diff options
| -rw-r--r-- | nixos/modules/services/misc/gitea.nix | 17 | ||||
| -rw-r--r-- | nixos/tests/gitea.nix | 2 |
2 files changed, 18 insertions, 1 deletions
diff --git a/nixos/modules/services/misc/gitea.nix b/nixos/modules/services/misc/gitea.nix index 7a10bd872994..be4d38719785 100644 --- a/nixos/modules/services/misc/gitea.nix +++ b/nixos/modules/services/misc/gitea.nix @@ -46,6 +46,9 @@ let ROOT_PATH = ${cfg.log.rootPath} LEVEL = ${cfg.log.level} + [service] + DISABLE_REGISTRATION = ${boolToString cfg.disableRegistration} + ${cfg.extraConfig} ''; in @@ -248,6 +251,18 @@ in description = "Upper level of template and static files path."; }; + disableRegistration = mkEnableOption "the registration lock" // { + description = '' + By default any user can create an account on this <literal>gitea</literal> instance. + This can be disabled by using this option. + + <emphasis>Note:</emphasis> please keep in mind that this should be added after the initial + deploy unless <link linkend="opt-services.gitea.useWizard">services.gitea.useWizard</link> + is <literal>true</literal> as the first registered user will be the administrator if + no install wizard is used. + ''; + }; + extraConfig = mkOption { type = types.str; default = ""; @@ -263,7 +278,7 @@ in description = "gitea"; after = [ "network.target" ] ++ lib.optional usePostgresql "postgresql.service" ++ lib.optional useMysql "mysql.service"; wantedBy = [ "multi-user.target" ]; - path = [ gitea.bin ]; + path = [ gitea.bin pkgs.gitAndTools.git ]; preStart = let runConfig = "${cfg.stateDir}/custom/conf/app.ini"; diff --git a/nixos/tests/gitea.nix b/nixos/tests/gitea.nix index 354334991852..28e6479e9cbe 100644 --- a/nixos/tests/gitea.nix +++ b/nixos/tests/gitea.nix @@ -64,6 +64,7 @@ with pkgs.lib; machine = { config, pkgs, ... }: { services.gitea.enable = true; + services.gitea.disableRegistration = true; }; testScript = '' @@ -72,6 +73,7 @@ with pkgs.lib; $machine->waitForUnit('gitea.service'); $machine->waitForOpenPort('3000'); $machine->succeed("curl --fail http://localhost:3000/"); + $machine->succeed("curl --fail http://localhost:3000/user/sign_up | grep 'Registration is disabled. Please contact your site administrator.'"); ''; }; } |