From 04e748e61fd8613cc35a5966eb51cfaa2a633be2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= <bjorn.forsman@gmail.com>
Date: Tue, 6 Oct 2015 21:41:13 +0200
Subject: [PATCH] nixos/jenkins: reduce default environment
Don't pull in all of environment.sessionVariables, only add what's
needed for nix and HTTPS to work (which was the point of the previous
patch).
---
.../jenkins/default.nix | 28 +++++++++++++------
1 file changed, 19 insertions(+), 9 deletions(-)
diff --git a/nixos/modules/services/continuous-integration/jenkins/default.nix b/nixos/modules/services/continuous-integration/jenkins/default.nix
index cf13c73ab4df..7a118ac72071 100644
--- a/nixos/modules/services/continuous-integration/jenkins/default.nix
+++ b/nixos/modules/services/continuous-integration/jenkins/default.nix
@@ -69,10 +69,11 @@ in {
type = with types; attrsOf str;
description = ''
Additional environment variables to be passed to the jenkins process.
- This setting will merge with everything in
- <option>config.environment.sessionVariables</option>,
- JENKINS_HOME and NIX_REMOTE. This option takes precedence and can
- override any previously set environment variable.
+ As a base environment, jenkins receives NIX_PATH, SSL_CERT_FILE and
+ GIT_SSL_CAINFO from <option>environment.sessionVariables</option>,
+ NIX_REMOTE is set to "daemon" and JENKINS_HOME is set to
+ the value of <option>services.jenkins.home</option>. This option has
+ precedence and can be used to override those mentioned variables.
'';
};
@@ -110,11 +111,20 @@ in {
wantedBy = [ "multi-user.target" ];
environment =
- config.environment.sessionVariables //
- { JENKINS_HOME = cfg.home;
- NIX_REMOTE = "daemon";
- } //
- cfg.environment;
+ let
+ selectedSessionVars =
+ lib.filterAttrs (n: v: builtins.elem n
+ [ "NIX_PATH"
+ "SSL_CERT_FILE"
+ "GIT_SSL_CAINFO"
+ ])
+ config.environment.sessionVariables;
+ in
+ selectedSessionVars //
+ { JENKINS_HOME = cfg.home;
+ NIX_REMOTE = "daemon";
+ } //
+ cfg.environment;
path = cfg.packages;