New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
restya-board: Restya board config fix #74763
Conversation
@nek0 the version of |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You should leave the option name as passwordFile
and correct the sed
call only. No more password
options which pollute the world readable nix store with secrets. Using file_get_contents
will allow the program to access the passwordFile
at runtime and keep the value secret+secure.
If you require any clarification on what I mean by this please do not hesitate to ask and I can provide more details.
@aanderse I think I can update the version of this package, I'm just unsure whether this requires a seperate pull request. |
@nek0 that is great to hear! Yes, a separate pull request would be great. Thank you! |
For newer restya-board version see pull request #74888. |
@aanderse Can you have a look at how I invoke the migration scripts? I don't particularly like my solution, but given the constraints I encountered it was the only option I found viable. |
Oh the program forces the sysadmin to manually manage migrations? The program has no option to do it for you? |
Unfortunately no. Restya-board seems to have no knowledge of its own installed version and I found no possibility to extract that information out of the nix store. |
That is unfortunate. In that case I worry this might be a bit too fragile to allow NixOS to run the migrations for the user... If some user skips a NixOS version and we bump Maybe best to add a note to the documentation? What does Given the problems associated with running database migrations in the module I'd ask that @uvNikita, @c0bw3b, and @ryantm reconsider the conclusion of requiring NixOS to run database migrations agreed upon in #49618 and potentially provide some feedback on this PR. |
Given the risks for failures and if upstream expects the migration to be an admin action, I'm ✔️ on not doing it automatically through the service module. |
Reverting and squashing done. Where do I put the notes on the upgrade process best, in the module, the package's meta-information or somewhere completely different? |
Yes it's sensible : a note in the longDescription of the package to warn nixpkgs users that updates may need manual actions + a message in the 20.03 release note for the module users from NixOS |
@nek0 seems like the only outstanding piece here is notes in the |
Yes. I can do that. Sorry for the delay. I had some RL issues... |
OK. I have created said notes in de65dc319ae, which belongs to #74888. |
@nek0 no problem at all. Thanks for looking at it! |
ok. squashed. |
I'm sorry, but it seems I made a mistake in the configuration file. I'm working on a fix right now. |
Motivation for this change
Configuration options for restya-board were broken.
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nix-review --run "nix-review wip"
./result/bin/
)nix path-info -S
before and after)Notify maintainers
cc @