[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: WIP gnu social package
|
From: |
nee |
|
Subject: |
Re: WIP gnu social package |
|
Date: |
Sun, 26 Nov 2017 21:18:47 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 |
Hey, I haven't done anything on this lately, but the php-fpm service is
probably getting accepted soon, so I might start working on this again.
Am 05.10.2017 um 17:00 schrieb Ludovic Courtès:
> For this particular case, I would do nothing: the first time, the
> service wouldn’t start (I guess). Users would have to explicitly set
> the passwords on the command line, and then run “herd start gnu-social”.
>
The advantage of using a service is the easy setup with mysql and the
gnu-social-cli-installer, otherwise people could just run nginx and
clone gnu social to /srv/gnu-social/ and manually create the database
like you would on Debian.
I saw that NixOS has something called passwordFile.
https://github.com/NixOS/nixpkgs/issues/24288
I haven't found any details about it, but it seems like a text file from
which passwords can be read during `system reconfigure`.
As a start I could add a password-file field to the configuration of
gnu-social and read an alist of passwords from it during initialization.
That could later be extended by generating it with randomized passwords
if it doesn't exist to maximize the ease of installation.
>> - The password of the database-user ends up in the config.php which is
>> generated by mixed-text-file. This file can be read by everyone. Can I
>> somehow set the owner on it and remove the reading rights from other
>> users?
>
> No, the store is world-readable. If there are secrets, they should be
> stored elsewhere, but there’s currently no standard way to do that in
> Guix.
>
Could a function in guix/gexp.scm be modified to generate a file outside
of the store?
- Re: WIP gnu social package,
nee <=