Move shaarli passwords to secure location

Related issue: https://git.immae.eu/mantisbt/view.php?id=122
author: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-04-15 01:17:31 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-04-15 01:17:31 +0200
commit: 5f08b34c5247ee0c4de2a9264d059b69271e3473 (patch)
tree: b8a8db5ae02e9a8022e1e565c6f3f9deebd4687c /nixops/modules/websites/phpfpm
parent: a840a21c954be6342603ae7a45dde6c005761696 (diff)
download: Nix-5f08b34c5247ee0c4de2a9264d059b69271e3473.tar.gz
Nix-5f08b34c5247ee0c4de2a9264d059b69271e3473.tar.zst
Nix-5f08b34c5247ee0c4de2a9264d059b69271e3473.zip
1 files changed, 13 insertions, 0 deletions
diff --git a/nixops/modules/websites/phpfpm/default.nix b/nixops/modules/websites/phpfpm/default.nix
index 882babc..9c068bf 100644
--- a/nixops/modules/websites/phpfpm/default.nix
+++ b/nixops/modules/websites/phpfpm/default.nix
@@ -83,6 +83,18 @@ in {
        '';
      };
+      envFile = mkOption {
+        default = {};
+        type = types.attrsOf types.string;
+        example = literalExample ''
+          { mypool = "path/to/file";
+          }
+        '';
+        description = ''
+          Extra environment file go into the service script.
+        '';
+      };
      poolPhpConfigs = mkOption {
        default = {};
        type = types.attrsOf types.lines;
@@ -174,6 +186,7 @@ in {
          cfgFile = fpmCfgFile pool poolConfig;
          poolPhpIni = cfg.poolPhpConfigs.${pool} or "";
        in {
+          EnvironmentFile = if builtins.hasAttr pool cfg.envFile then [cfg.envFile.${pool}] else [];
          Slice = "phpfpm.slice";
          PrivateDevices = true;
          ProtectSystem = "full";
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-04-15 01:17:31 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-04-15 01:17:31 +0200
commit	5f08b34c5247ee0c4de2a9264d059b69271e3473 (patch)
tree	b8a8db5ae02e9a8022e1e565c6f3f9deebd4687c /nixops/modules/websites/phpfpm
parent	a840a21c954be6342603ae7a45dde6c005761696 (diff)
download	Nix-5f08b34c5247ee0c4de2a9264d059b69271e3473.tar.gz Nix-5f08b34c5247ee0c4de2a9264d059b69271e3473.tar.zst Nix-5f08b34c5247ee0c4de2a9264d059b69271e3473.zip

diff --git a/nixops/modules/websites/phpfpm/default.nix b/nixops/modules/websites/phpfpm/default.nix index 882babc..9c068bf 100644 --- a/nixops/modules/websites/phpfpm/default.nix +++ b/nixops/modules/websites/phpfpm/default.nix
@@ -83,6 +83,18 @@ in {
83	'';	83	'';
84	};	84	};
85		85
		86	envFile = mkOption {
		87	default = {};
		88	type = types.attrsOf types.string;
		89	example = literalExample ''
		90	{ mypool = "path/to/file";
		91	}
		92	'';
		93	description = ''
		94	Extra environment file go into the service script.
		95	'';
		96	};
		97
86	poolPhpConfigs = mkOption {	98	poolPhpConfigs = mkOption {
87	default = {};	99	default = {};
88	type = types.attrsOf types.lines;	100	type = types.attrsOf types.lines;
@@ -174,6 +186,7 @@ in {
174	cfgFile = fpmCfgFile pool poolConfig;	186	cfgFile = fpmCfgFile pool poolConfig;
175	poolPhpIni = cfg.poolPhpConfigs.${pool} or "";	187	poolPhpIni = cfg.poolPhpConfigs.${pool} or "";
176	in {	188	in {
		189	EnvironmentFile = if builtins.hasAttr pool cfg.envFile then [cfg.envFile.${pool}] else [];
177	Slice = "phpfpm.slice";	190	Slice = "phpfpm.slice";
178	PrivateDevices = true;	191	PrivateDevices = true;
179	ProtectSystem = "full";	192	ProtectSystem = "full";