colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gogs service: chmod 440 config file

Browse Source 
Directory which contains the config file /var/lib/gogs already
has mode 700 but users are liable to change these things.
This commit is contained in:
Rodney Lorrimar 2017-04-22 17:51:04 +01:00
parent 79d52bc26c
commit cfa1faa37c
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nixos/modules/services/misc/gogs.nix
View File

@ -178,16 +178,19 @@ in
wantedBy = [ "multi-user.target" ];
path = [ pkgs.gogs.bin ];
preStart = ''
preStart = let
runConfig = "${cfg.stateDir}/custom/conf/app.ini";
in ''
# copy custom configuration and generate a random secret key if needed
${optionalString (cfg.useWizard == false) ''
mkdir -p ${cfg.stateDir}/custom/conf
cp -f ${configFile} ${cfg.stateDir}/custom/conf/app.ini
cp -f ${configFile} ${runConfig}
KEY=$(head -c 16 /dev/urandom | base64)
DBPASS=$(head -n1 ${cfg.database.passwordFile})
sed -e "s,#secretkey#,$KEY,g" \
-e "s,#dbpass#,$DBPASS,g" \
-i ${cfg.stateDir}/custom/conf/app.ini
-i ${runConfig}
chmod 440 ${runConfig}
''}
mkdir -p ${cfg.repositoryRoot}