diff options
author | Felix Buehler <account@buehler.rocks> | 2024-01-20 17:33:00 +0100 |
---|---|---|
committer | Felix Buehler <account@buehler.rocks> | 2024-01-20 21:01:51 +0100 |
commit | c34493d7c0a1edbcc028d34941f0807b5255f338 (patch) | |
tree | b12082a7e36a36ce6affc8d0790be5b937039e11 /nixos/modules/services/web-servers | |
parent | 221d90520ae684fddad2f93409fef6d005d8c25f (diff) |
ttyd: add test & use systemd LoadCredential
Diffstat (limited to 'nixos/modules/services/web-servers')
-rw-r--r-- | nixos/modules/services/web-servers/ttyd.nix | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/nixos/modules/services/web-servers/ttyd.nix b/nixos/modules/services/web-servers/ttyd.nix index 3b1d87ccb483e..e545869ca4320 100644 --- a/nixos/modules/services/web-servers/ttyd.nix +++ b/nixos/modules/services/web-servers/ttyd.nix @@ -180,10 +180,11 @@ in # Runs login which needs to be run as root # login: Cannot possibly work without effective root User = "root"; + LoadCredential = lib.optionalString (cfg.passwordFile != null) "TTYD_PASSWORD_FILE:${cfg.passwordFile}"; }; script = if cfg.passwordFile != null then '' - PASSWORD=$(cat ${escapeShellArg cfg.passwordFile}) + PASSWORD=$(cat "$CREDENTIALS_DIRECTORY/TTYD_PASSWORD_FILE") ${pkgs.ttyd}/bin/ttyd ${lib.escapeShellArgs args} \ --credential ${escapeShellArg cfg.username}:"$PASSWORD" \ ${pkgs.shadow}/bin/login |