I had to make several adjustments to make it work with nixos:
* Replace relative config file lookups with ENV variable.
* Modify gitlab-shell to not clear then environment when running
pre-receive.
* Modify gitlab-shell to write some environment variables into
the .authorized_keys file to make sure gitlab-shell reads the
correct config file.
* Log unicorn output to syslog.
I tried various ways of adding a syslog package but the bundler would
not pick them up. Please fix in a better way if possible.
* Gitlab-runner program wrapper.
This is useful to run e.g. backups etc. with the correct
environment set up.
This commit includes a patch to telepathy's derivation, written by
Lethalman. This patch makes public the Telepathy's dependency to
dbus_glib. This patch will become problematic with the next pkgconfig
upgrade but this upgrade should make the patch irrelevant. See these 2
links for more information:
- https://bugs.freedesktop.org/show_bug.cgi?id=15199
- https://bugzilla.redhat.com/show_bug.cgi?id=436773
Modified by Luca Bruno:
- Moved telepathy_idle to propagatedUserEnvPkgs
- Added myself to maintainers
- Enable parallel building
Now that https://github.com/OpenTSDB/opentsdb/issues/420 is resolved
we can use the official release tarball. This includes all third
party JARs, which vastly simplifies the build expression.
This small patch makes it possible to control java's truststore path through
the environment. This lets you add (system- or session-wide) CAs that should
be allowed by Java. Java users can still use -Djavax.net.ssl.truststore to
override the truststore set by JAVAX_NET_SSL_TRUSTSTORE.
Something like this can be used to build the truststore (in this example just
using the standard pkgs.cacert CA-bundle):
{
environment.variables.JAVAX_NET_SSL_TRUSTSTORE = "${
pkgs.runCommand "cacerts" {} ''
${pkgs.perl}/bin/perl \
${pkgs.path}/pkgs/development/compilers/openjdk/generate-cacerts.pl \
${pkgs.jre}/bin/keytool \
${pkgs.cacert}/etc/ca-bundle.crt
mv cacerts $out
''
}";
}
Ideally, the dependency on pkgs.cacert should also be removed from pkgs.openjdk
to avoid rebuilding java each time the standard CA-bundle changes. Something
along the example above must then be added to NixOS (however, it would be
nice to not depend on ${pkgs.jre}/bin/keytool to generate that environment
variable).
