diff options
author | a-kenji <aks.kenji@protonmail.com> | 2022-09-12 10:34:55 +0200 |
---|---|---|
committer | Yt <happysalada@proton.me> | 2022-09-12 18:39:54 -0400 |
commit | 5519e1b89bf02443b056fac9acf5f6d607bb622f (patch) | |
tree | 144982564ebcc2185321b0144f2bd8826f549865 /nixos | |
parent | fdabbea239e9bbe723df31fb93adb3fdb0bf3f9a (diff) |
nixos/lemmy: remove `services.lemmy.jwtSecretPath`
Co-authored-by: Ctem <c@ctem.me> Co-authored-by: Brian Leung <leungbk@posteo.net> Co-authored-by: Shahar Dawn Or <mightyiampresence@gmail.com> Co-authored-by: Ilan Joselevich <personal@ilanjoselevich.com>
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/web-apps/lemmy.md | 3 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/lemmy.nix | 13 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/lemmy.xml | 7 | ||||
-rw-r--r-- | nixos/tests/lemmy.nix | 4 |
4 files changed, 5 insertions, 22 deletions
diff --git a/nixos/modules/services/web-apps/lemmy.md b/nixos/modules/services/web-apps/lemmy.md index e6599cd843e3e..faafe096d1382 100644 --- a/nixos/modules/services/web-apps/lemmy.md +++ b/nixos/modules/services/web-apps/lemmy.md @@ -13,13 +13,10 @@ services.lemmy = { hostname = "lemmy.union.rocks"; database.createLocally = true; }; - jwtSecretPath = "/run/secrets/lemmyJwt"; caddy.enable = true; } ``` -(note that you can use something like agenix to get your secret jwt to the specified path) - this will start the backend on port 8536 and the frontend on port 1234. It will expose your instance with a caddy reverse proxy to the hostname you've provided. Postgres will be initialized on that same instance automatically. diff --git a/nixos/modules/services/web-apps/lemmy.nix b/nixos/modules/services/web-apps/lemmy.nix index 1f2168b2a4c63..1945c82914335 100644 --- a/nixos/modules/services/web-apps/lemmy.nix +++ b/nixos/modules/services/web-apps/lemmy.nix @@ -10,15 +10,14 @@ in # `pandoc lemmy.md -t docbook --top-level-division=chapter --extract-media=media -f markdown+smart > lemmy.xml` meta.doc = ./lemmy.xml; + imports = [ + (mkRemovedOptionModule [ "services" "lemmy" "jwtSecretPath" ] "As of v0.13.0, Lemmy auto-generates the JWT secret.") + ]; + options.services.lemmy = { enable = mkEnableOption (lib.mdDoc "lemmy a federated alternative to reddit in rust"); - jwtSecretPath = mkOption { - type = types.path; - description = lib.mdDoc "Path to read the jwt secret from."; - }; - ui = { port = mkOption { type = types.port; @@ -168,18 +167,14 @@ in requires = lib.optionals cfg.settings.database.createLocally [ "lemmy-postgresql.service" ]; - # script is needed here since loadcredential is not accessible on ExecPreStart script = '' ${pkgs.coreutils}/bin/install -m 600 ${settingsFormat.generate "config.hjson" cfg.settings} /run/lemmy/config.hjson - jwtSecret="$(< $CREDENTIALS_DIRECTORY/jwt_secret )" - ${pkgs.jq}/bin/jq ".jwt_secret = \"$jwtSecret\"" /run/lemmy/config.hjson | ${pkgs.moreutils}/bin/sponge /run/lemmy/config.hjson ${pkgs.lemmy-server}/bin/lemmy_server ''; serviceConfig = { DynamicUser = true; RuntimeDirectory = "lemmy"; - LoadCredential = "jwt_secret:${cfg.jwtSecretPath}"; }; }; diff --git a/nixos/modules/services/web-apps/lemmy.xml b/nixos/modules/services/web-apps/lemmy.xml index 0be9fb8aefa98..f04316b3c5159 100644 --- a/nixos/modules/services/web-apps/lemmy.xml +++ b/nixos/modules/services/web-apps/lemmy.xml @@ -8,22 +8,17 @@ <para> the minimum to start lemmy is </para> - <programlisting language="bash"> + <programlisting language="nix"> services.lemmy = { enable = true; settings = { hostname = "lemmy.union.rocks"; database.createLocally = true; }; - jwtSecretPath = "/run/secrets/lemmyJwt"; caddy.enable = true; } </programlisting> <para> - (note that you can use something like agenix to get your secret - jwt to the specified path) - </para> - <para> this will start the backend on port 8536 and the frontend on port 1234. It will expose your instance with a caddy reverse proxy to the hostname you’ve provided. Postgres will be initialized on that diff --git a/nixos/tests/lemmy.nix b/nixos/tests/lemmy.nix index 543bd2ce57a54..a317b4cf15baf 100644 --- a/nixos/tests/lemmy.nix +++ b/nixos/tests/lemmy.nix @@ -14,10 +14,6 @@ in "${lemmyNodeName}" = { services.lemmy = { enable = true; - jwtSecretPath = pkgs.writeTextFile { - name = "lemmy-secret"; - text = "very-secret-password123"; - }; ui.port = uiPort; settings = { hostname = "http://${lemmyNodeName}"; |