git-sync: fix crash when whitespace in path

systemd rejects the service unit due to whitespace in the environment
variable assignment, pointing to the repo path, being invalid for
systemd's unit format.

See https://github.com/nix-community/home-manager/issues/6023 for
details.

The git-sync variable should also be escaped due to similar issues
with e.g. local git urls.
This commit is contained in:
RedEtherbloom 2024-10-31 21:55:36 +01:00 committed by Robert Helgesson
parent ee8ff6d53f
commit cd21d2e61b
Failed to generate hash of commit
4 changed files with 49 additions and 4 deletions

View file

@ -16,9 +16,9 @@ let
"PATH=${
lib.makeBinPath (with pkgs; [ openssh git ] ++ repo.extraPackages)
}"
"GIT_SYNC_DIRECTORY=${repo.path}"
"GIT_SYNC_DIRECTORY=${strings.escapeShellArg repo.path}"
"GIT_SYNC_COMMAND=${cfg.package}/bin/git-sync"
"GIT_SYNC_REPOSITORY=${repo.uri}"
"GIT_SYNC_REPOSITORY=${strings.escapeShellArg repo.uri}"
"GIT_SYNC_INTERVAL=${toString repo.interval}"
];
ExecStart = "${cfg.package}/bin/git-sync-on-inotify";

View file

@ -27,7 +27,7 @@
Environment=PATH=@openssh@/bin:/nix/store/00000000000000000000000000000000-git/bin
Environment=GIT_SYNC_DIRECTORY=/a/path
Environment=GIT_SYNC_COMMAND=@git-sync@/bin/git-sync
Environment=GIT_SYNC_REPOSITORY=git+ssh://user@example.com:/~user/path/to/repo.git
Environment=GIT_SYNC_REPOSITORY='git+ssh://user@example.com:/~user/path/to/repo.git'
Environment=GIT_SYNC_INTERVAL=500
ExecStart=@git-sync@/bin/git-sync-on-inotify
Restart=on-abort

View file

@ -1 +1,4 @@
{ git-sync = ./basic.nix; }
{
git-sync = ./basic.nix;
git-sync-with-whitespace = ./whitespace.nix;
}

View file

@ -0,0 +1,42 @@
{ config, ... }:
{
services.git-sync = {
enable = true;
package = config.lib.test.mkStubPackage { outPath = "@git-sync@"; };
repositories = {
testWithWhitespace = {
path = "/a path";
uri = "git+ssh://user@example.com:/~user/path to/repo.git";
};
};
};
test.stubs.openssh = { name = "openssh"; };
nmt.script = ''
serviceFile=home-files/.config/systemd/user/git-sync-testWithWhitespace.service
assertFileExists $serviceFile
serviceFile=$(normalizeStorePaths $serviceFile)
assertFileContent $serviceFile ${
builtins.toFile "expected" ''
[Install]
WantedBy=default.target
[Service]
Environment=PATH=@openssh@/bin:/nix/store/00000000000000000000000000000000-git/bin
Environment=GIT_SYNC_DIRECTORY='/a path'
Environment=GIT_SYNC_COMMAND=@git-sync@/bin/git-sync
Environment=GIT_SYNC_REPOSITORY='git+ssh://user@example.com:/~user/path to/repo.git'
Environment=GIT_SYNC_INTERVAL=500
ExecStart=@git-sync@/bin/git-sync-on-inotify
Restart=on-abort
[Unit]
Description=Git Sync testWithWhitespace
''
}
'';
}