From d44699e9f8e989294c6ac68fd45a7a6319850838 Mon Sep 17 00:00:00 2001
From: h7x4 <h7x4@nani.wtf>
Date: Thu, 14 Aug 2025 20:41:15 +0200
Subject: [PATCH] WIP: fix import-gitea-users script

---
 hosts/kommode/services/gitea/import-users/default.nix      | 4 +++-
 .../services/gitea/import-users/gitea-import-users.py      | 7 ++++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/hosts/kommode/services/gitea/import-users/default.nix b/hosts/kommode/services/gitea/import-users/default.nix
index 609ef2e..421227a 100644
--- a/hosts/kommode/services/gitea/import-users/default.nix
+++ b/hosts/kommode/services/gitea/import-users/default.nix
@@ -11,7 +11,8 @@ in
 
   systemd.services.gitea-import-users = lib.mkIf cfg.enable {
     enable = true;
-    preStart=''${pkgs.rsync}/bin/rsync -e "${pkgs.openssh}/bin/ssh -o UserKnownHostsFile=$CREDENTIALS_DIRECTORY/ssh-known-hosts -i $CREDENTIALS_DIRECTORY/sshkey" -a pvv@smtp.pvv.ntnu.no:/etc/passwd /tmp/passwd-import'';
+    preStart=''${pkgs.rsync}/bin/rsync -e "${pkgs.openssh}/bin/ssh -o UserKnownHostsFile=$CREDENTIALS_DIRECTORY/ssh-known-hosts -i $CREDENTIALS_DIRECTORY/sshkey" -a pvv@smtp.pvv.ntnu.no:/etc/passwd /run/gitea-import-users/passwd'';
+    environment.PASSWD_FILE_PATH = "/run/gitea-import-users/passwd";
     serviceConfig = {
       ExecStart = pkgs.writers.writePython3 "gitea-import-users" {
         flakeIgnore = [
@@ -25,6 +26,7 @@ in
       ];
       DynamicUser="yes";
       EnvironmentFile=config.sops.secrets."gitea/import-user-env".path;
+      RuntimeDirectory = "gitea-import-users";
     };
   };
 
diff --git a/hosts/kommode/services/gitea/import-users/gitea-import-users.py b/hosts/kommode/services/gitea/import-users/gitea-import-users.py
index 35f8b9d..57eca30 100644
--- a/hosts/kommode/services/gitea/import-users/gitea-import-users.py
+++ b/hosts/kommode/services/gitea/import-users/gitea-import-users.py
@@ -17,6 +17,10 @@ GITEA_API_URL = os.getenv('GITEA_API_URL')
 if GITEA_API_URL is None:
     GITEA_API_URL = 'https://git.pvv.ntnu.no/api/v1'
 
+PASSWD_FILE_PATH = os.getenv('PASSWD_FILE_PATH')
+if PASSWD_FILE_PATH is None:
+    PASSWD_FILE_PATH = '/tmp/passwd-import'
+
 
 def gitea_list_all_users() -> dict[str, dict[str, any]] | None:
     r = requests.get(
@@ -187,7 +191,8 @@ def main():
     if existing_users is None:
         exit(1)
 
-    for username, name in passwd_file_parser("/tmp/passwd-import"):
+    print(f"Reading passwd entries from {PASSWD_FILE_PATH}")
+    for username, name in passwd_file_parser(PASSWD_FILE_PATH):
         print(f"Processing {username}")
         add_or_patch_gitea_user(username, name, existing_users)
         for org, team_name in COMMON_USER_TEAMS: