diff options
author | tv <tv@krebsco.de> | 2024-06-05 20:43:48 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2024-06-05 20:43:48 +0200 |
commit | 6b3e4de3b01fcf18b3ef7daa5c0d686cdf88489e (patch) | |
tree | 8b015d891a95544a4f3eda3040f5b5981ffd7389 | |
parent | 401f0e115928df34da18d99e3560ecb83254f1b5 (diff) |
cgit: consider all repos safe
-rw-r--r-- | krebs/3modules/git.nix | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 347a2c32b..961b217e1 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -468,6 +468,16 @@ let include ${pkgs.nginx}/conf/fastcgi_params; fastcgi_param GIT_HTTP_EXPORT_ALL ""; fastcgi_param GIT_PROJECT_ROOT ${cfg.dataDir}; + fastcgi_param HOME ${pkgs.write "git-http-backend.home" { + "/.gitconfig".text = /* ini */ '' + [safe] + directory = . + ${concatMapStrings + (repo: "directory = ${cfg.dataDir}/${repo.name}\n") + (attrValues cfg.repos) + } + ''; + }}; fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_param SCRIPT_FILENAME ${pkgs.git}/bin/git-http-backend; fastcgi_pass unix:${config.services.fcgiwrap.socketAddress}; |