infra/pkgs/forgejo/default.nix

41 lines
2.3 KiB
Nix
Raw Permalink Normal View History

2024-07-12 20:06:26 +00:00
{ forgejo }:
forgejo.overrideAttrs (prev: {
patches = [
# Branch divergence calculations for a single branch may take 100-200ms on something as big
# as nixpkgs. The branch view defaults to 20 branches for each page, taking roughtly 3s to
# calculate each branch sequentially and render, while consuming a single core at 100%.
# The idea is to look into making this less expensive or async.
# But for now, to get this going, we will simply drop that metric.
./branch-view_remove-expensive-commit-divergence-metric.patch
# This is literally broken and eats resources for nothing of value.
# We should upstream this.
# The tl;dr is: It calculates the nearest branch for the requested commit at
# /:owner/:repo/commit/:commit to use it as the default cherry-pick target branch
# selection in a drop-down only users with commit perms can actually view and use.
# It's expensive to calculate and happens on every request to /commit/:commit.
# To add insult to injury, it's hardly of any use: The nearest branch of a commit
# will almost always be a branch that already carries the commit. The branch you
# most likely don't want to cherry-pick to.
./commit-view_fix-broken-and-expensive-cherry-pick-default-branch-selection.patch
# Disable various /:owner/:repo/activity/ sub-views. They are expensive, which is
# totally fine and expected. There is even proper caching in place.
# However, on a scale of nixpkgs, those calculations take ages, while, of course,
# pinning a single CPU core at 100%.
# For now, we will simply disable this feature.
# Due to the 501 status code it returns, the frontend prints a "Not implemented"
# error, saving us from patching the frontend while still providing a helpful
# user-facing error text.
# It should be noted that this particular status code has the downside of being
# in the 5xx range, meaning it will show up as such in our prometheus metrics.
./disable-expensive-repository-activity-stats.patch
# Migrations and pull-mirrors are something easily abused to bring a public instance to a complete halt.
# Both features can be disabled via repository.DISABLE_MIGRATIONS and mirror.ENABLE, but we want to keep
# this functionality for admins.
./limit-migrations-and-pull-mirrors-to-admins.patch
];
})