i'd like to use /#nixops to install gitolite and gitweb. both, gitolites and lighttpds, users share a group. repos live inside /foo/bar/repositories which is owned by gitolite. however, lighttpd can't access the directory, since /foo/bar s permissions are 0700 by default.

currently i use system. activationScripts to more or less manually set g+rx on /foo/bar, but that seems wrong.

would it be better to, for example, modify the script creating the directory?

@bake Hey, thats an interesting question and it seems like the permissions of the repositories dir are handled by gitolite itself, not by #NixOS.

The config variable in question might be UMASK, which can be set in NixOS with services.gitolite.extraGitoliteRc.

@erictapen hey, thank you for the links! umask, however, will only be applied to /foo/bar/repositories and its subdirectories - not /foo/bar itself. permissions on /foo/bar get set when creating gitolites dataDir.

systemd.tmpfiles.rules looks pretty good (way more fitting than system.activationScripts) but is probably not needed if the chmod could happen directly in the init service.

i've created a very small pr, what do you think?

Sign in to participate in the conversation

Cybrespace is an instance of Mastodon, a social network based on open web protocols and free, open-source software. It is decentralized like e-mail.