Simplify the credentials configuration step
This commit is contained in:
parent
a476bcf809
commit
9e3c25c775
|
@ -73,7 +73,9 @@ let
|
|||
path = basePackages ++ path;
|
||||
};
|
||||
|
||||
credentialsSpec = if credentials == {} || forceDisableUserChange then null else createCredentials credentials;
|
||||
credentialsSpec = credentialsSpec = util.createCredentialsOrNull {
|
||||
inherit createCredentials credentials forceDisableUserChange;
|
||||
};
|
||||
|
||||
_user = util.determineUser {
|
||||
inherit user forceDisableUserChange;
|
||||
|
|
|
@ -228,7 +228,9 @@ let
|
|||
'';
|
||||
};
|
||||
|
||||
credentialsSpec = if credentials == {} || forceDisableUserChange then null else createCredentials credentials;
|
||||
credentialsSpec = util.createCredentialsOrNull {
|
||||
inherit createCredentials credentials forceDisableUserChange;
|
||||
};
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
inherit name;
|
||||
|
|
|
@ -9,7 +9,9 @@
|
|||
}:
|
||||
|
||||
let
|
||||
credentialsSpec = if credentials == {} || forceDisableUserChange then null else createCredentials credentials;
|
||||
credentialsSpec = credentialsSpec = util.createCredentialsOrNull {
|
||||
inherit createCredentials credentials forceDisableUserChange;
|
||||
};
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
inherit name;
|
||||
|
|
|
@ -88,7 +88,9 @@ let
|
|||
'';
|
||||
};
|
||||
|
||||
credentialsSpec = if credentials == {} || forceDisableUserChange then null else createCredentials credentials;
|
||||
credentialsSpec = util.createCredentialsOrNull {
|
||||
inherit createCredentials credentials forceDisableUserChange;
|
||||
};
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
inherit name;
|
||||
|
|
|
@ -63,7 +63,9 @@ let
|
|||
) (builtins.attrNames properties);
|
||||
};
|
||||
|
||||
credentialsSpec = if credentials == {} || forceDisableUserChange then null else createCredentials credentials;
|
||||
credentialsSpec = util.createCredentialsOrNull {
|
||||
inherit createCredentials credentials forceDisableUserChange;
|
||||
};
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
inherit name priority;
|
||||
|
|
|
@ -100,7 +100,9 @@ let
|
|||
'';
|
||||
};
|
||||
|
||||
credentialsSpec = if credentials == {} || forceDisableUserChange then null else createCredentials credentials;
|
||||
credentialsSpec = util.createCredentialsOrNull {
|
||||
inherit createCredentials credentials forceDisableUserChange;
|
||||
};
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
name = "${prefix}${name}";
|
||||
|
|
|
@ -240,7 +240,9 @@ let
|
|||
if number < 10 then "0${toString number}"
|
||||
else toString number;
|
||||
|
||||
credentialsSpec = if credentials == {} || forceDisableUserChange then null else createCredentials credentials;
|
||||
credentialsSpec = util.createCredentialsOrNull {
|
||||
inherit createCredentials credentials forceDisableUserChange;
|
||||
};
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
inherit name;
|
||||
|
|
|
@ -77,4 +77,11 @@ rec {
|
|||
in
|
||||
if user == null then invocation
|
||||
else "${su} ${user} -c ${lib.escapeShellArgs [ invocation ]}";
|
||||
|
||||
/*
|
||||
* Creates credential configuration files for users and groups, or returns
|
||||
* null if user changing was disabled.
|
||||
*/
|
||||
createCredentialsOrNull = {createCredentials, credentials, forceDisableUserChange}:
|
||||
if credentials == {} || forceDisableUserChange then null else createCredentials credentials;
|
||||
}
|
||||
|
|
|
@ -25,6 +25,11 @@ let
|
|||
exprFile = ../examples/webapps-agnostic/processes.nix;
|
||||
};
|
||||
|
||||
processesEnvAutoUnprivileged = import ../nixproc/create-managed-process/supervisord/build-supervisord-env.nix {
|
||||
exprFile = ../examples/webapps-agnostic/processes.nix;
|
||||
forceDisableUserChange = true;
|
||||
};
|
||||
|
||||
processesEnvAdvanced = import ../nixproc/create-managed-process/supervisord/build-supervisord-env.nix {
|
||||
exprFile = ../examples/webapps-agnostic/processes-advanced.nix;
|
||||
};
|
||||
|
@ -44,7 +49,16 @@ makeTest {
|
|||
{pkgs, ...}:
|
||||
|
||||
{
|
||||
virtualisation.pathsInNixDB = [ pkgs.stdenv ] ++ pkgs.coreutils.all ++ [ supervisordProcessEnv processesEnvForeground processesEnvDaemon processesEnvAuto processesEnvAdvanced processesEnvEmpty ];
|
||||
virtualisation.pathsInNixDB = [ pkgs.stdenv ] ++ pkgs.coreutils.all ++ [
|
||||
supervisordProcessEnv
|
||||
processesEnvForeground
|
||||
processesEnvDaemon
|
||||
processesEnvAuto
|
||||
processesEnvAutoUnprivileged
|
||||
processesEnvAdvanced
|
||||
processesEnvEmpty
|
||||
];
|
||||
|
||||
virtualisation.writableStore = true;
|
||||
virtualisation.memorySize = 1024;
|
||||
|
||||
|
|
Loading…
Reference in New Issue