea"; + user = lib.mkDefault "gitea"; + socket = lib.mkDefault (if usePostgresql then "/run/postgresql" else if useMysql then "/run/mysqld/mysqld.sock" else null); + path = lib.mkDefault "${cfg.stateDir}/data/gitea.db"; + }) + { + # Create database passwordFile default when password is configured. + passwordFile = + mkDefault (toString (pkgs.writeTextFile { + name = "gitea-database-password"; + text = cfg.database.password; + })); + } + ]; + services.gitea.settings = { "cron.update_checker".ENABLED = lib.mkDefault false; @@ -688,13 +720,6 @@ in See https://nixos.org/manual/nixos/unstable/#module-forgejo for migration instructions. ''; - # Create database passwordFile default when password is configured. - services.gitea.database.passwordFile = - mkDefault (toString (pkgs.writeTextFile { - name = "gitea-database-password"; - text = cfg.database.password; - })); - systemd.services.gitea-dump = mkIf cfg.dump.enable { description = "gitea dump"; after = [ "gitea.service" ];