diff options
| -rw-r--r-- | hosts/ahmed/git.linus.onl/default.nix | 14 | ||||
| -rw-r--r-- | hosts/ahmed/git.linus.onl/no-ownership-check-for-root.patch | 14 |
2 files changed, 28 insertions, 0 deletions
diff --git a/hosts/ahmed/git.linus.onl/default.nix b/hosts/ahmed/git.linus.onl/default.nix index 1436eda..bf9fe0b 100644 --- a/hosts/ahmed/git.linus.onl/default.nix +++ b/hosts/ahmed/git.linus.onl/default.nix @@ -2,6 +2,7 @@ config, pkgs, metadata, + lib, ... }: let git-shell = "${pkgs.gitMinimal}/bin/git-shell"; @@ -54,6 +55,7 @@ in { # Public git viewer. services.cgit."git.linus.onl" = { enable = true; + scanPath = location; settings = let package = config.services.cgit."git.linus.onl".package; @@ -84,5 +86,17 @@ in { enableACME = useACME; forceSSL = useACME; }; + + # Monkey-patch the version of Git used by CGit to handle requests. + services.nginx.virtualHosts."git.linus.onl" = { + locations."~ /.+/(info/refs|git-upload-pack)".fastcgiParams = { + SCRIPT_FILENAME = lib.mkForce "${pkgs.git.overrideAttrs (old: { + patches = (old.patches or []) ++ [ + ./no-ownership-check-for-root.patch + ]; + })}/libexec/git-core/git-http-backend"; + GIT_NO_CHECK_OWNERSHIP = "1"; + }; + }; }; } diff --git a/hosts/ahmed/git.linus.onl/no-ownership-check-for-root.patch b/hosts/ahmed/git.linus.onl/no-ownership-check-for-root.patch new file mode 100644 index 0000000..7749d2d --- /dev/null +++ b/hosts/ahmed/git.linus.onl/no-ownership-check-for-root.patch @@ -0,0 +1,14 @@ +diff --git a/setup.c b/setup.c +index 18927a8..ac6823f 100644 +--- a/setup.c ++++ b/setup.c +@@ -1159,6 +1159,9 @@ static int ensure_valid_ownership(const char *gitfile, + const char *worktree, const char *gitdir, + struct strbuf *report) + { ++ if (git_env_bool("GIT_NO_CHECK_OWNERSHIP", 0)) ++ return 1; ++ + struct safe_directory_data data = { + .path = worktree ? worktree : gitdir + }; |