gitlab: link tmp/ directory to writable path

2017-10-14 20:58:02 +00:00 · 2017-10-14 20:58:02 +00:00 · 60b0db0e08
commit 60b0db0e08
parent f250015ea3
2 changed files with 3 additions and 0 deletions
--- a/nixos/modules/services/misc/gitlab.nix
+++ b/nixos/modules/services/misc/gitlab.nix
@ -581,6 +581,7 @@ in {
        mkdir -p ${cfg.statePath}/{log,uploads}
        ln -sf ${cfg.statePath}/log /run/gitlab/log
        ln -sf ${cfg.statePath}/uploads /run/gitlab/uploads
+        ln -sf ${cfg.statePath}/tmp /run/gitlab/tmp
        chown -R ${cfg.user}:${cfg.group} /run/gitlab

        # Prepare home directory
--- a/pkgs/applications/version-management/gitlab/default.nix
+++ b/pkgs/applications/version-management/gitlab/default.nix
@ -84,12 +84,14 @@ stdenv.mkDerivation rec {
  '';

  installPhase = ''
+    rm -r tmp
    mkdir -p $out/share
    cp -r . $out/share/gitlab
    rm -rf $out/share/gitlab/log
    ln -sf /run/gitlab/log $out/share/gitlab/log
    ln -sf /run/gitlab/uploads $out/share/gitlab/public/uploads
    ln -sf /run/gitlab/config $out/share/gitlab/config
+    ln -sf /run/gitlab/tmp $out/share/gitlab/tmp

    # rake tasks to mitigate CVE-2017-0882
    # see https://about.gitlab.com/2017/03/20/gitlab-8-dot-17-dot-4-security-release/