From 2b076f8ce49545dbf1713bd498c2ec49a6bdeae3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?m=C3=BCde?= Date: Sun, 17 May 2026 00:42:03 +0200 Subject: [PATCH] forge: pass --work-path to admin CLI so app.ini is found without --work-path, forgejo's admin CLI defaults WorkPath to the binary's directory (RO nix store), can't find custom/conf/app.ini there, falls back to defaults, and F3 init mkdir-fails inside the store. systemd unit sets WORK_PATH for the daemon; mirror it here for every nixos-container-driven 'forgejo admin' invocation. --- hive-c0re/src/forge.rs | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/hive-c0re/src/forge.rs b/hive-c0re/src/forge.rs index 3014dce..d969776 100644 --- a/hive-c0re/src/forge.rs +++ b/hive-c0re/src/forge.rs @@ -66,7 +66,26 @@ async fn forge_admin(args: &[&str]) -> Result { // `runuser` (util-linux, always present in a NixOS container) // beats `sudo` here — sudo isn't installed unless `security.sudo` // is enabled, and we don't want to depend on that. - cmd.args(["run", FORGE_CONTAINER, "--", "runuser", "-u", "forgejo", "--", "forgejo", "admin"]); + // + // `--work-path` is mandatory: without it, the admin CLI defaults + // WorkPath to `dirname(executable)` (a RO nix-store path), then + // looks for `/custom/conf/app.ini` which doesn't + // exist, falls back to defaults, and F3 init tries to mkdir + // under the nix store and fatals. The systemd unit sets + // WORK_PATH for the daemon; we mirror it here for the CLI. + cmd.args([ + "run", + FORGE_CONTAINER, + "--", + "runuser", + "-u", + "forgejo", + "--", + "forgejo", + "--work-path", + "/var/lib/forgejo", + "admin", + ]); cmd.args(args); let out = cmd .output()