nixos/privacyidea: use `sudo(8)` that's configured via the module
(cherry picked from commit 69e75754d57b4c9785058d663daa3817745930aa)
This commit is contained in:
Maximilian Bosch
github-actions[bot]
parent
cedaaad5f5
commit
5a17bb5d2b
|
|
@ -228,7 +228,7 @@ in
|
||||||
path = with pkgs; [ openssl ];
|
path = with pkgs; [ openssl ];
|
||||||
environment.PRIVACYIDEA_CONFIGFILE = "${cfg.stateDir}/privacyidea.cfg";
|
environment.PRIVACYIDEA_CONFIGFILE = "${cfg.stateDir}/privacyidea.cfg";
|
||||||
preStart = let
|
preStart = let
|
||||||
pi-manage = "${pkgs.sudo}/bin/sudo -u privacyidea -HE ${penv}/bin/pi-manage";
|
pi-manage = "${config.security.sudo.package}/bin/sudo -u privacyidea -HE ${penv}/bin/pi-manage";
|
||||||
pgsu = config.services.postgresql.superUser;
|
pgsu = config.services.postgresql.superUser;
|
||||||
psql = config.services.postgresql.package;
|
psql = config.services.postgresql.package;
|
||||||
in ''
|
in ''
|
||||||
|
|
@ -239,8 +239,8 @@ in
|
||||||
-i "${piCfgFile}"
|
-i "${piCfgFile}"
|
||||||
chown ${cfg.user}:${cfg.group} ${cfg.stateDir}/privacyidea.cfg
|
chown ${cfg.user}:${cfg.group} ${cfg.stateDir}/privacyidea.cfg
|
||||||
if ! test -e "${cfg.stateDir}/db-created"; then
|
if ! test -e "${cfg.stateDir}/db-created"; then
|
||||||
${pkgs.sudo}/bin/sudo -u ${pgsu} ${psql}/bin/createuser --no-superuser --no-createdb --no-createrole ${cfg.user}
|
${config.security.sudo.package}/bin/sudo -u ${pgsu} ${psql}/bin/createuser --no-superuser --no-createdb --no-createrole ${cfg.user}
|
||||||
${pkgs.sudo}/bin/sudo -u ${pgsu} ${psql}/bin/createdb --owner ${cfg.user} privacyidea
|
${config.security.sudo.package}/bin/sudo -u ${pgsu} ${psql}/bin/createdb --owner ${cfg.user} privacyidea
|
||||||
${pi-manage} create_enckey
|
${pi-manage} create_enckey
|
||||||
${pi-manage} create_audit_keys
|
${pi-manage} create_audit_keys
|
||||||
${pi-manage} createdb
|
${pi-manage} createdb
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue