chore(origins): expose in a cuter way allowed origins
Worked around in our original deployment, here's a nicer way to set it. Signed-off-by: Raito Bezarius <raito@lix.systems>
This commit is contained in:
parent
7102157055
commit
bd8c11ed1e
|
@ -771,6 +771,7 @@ class GerritNixConfigurator(ConfiguratorBase):
|
||||||
gerrit_sshkey_path: str,
|
gerrit_sshkey_path: str,
|
||||||
projects: list[str],
|
projects: list[str],
|
||||||
url: str,
|
url: str,
|
||||||
|
allowed_origins: list[str],
|
||||||
nix_supported_systems: list[str],
|
nix_supported_systems: list[str],
|
||||||
nix_eval_worker_count: int | None,
|
nix_eval_worker_count: int | None,
|
||||||
nix_eval_max_memory_size: int,
|
nix_eval_max_memory_size: int,
|
||||||
|
@ -781,6 +782,7 @@ class GerritNixConfigurator(ConfiguratorBase):
|
||||||
auth_method: AuthBase | None = None,
|
auth_method: AuthBase | None = None,
|
||||||
) -> None:
|
) -> None:
|
||||||
super().__init__()
|
super().__init__()
|
||||||
|
self.allowed_origins = allowed_origins
|
||||||
self.gerrit_server = gerrit_server
|
self.gerrit_server = gerrit_server
|
||||||
self.gerrit_user = gerrit_user
|
self.gerrit_user = gerrit_user
|
||||||
self.gerrit_port = gerrit_port
|
self.gerrit_port = gerrit_port
|
||||||
|
@ -815,7 +817,9 @@ class GerritNixConfigurator(ConfiguratorBase):
|
||||||
|
|
||||||
config.setdefault("projects", [])
|
config.setdefault("projects", [])
|
||||||
config.setdefault("secretsProviders", [])
|
config.setdefault("secretsProviders", [])
|
||||||
config.setdefault("www", {})
|
config.setdefault("www", {
|
||||||
|
'allowed_origins': self.allowed_origins
|
||||||
|
})
|
||||||
|
|
||||||
for item in worker_config:
|
for item in worker_config:
|
||||||
cores = item.get("cores", 0)
|
cores = item.get("cores", 0)
|
||||||
|
|
|
@ -51,6 +51,12 @@ in
|
||||||
example = "buildbot.numtide.com";
|
example = "buildbot.numtide.com";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
allowedOrigins = lib.mkOption {
|
||||||
|
type = lib.types.listOf lib.types.str;
|
||||||
|
description = "Allowed origins for buildbot";
|
||||||
|
example = [ "*.mydomain.com" ];
|
||||||
|
};
|
||||||
|
|
||||||
signingKeyFile = lib.mkOption {
|
signingKeyFile = lib.mkOption {
|
||||||
type = lib.types.nullOr lib.types.path;
|
type = lib.types.nullOr lib.types.path;
|
||||||
description = "A path to a Nix signing key";
|
description = "A path to a Nix signing key";
|
||||||
|
@ -182,6 +188,7 @@ in
|
||||||
"${toString cfg.gerrit.port}",
|
"${toString cfg.gerrit.port}",
|
||||||
"${cfg.gerrit.privateKeyFile}",
|
"${cfg.gerrit.privateKeyFile}",
|
||||||
projects=${builtins.toJSON cfg.gerrit.projects},
|
projects=${builtins.toJSON cfg.gerrit.projects},
|
||||||
|
allowed_origins=${builtins.toJSON cfg.allowedOrigins},
|
||||||
url=${builtins.toJSON config.services.buildbot-master.buildbotUrl},
|
url=${builtins.toJSON config.services.buildbot-master.buildbotUrl},
|
||||||
nix_eval_max_memory_size=${builtins.toJSON cfg.evalMaxMemorySize},
|
nix_eval_max_memory_size=${builtins.toJSON cfg.evalMaxMemorySize},
|
||||||
nix_eval_worker_count=${if cfg.evalWorkerCount == null then "None" else builtins.toString cfg.evalWorkerCount},
|
nix_eval_worker_count=${if cfg.evalWorkerCount == null then "None" else builtins.toString cfg.evalWorkerCount},
|
||||||
|
|
Loading…
Reference in a new issue