Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

matterbridge module: add configPath option as a workaround, waiting for nix encryption #39455

Merged
merged 1 commit into from
May 6, 2018
Merged

matterbridge module: add configPath option as a workaround, waiting for nix encryption #39455

merged 1 commit into from
May 6, 2018
+53 −31

Conversation

Ekleog
Copy link
Member

@Ekleog Ekleog commented Apr 24, 2018
edited
Loading

Motivation for this change

Waiting for NixOS/rfcs/pull/5 , files including secrets should not be set in the nix store, so adding a configPath option as workaround.

I've tested this PR with nixos-rebuild and nix-diff: with the same configuration, absolutely no change happens (apart from the nixos-version hash change). With configPath set, the parameter appears to be properly set.

I think that, as a security fix, this deserves backport to 18.03.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option build-use-sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

Sorry, something went wrong.

@GrahamcOfBorg GrahamcOfBorg added 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` labels Apr 24, 2018
@Ekleog Ekleog force-pushed the matterbridge-configfile branch from b38f6d5 to 4cc34a0 Compare April 24, 2018 23:23
@GrahamcOfBorg GrahamcOfBorg added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux labels Apr 24, 2018
@Ekleog
matterbridge module: add configPath option as a workaround, waiting f…

Verified

This commit was signed with the committer’s verified signature.
Ekleog Léo Gaspard
GPG key ID: 8A55848B6090F9CF
Verified
Learn about vigilant mode
e199143 
…or nix encryption
@Ekleog Ekleog force-pushed the matterbridge-configfile branch from 4cc34a0 to e199143 Compare April 24, 2018 23:39
@Ekleog
Copy link
Member Author

Ekleog commented Apr 24, 2018

For easy review, the diff is unexpectedly big due to my removing a useless mkMerge, which reduces indentation and generates a diff. The only real changes in the config section are the removal of the useless mkMerge, and the replacement of mkIf with optional in the users/groups definition.

@joachifm joachifm merged commit e97d8fc into NixOS:master May 6, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@Ekleog @joachifm @GrahamcOfBorg