Forgejo: Difference between revisions

Line 106:

Using the following snippet, you can ensure users:

sops.secrets.forgejo-admin-password.owner = "forgejo";

systemd.services.forgejo.preStart = ''

~~create~~="${lib.getExe config.services.forgejo.package} admin user ~~create~~"

admin="${lib.getExe config.services.forgejo.package} admin user"

$create --admin --email "~~you~~@~~example~~.~~com~~" --username ~~you~~ --password "~~`cat~~ ${config.sops.secrets.~~forgejo~~.path}`" ~~&>/dev/null~~ || true

$admin create --admin --email "root@localhost" --username admin --password "$(tr -d '\n' < $

{config.sops.secrets.forgejo-admin-password.path})" || true

## uncomment this line to change an admin user which was already created

# $admin change-password --username admin --password "$(tr -d '\n' < ${config.sops.secrets.f

orgejo-admin-password.path})" || true

'';

</syntaxhighlight>

You may remove the <code>--admin</code> flag to create only a regular user. The <code>~~&>/dev/null~~ || true</code> is necessary, so ~~1. The code snippet doesn't write to~~ the ~~log, 2. The~~ snippet does not fail if the user already exists.

You may remove the <code>--admin</code> flag to create only a regular user. The <code>|| true</code> is necessary, so the snippet does not fail if the user already exists.

Naturally, instead of sops, you may use any file or secret manager, as explained above.

@@ Line 106: / Line 106: @@
 Using the following snippet, you can ensure users:
 <syntaxhighlight lang="nixos">
+sops.secrets.forgejo-admin-password.owner = "forgejo";
 systemd.services.forgejo.preStart = ''
-create="${lib.getExe config.services.forgejo.package} admin user create"
+  admin="${lib.getExe config.services.forgejo.package} admin user"
-$create --admin --email "you@example.com" --username you --password "`cat ${config.sops.secrets.forgejo.path}`" &>/dev/null || true
+  $admin create --admin --email "root@localhost" --username admin --password "$(tr -d '\n' < $
+{config.sops.secrets.forgejo-admin-password.path})" || true
+  ## uncomment this line to change an admin user which was already created
+  # $admin change-password --username admin --password "$(tr -d '\n' < ${config.sops.secrets.f
+orgejo-admin-password.path})" || true
 '';
 </syntaxhighlight>
-You may remove the <code>--admin</code> flag to create only a regular user. The <code>&>/dev/null || true</code> is necessary, so 1. The code snippet doesn't write to the log, 2. The snippet does not fail if the user already exists.
+You may remove the <code>--admin</code> flag to create only a regular user. The <code>|| true</code> is necessary, so the snippet does not fail if the user already exists.
 Naturally, instead of sops, you may use any file or secret manager, as explained above.