diff mbox series

[bug#71143] services: gitile: Opt out of Git safe dir check.

Message ID 604e51b2f51141b2b8d1d3d71bf9412ab7760563.1716459581.git.mcsinyx@disroot.org
State New
Headers show
Series [bug#71143] services: gitile: Opt out of Git safe dir check. | expand

Commit Message

ashish.is--- via Guix-patches" via May 23, 2024, 10:19 a.m. UTC 
* gnu/services/version-control.scm (gitile-configuration):
  Add home-directory field for Git configuration file.  It also stores
  Gitile's database, so remove the (now redundant) database field.
* gnu/services/version-control.scm (%gitile-accounts): Move to gitile-accounts.
* gnu/services/version-control.scm (gitile-accounts): Add configurable
  home directory.
* doc/gnu.texi (Gitile Service): Document it.
* gnu/services/version-control.scm (gitile-activation): New function
  creating Git config file for user gitile setting safe.directory
  to * (all directories), so libgit parses directories not owned
  by gitile user in gitile-configuration-repositories.

Change-Id: I9d26a74bf021168ce82ac96810c171b2101fd950
---
 doc/guix.texi                    |  4 +--
 gnu/services/version-control.scm | 46 +++++++++++++++++++-------------
 2 files changed, 29 insertions(+), 21 deletions(-)


base-commit: aeba4849b42b4d3ac75341ac4b61843c1fe48181

Comments

ashish.is--- via Guix-patches" via May 26, 2024, 12:11 p.m. UTC | #1 
On 2024-05-24 at 07:28+02:00, Julien Lepiller wrote:
> On 2024-05-23 at 19:28+09:00, Nguyễn Gia Phong wrote:
> > * gnu/services/version-control.scm (gitile-activation): New function
> >   creating Git config file for user gitile setting safe.directory
> >   to * (all directories), so libgit parses directories not owned
> >   by gitile user in gitile-configuration-repositories.
>
> I think it would be better if we had safe-directory = repositories,
> instead of *. Otherwise, looks good.

Thanks, although * seems to be magic string rather than a glob pattern:
https://git-scm.com/docs/git-config#Documentation/git-config.txt-safedirectory

Setting safe-directory to repositories or repositories/*
doesn't make it work for me.

P.S. Huh for some reason GNU Debbugs keep bouncing mails from loang.net.
diff mbox series

Patch

diff --git a/doc/guix.texi b/doc/guix.texi
index 8073e3f6d496..ba12f249a98b 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -38981,8 +38981,8 @@  Version Control Services
 @item @code{port} (default: @code{8080})
 The port on which gitile is listening.
 
-@item @code{database} (default: @code{"/var/lib/gitile/gitile-db.sql"})
-The location of the database.
+@item @code{home-directory} (default: @code{"/var/lib/gitile"})
+Directory in which to store the Gitile database.
 
 @item @code{repositories} (default: @code{"/var/lib/gitolite/repositories"})
 The location of the repositories.  Note that only public repositories will
diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm
index 14ff0a59a6b0..00ca7b600efc 100644
--- a/gnu/services/version-control.scm
+++ b/gnu/services/version-control.scm
@@ -430,8 +430,8 @@  (define-record-type* <gitile-configuration>
         (default "127.0.0.1"))
   (port gitile-configuration-port
         (default 8080))
-  (database gitile-configuration-database
-            (default "/var/lib/gitile/gitile-db.sql"))
+  (home-directory gitile-configuration-home-directory
+                  (default "/var/lib/gitile"))
   (repositories gitile-configuration-repositories
                 (default "/var/lib/gitolite/repositories"))
   (base-git-url gitile-configuration-base-git-url)
@@ -443,13 +443,13 @@  (define-record-type* <gitile-configuration>
           (default '()))
   (nginx gitile-configuration-nginx))
 
-(define (gitile-config-file host port database repositories base-git-url
+(define (gitile-config-file host port home-directory repositories base-git-url
                             index-title intro footer)
   (define build
     #~(write `(config
                 (port #$port)
                 (host #$host)
-                (database #$database)
+                (database #$(string-append home-directory "/gitile-db.sql"))
                 (repositories #$repositories)
                 (base-git-url #$base-git-url)
                 (index-title #$index-title)
@@ -459,9 +459,14 @@  (define (gitile-config-file host port database repositories base-git-url
 
   (computed-file "gitile.conf" build))
 
+(define (gitile-activation config)
+  (match-record config <gitile-configuration> (home-directory)
+    #~(with-output-to-file #$(string-append home-directory "/.gitconfig")
+        (lambda () (display "[safe]\n  directory = *\n")))))
+
 (define gitile-nginx-server-block
   (match-lambda
-    (($ <gitile-configuration> package host port database repositories
+    (($ <gitile-configuration> package host port home-directory repositories
         base-git-url index-title intro footer nginx)
      (list (nginx-server-configuration
              (inherit nginx)
@@ -487,7 +492,7 @@  (define gitile-nginx-server-block
 
 (define gitile-shepherd-service
   (match-lambda
-    (($ <gitile-configuration> package host port database repositories
+    (($ <gitile-configuration> package host port home-directory repositories
         base-git-url index-title intro footer nginx)
      (list (shepherd-service
              (provision '(gitile))
@@ -496,7 +501,7 @@  (define gitile-shepherd-service
              (start (let ((gitile (file-append package "/bin/gitile")))
                           #~(make-forkexec-constructor
                               `(,#$gitile "-c" #$(gitile-config-file
-                                                   host port database
+                                                   host port home-directory
                                                    repositories
                                                    base-git-url index-title
                                                    intro footer))
@@ -504,17 +509,18 @@  (define gitile-shepherd-service
                               #:group "git")))
              (stop #~(make-kill-destructor)))))))
 
-(define %gitile-accounts
-  (list (user-group
-         (name "git")
-         (system? #t))
-        (user-account
-          (name "gitile")
-          (group "git")
-          (system? #t)
-          (comment "Gitile user")
-          (home-directory "/var/empty")
-          (shell (file-append shadow "/sbin/nologin")))))
+(define (gitile-accounts config)
+  (match-record config <gitile-configuration> (home-directory)
+    (list (user-group
+            (name "git")
+            (system? #t))
+          (user-account
+            (name "gitile")
+            (group "git")
+            (system? #t)
+            (comment "Gitile user")
+            (home-directory home-directory)
+            (shell (file-append shadow "/sbin/nologin"))))))
 
 (define gitile-service-type
   (service-type
@@ -523,7 +529,9 @@  (define gitile-service-type
 on the web.")
     (extensions
       (list (service-extension account-service-type
-                               (const %gitile-accounts))
+                               gitile-accounts)
+            (service-extension activation-service-type
+                               gitile-activation)
             (service-extension shepherd-root-service-type
                                gitile-shepherd-service)
             (service-extension nginx-service-type