indico: use files for passwords
Signed-off-by: Jeltz <jeltz@federez.net>
This commit is contained in:
parent
dd2afc2cfb
commit
2f93570ac4
GPG key ID:
800882B66C0C3326
3 changed files with 120 additions and 13 deletions
|
|
@ -8,8 +8,8 @@
|
|||
|
||||
let
|
||||
cfg = config.services.indico;
|
||||
pythonFmt = pkgs.formats.pythonVars { };
|
||||
yamlFmt = pkgs.formats.yaml {};
|
||||
pythonFmt = pkgs.callPackage ../pkgs/python-vars-with-env { };
|
||||
indico = pkgs.callPackage ../pkgs/indico { };
|
||||
pythonEnv = pkgs.python3.withPackages (ps: [
|
||||
(ps.toPythonModule indico)
|
||||
|
|
@ -41,7 +41,7 @@ let
|
|||
ldapConfig = {
|
||||
uri = cfg.ldap.uri;
|
||||
bind_dn = cfg.ldap.bindDN;
|
||||
bind_password = cfg.ldap.bindPassword;
|
||||
bind_password = pythonFmt.mkReadFile cfg.ldap.bindPasswordFile;
|
||||
timeout = 30;
|
||||
verify_cert = true;
|
||||
page_size = 1500;
|
||||
|
|
@ -72,7 +72,7 @@ let
|
|||
CELERY_BROKER = cfg.celeryBrokerRedis;
|
||||
USE_PROXY = true;
|
||||
BASE_URL = cfg.baseUrl;
|
||||
SECRET_KEY = cfg.secretKey;
|
||||
SECRET_KEY = pythonFmt.mkReadFile cfg.secretKeyFile;
|
||||
LOGGING_CONFIG_FILE = loggingFile;
|
||||
NO_REPLY_EMAIL = cfg.email.noReply;
|
||||
SUPPORT_EMAIL = cfg.email.support;
|
||||
|
|
@ -80,7 +80,7 @@ let
|
|||
PUBLIC_SUPPORT_EMAIL = cfg.email.publicSupport;
|
||||
SMTP_SERVER = [ cfg.email.smtp.host cfg.email.smtp.port ];
|
||||
SMTP_LOGIN = cfg.email.smtp.login;
|
||||
SMTP_PASSWORD = cfg.email.smtp.password;
|
||||
SMTP_PASSWORD = pythonFmt.mkReadFile cfg.email.smtp.passwordFile;
|
||||
SMTP_USE_TLS = cfg.email.smtp.useTLS;
|
||||
} // lib.optionalAttrs (cfg.ldap != null) {
|
||||
AUTH_PROVIDERS = {
|
||||
|
|
@ -169,16 +169,16 @@ in {
|
|||
description = "SMTP login.";
|
||||
};
|
||||
|
||||
password = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "SMTP password.";
|
||||
passwordFile = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
description = "SMTP password file.";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
secretKey = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Secret key.";
|
||||
secretKeyFile = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
description = "Secret key file.";
|
||||
};
|
||||
|
||||
baseUrl = lib.mkOption {
|
||||
|
|
@ -285,9 +285,9 @@ in {
|
|||
description = "LDAP server bind DN.";
|
||||
};
|
||||
|
||||
bindPassword = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "LDAP server bind password.";
|
||||
bindPasswordFile = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
description = "LDAP server bind password file.";
|
||||
};
|
||||
|
||||
uid = lib.mkOption {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue