public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/gitolite: don't leak nix store hash into gitolite-admin username/key

Browse Source 
It doesn't look good when the initial admin user is named
"<hash>-gitolite-admin" and the key stored as
"<hash>-gitolite-admin.pub". Instead, make it simply "gitolite-admin"
and "gitolite-admin.pub".
This commit is contained in:
Bjørn Forsman 2017-09-12 10:44:21 +02:00
parent 58c2967c46
commit 6b9ee30672
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nixos/modules/services/misc/gitolite.nix
View File

@ -4,7 +4,8 @@ with lib;
let let
cfg = config.services.gitolite; cfg = config.services.gitolite;
pubkeyFile = pkgs.writeText "gitolite-admin.pub" cfg.adminPubkey; # Use writeTextDir to not leak Nix store hash into file name
pubkeyFile = (pkgs.writeTextDir "gitolite-admin.pub" cfg.adminPubkey) + "/gitolite-admin.pub";
hooks = lib.concatMapStrings (hook: "${hook} ") cfg.commonHooks; hooks = lib.concatMapStrings (hook: "${hook} ") cfg.commonHooks;
in in
{ {