@nek0 the version of restya-board we have in nixpkgs is over 2 years old and 7 releases behind. For a web application this is deeply concerning given the security implications. Do you have any interest and ability to look into bringing this package up to date?

@aanderse I think I can update the version of this package, I'm just unsure whether this requires a seperate pull request.
Concerning the password option, I will change that as you suggested.

@nek0 that is great to hear! Yes, a separate pull request would be great. Thank you!

For newer restya-board version see pull request #74888.

@aanderse Can you have a look at how I invoke the migration scripts? I don't particularly like my solution, but given the constraints I encountered it was the only option I found viable.

Oh the program forces the sysadmin to manually manage migrations? The program has no option to do it for you?

Unfortunately no. Restya-board seems to have no knowledge of its own installed version and I found no possibility to extract that information out of the nix store.
Here's the section on upgrading in restya-board's readme, which is basically just links to the sql-files to apply.

That is unfortunate. In that case I worry this might be a bit too fragile to allow NixOS to run the migrations for the user... If some user skips a NixOS version and we bump previousVersion the user would be in trouble. If the user installs a custom version they would be in trouble. Other unforeseen issues, potentially.

Maybe best to add a note to the documentation? What does restya-board do if you access the application without having run the most recent migration(s)?

Given the problems associated with running database migrations in the module I'd ask that @uvNikita, @c0bw3b, and @ryantm reconsider the conclusion of requiring NixOS to run database migrations agreed upon in #49618 and potentially provide some feedback on this PR.

Given the risks for failures and if upstream expects the migration to be an admin action, I'm ✔️ on not doing it automatically through the service module.
Provided we have a clear message about it in the release notes.

Thanks for your feedback @c0bw3b.

@nek0 can you please:

• drop your last commit
• squash the 2nd, 3rd, and 4th commits
• add some notes about database migrations being the responsibility of the sysadmin, including some links to upstream documentation

Thanks for all your hard work on this!

Reverting and squashing done. Where do I put the notes on the upgrade process best, in the module, the package's meta-information or somewhere completely different?

@nek0 possibly worth mention in the release notes (nixpkgs/nixos/doc/manual/release-notes/), but maybe even in the package or service definition as well. Seems like a pretty important thing we really want to make sure users don't miss. That make sense to you too @c0bw3b?

Yes it's sensible : a note in the longDescription of the package to warn nixpkgs users that updates may need manual actions + a message in the 20.03 release note for the module users from NixOS

@nek0 seems like the only outstanding piece here is notes in the meta.longDescription and release notes. Are you able to address this?

Yes. I can do that. Sorry for the delay. I had some RL issues...

OK. I have created said notes in de65dc319ae, which belongs to #74888.

@nek0 no problem at all. Thanks for looking at it!

@nek0 everything is sorted out on #74888 so there is no reason to hold this PR up anymore. Can you please squash this PR into a single commit and we'll merge it? Thank you for all your hard work on restya-board, you're great! 🎉

ok. squashed.

I'm sorry, but it seems I made a mistake in the configuration file. I'm working on a fix right now.