back round 0 view raw

nix/appview: add enviroment file option #456

merged
opened by isabelroses.com targeting master from isabelroses.com/core: module-secrest
options
unified split
Changed files
+14
nix
modules
appview.nix
+14
nix/modules/appview.nix 
···

       
27

       
27

       
 

       
          default = "00000000000000000000000000000000";


     

       
28

       
28

       
 

       
          description = "Cookie secret";


     

       
29

       
29

       
 

       
        };


     

       

       
30

       
+

       
        environmentFile = mkOption {


     

       

       
31

       
+

       
          type = with types; nullOr path;


     

       

       
32

       
+

       
          default = null;


     

       

       
33

       
+

       
          example = "/etc/tangled-appview.env";


     

       

       
34

       
+

       
          description = ''


     

       

       
35

       
+

       
            Additional environment file as defined in {manpage}`systemd.exec(5)`.


     

       

       
36

       
+

       



     

       

       
37

       
+

       
            Sensitive secrets such as {env}`TANGLED_COOKIE_SECRET` may be


     

       

       
38

       
+

       
            passed to the service without makeing them world readable in the


     

       

       
39

       
+

       
            nix store.


     

       

       
40

       
+

       



     

       

       
41

       
+

       
          '';


     

       

       
42

       
+

       
        };


     

       
30

       
43

       
 

       
      };


     

       
31

       
44

       
 

       
    };


     

       
32

       
45

       
 

       



     
···

       
39

       
52

       
 

       
          ListenStream = "0.0.0.0:${toString cfg.port}";


     

       
40

       
53

       
 

       
          ExecStart = "${cfg.package}/bin/appview";


     

       
41

       
54

       
 

       
          Restart = "always";


     

       

       
55

       
+

       
          EnvironmentFile = optional (cfg.environmentFile != null) cfg.environmentFile;


     

       
42

       
56

       
 

       
        };


     

       
43

       
57

       
 

       



     

       
44

       
58

       
 

       
        environment = {