MirrorHub/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-16 14:54:29 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

nixos/redmine: remove database.password option

Browse source
This commit is contained in:
Aaron Andersen 2020-08-25 11:55:06 -04:00
parent 6cf743e52d
commit a7c69047df
1 changed files with 4 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
nixos/modules/services/misc/redmine.nix
View file

@ -43,6 +43,7 @@ in
{ {
imports = [ imports = [
(mkRemovedOptionModule [ "services" "redmine" "extraConfig" ] "Use services.redmine.settings instead.") (mkRemovedOptionModule [ "services" "redmine" "extraConfig" ] "Use services.redmine.settings instead.")
(mkRemovedOptionModule [ "services" "redmine" "database" "password" ] "Use services.redmine.database.passwordFile instead.")
]; ];
# interface # interface
@ -177,16 +178,6 @@ in
description = "Database user."; description = "Database user.";
}; };
password = mkOption {
type = types.str;
default = "";
description = ''
The password corresponding to <option>database.user</option>.
Warning: this is stored in cleartext in the Nix store!
Use <option>database.passwordFile</option> instead.
'';
};
passwordFile = mkOption { passwordFile = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
@ -221,8 +212,8 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
assertions = [ assertions = [
{ assertion = cfg.database.passwordFile != null || cfg.database.password != "" || cfg.database.socket != null; { assertion = cfg.database.passwordFile != null || cfg.database.socket != null;
message = "one of services.redmine.database.socket, services.redmine.database.passwordFile, or services.redmine.database.password must be set"; message = "one of services.redmine.database.socket or services.redmine.database.passwordFile must be set";
} }
{ assertion = cfg.database.createLocally -> cfg.database.user == cfg.user; { assertion = cfg.database.createLocally -> cfg.database.user == cfg.user;
message = "services.redmine.database.user must be set to ${cfg.user} if services.redmine.database.createLocally is set true"; message = "services.redmine.database.user must be set to ${cfg.user} if services.redmine.database.createLocally is set true";
@ -346,7 +337,7 @@ in
# handle database.passwordFile & permissions # handle database.passwordFile & permissions
DBPASS=$(head -n1 ${cfg.database.passwordFile}) DBPASS=${optionalString (cfg.database.passwordFile != null) "$(head -n1 ${cfg.database.passwordFile})"}
cp -f ${databaseYml} "${cfg.stateDir}/config/database.yml" cp -f ${databaseYml} "${cfg.stateDir}/config/database.yml"
sed -e "s,#dbpass#,$DBPASS,g" -i "${cfg.stateDir}/config/database.yml" sed -e "s,#dbpass#,$DBPASS,g" -i "${cfg.stateDir}/config/database.yml"
chmod 440 "${cfg.stateDir}/config/database.yml" chmod 440 "${cfg.stateDir}/config/database.yml"
@ -387,17 +378,6 @@ in
redmine.gid = config.ids.gids.redmine; redmine.gid = config.ids.gids.redmine;
}; };
warnings = optional (cfg.database.password != "")
''config.services.redmine.database.password will be stored as plaintext
in the Nix store. Use database.passwordFile instead.'';
# Create database passwordFile default when password is configured.
services.redmine.database.passwordFile =
(mkDefault (toString (pkgs.writeTextFile {
name = "redmine-database-password";
text = cfg.database.password;
})));
}; };
} }