pyrox.dev / nixpkgs
lol
fork atom

nixos/syncthing: get API key for every curl request

Fixes #260262.

Doron Behar 79c78d68 b9b120c6

options
unified split
Changed files
+17 -19
nixos
modules
services
networking
syncthing.nix
tests
syncthing-many-devices.nix
+8 -10
nixos/modules/services/networking/syncthing.nix 
···

       
36

       
36

       
 

       
    # be careful not to leak secrets in the filesystem or in process listings


     

       
37

       
37

       
 

       
    umask 0077


     

       
38

       
38

       
 

       



     

       
39

       

       
-

       
    # get the api key by parsing the config.xml


     

       
40

       

       
-

       
    while


     

       
41

       

       
-

       
        ! ${pkgs.libxml2}/bin/xmllint \


     

       
42

       

       
-

       
            --xpath 'string(configuration/gui/apikey)' \


     

       
43

       

       
-

       
            ${cfg.configDir}/config.xml \


     

       
44

       

       
-

       
            >"$RUNTIME_DIRECTORY/api_key"


     

       
45

       

       
-

       
    do sleep 1; done


     

       
46

       

       
-

       



     

       
47

       

       
-

       
    (printf "X-API-Key: "; cat "$RUNTIME_DIRECTORY/api_key") >"$RUNTIME_DIRECTORY/headers"


     

       
48

       

       
-

       



     

       
49

       
39

       
 

       
    curl() {


     

       

       
40

       
+

       
        # get the api key by parsing the config.xml


     

       

       
41

       
+

       
        while


     

       

       
42

       
+

       
            ! ${pkgs.libxml2}/bin/xmllint \


     

       

       
43

       
+

       
                --xpath 'string(configuration/gui/apikey)' \


     

       

       
44

       
+

       
                ${cfg.configDir}/config.xml \


     

       

       
45

       
+

       
                >"$RUNTIME_DIRECTORY/api_key"


     

       

       
46

       
+

       
        do sleep 1; done


     

       

       
47

       
+

       
        (printf "X-API-Key: "; cat "$RUNTIME_DIRECTORY/api_key") >"$RUNTIME_DIRECTORY/headers"


     

       
50

       
48

       
 

       
        ${pkgs.curl}/bin/curl -sSLk -H "@$RUNTIME_DIRECTORY/headers" \


     

       
51

       
49

       
 

       
            --retry 1000 --retry-delay 1 --retry-all-errors \


     

       
52

       
50

       
 

       
            "$@"
+9 -9
nixos/tests/syncthing-many-devices.nix 
···

       
117

       
117

       
 

       



     

       
118

       
118

       
 

       
    export RUNTIME_DIRECTORY=/tmp


     

       
119

       
119

       
 

       



     

       
120

       

       
-

       
    # get the api key by parsing the config.xml


     

       
121

       

       
-

       
    while


     

       
122

       

       
-

       
        ! ${pkgs.libxml2}/bin/xmllint \


     

       
123

       

       
-

       
            --xpath 'string(configuration/gui/apikey)' \


     

       
124

       

       
-

       
            ${configPath} \


     

       
125

       

       
-

       
            >"$RUNTIME_DIRECTORY/api_key"


     

       
126

       

       
-

       
    do sleep 1; done


     

       

       
120

       
+

       
    curl() {


     

       

       
121

       
+

       
        # get the api key by parsing the config.xml


     

       

       
122

       
+

       
        while


     

       

       
123

       
+

       
            ! ${pkgs.libxml2}/bin/xmllint \


     

       

       
124

       
+

       
                --xpath 'string(configuration/gui/apikey)' \


     

       

       
125

       
+

       
                ${configPath} \


     

       

       
126

       
+

       
                >"$RUNTIME_DIRECTORY/api_key"


     

       

       
127

       
+

       
        do sleep 1; done


     

       
127

       
128

       
 

       



     

       
128

       

       
-

       
    (printf "X-API-Key: "; cat "$RUNTIME_DIRECTORY/api_key") >"$RUNTIME_DIRECTORY/headers"


     

       

       
129

       
+

       
        (printf "X-API-Key: "; cat "$RUNTIME_DIRECTORY/api_key") >"$RUNTIME_DIRECTORY/headers"


     

       
129

       
130

       
 

       



     

       
130

       

       
-

       
    curl() {


     

       
131

       
131

       
 

       
        ${pkgs.curl}/bin/curl -sSLk -H "@$RUNTIME_DIRECTORY/headers" \


     

       
132

       
132

       
 

       
            --retry 1000 --retry-delay 1 --retry-all-errors \


     

       
133

       
133

       
 

       
            "$@"