From 3709d040a5242763014df5d088b34494aef8e370 Mon Sep 17 00:00:00 2001
From: Matt Nish-Lapidus <matt@emenel.ca>
Date: Sun, 13 Apr 2025 15:14:41 -0400
Subject: [PATCH] server

---
 modules/system/forgejo.nix | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/modules/system/forgejo.nix b/modules/system/forgejo.nix
index 1e9f53e..57eb876 100644
--- a/modules/system/forgejo.nix
+++ b/modules/system/forgejo.nix
@@ -45,6 +45,24 @@
     # };
   };
 
+  environment.systemPackages = let
+    cfg = config.services.forgejo;
+    forgejo-cli = pkgs.writeScriptBin "forgejo-cli" ''
+      #!${pkgs.runtimeShell}
+      cd ${cfg.stateDir}
+      sudo=exec
+      if [[ "$USER" != forgejo ]]; then
+        sudo='exec /run/wrappers/bin/sudo -u ${cfg.user} -g ${cfg.group} --preserve-env=GITEA_WORK_DIR --preserve-env=GITEA_CUSTOM'
+      fi
+      # Note that these variable names will change
+      export GITEA_WORK_DIR=${cfg.stateDir}
+      export GITEA_CUSTOM=${cfg.customDir}
+      $sudo ${lib.getExe cfg.package} "$@"
+  '';
+  in [
+    forgejo-cli
+  ];
+
   sops.secrets.forgejoemenel.owner = "forgejo";
   systemd.services.forgejo.preStart = let
     adminCmd = "${lib.getExe pkgs.forgejo} admin user";