Maximilian Bosch 02c3bd2187

nixos/gitea: set umask for secret creation ...

This ensures that newly created secrets will have the permissions
`0640`. With this change it's ensured that no sensitive information will
be word-readable at any time.

Related to #121293.

Strictly speaking this is a breaking change since each new directory
(including data-files) aren't world-readable anymore, but actually these
shouldn't be, unless there's a good reason for it.

2021-04-30 21:39:11 +02:00

..

config

nixos/users-groups: check format of passwd entries

2021-04-22 13:18:38 +00:00

hardware

Merge pull request #119706 from nyanotech/master

2021-04-24 03:49:09 +02:00

i18n/input-method

input methods: add kime

2021-04-19 03:05:07 +09:00

installer

nixos-install: fix flake command

2021-04-24 11:49:59 +02:00

misc

nixos/misc/ids: reclaim uid for disnix

2021-03-28 21:40:44 +02:00

profiles

nixos/hidepid: drop the module as the hidepid mount option is broken

2021-02-21 13:51:37 +01:00

programs

nixos/module: example referenced old ffmpeg

2021-04-30 09:43:18 +08:00

security

Merge pull request #116369 from m1cr0man/master

2021-03-23 21:31:42 +01:00

services

nixos/gitea: set umask for secret creation

2021-04-30 21:39:11 +02:00

system

Merge pull request #114637 from KaiHa/pr/fix-systemd-boot-builder

2021-04-25 11:35:00 +01:00

tasks

nixos/cpu-freq: fix typo in description

2021-04-21 22:03:18 +02:00

testing

treewide: use perl.withPackages when possible

2021-03-31 21:35:37 +02:00

virtualisation

nixos/hyperv: bail gracefully if device is missing

2021-04-29 09:37:17 +08:00

module-list.nix

init duckling service

2021-04-27 10:41:07 -07:00

rename.nix

quagga: remove

2021-04-22 12:48:48 +02:00