public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gogs service: generate the secret key only once, then reuse

Browse Source
This commit is contained in:
Rodney Lorrimar 2017-04-23 15:02:08 +01:00
parent cfa1faa37c
commit 0e90a05a52
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
nixos/modules/services/misc/gogs.nix
View File

@ -180,17 +180,23 @@ in
preStart = let preStart = let
runConfig = "${cfg.stateDir}/custom/conf/app.ini"; runConfig = "${cfg.stateDir}/custom/conf/app.ini";
secretKey = "${cfg.stateDir}/custom/conf/secret_key";
in '' in ''
# copy custom configuration and generate a random secret key if needed # copy custom configuration and generate a random secret key if needed
${optionalString (cfg.useWizard == false) '' ${optionalString (cfg.useWizard == false) ''
mkdir -p ${cfg.stateDir}/custom/conf mkdir -p ${cfg.stateDir}/custom/conf
cp -f ${configFile} ${runConfig} cp -f ${configFile} ${runConfig}
KEY=$(head -c 16 /dev/urandom | base64)
if [ ! -e ${secretKey} ]; then
head -c 16 /dev/urandom | base64 > ${secretKey}
fi
KEY=$(head -n1 ${secretKey})
DBPASS=$(head -n1 ${cfg.database.passwordFile}) DBPASS=$(head -n1 ${cfg.database.passwordFile})
sed -e "s,#secretkey#,$KEY,g" \ sed -e "s,#secretkey#,$KEY,g" \
-e "s,#dbpass#,$DBPASS,g" \ -e "s,#dbpass#,$DBPASS,g" \
-i ${runConfig} -i ${runConfig}
chmod 440 ${runConfig} chmod 440 ${runConfig} ${secretKey}
''} ''}
mkdir -p ${cfg.repositoryRoot} mkdir -p ${cfg.repositoryRoot}