Update nixos/modules/services/continuous-integration/github-runner.nix
Co-authored-by: Vincent Haupert <mail@vincent-haupert.de>
This commit is contained in:
parent
0b67081ad8
commit
cf1b952988
@ -18,7 +18,7 @@ in
|
|||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
warnings = optionals (isStorePath cfg.tokenFile) [
|
warnings = optionals (isStorePath cfg.tokenFile) [
|
||||||
''
|
''
|
||||||
`services.${svgName}.tokenFile` points to the Nix store and, therefore, is world-readable.
|
`services.${svcName}.tokenFile` points to the Nix store and, therefore, is world-readable.
|
||||||
Consider using a path outside of the Nix store to keep the token private.
|
Consider using a path outside of the Nix store to keep the token private.
|
||||||
''
|
''
|
||||||
];
|
];
|
||||||
|
Loading…
Reference in New Issue
Block a user