diff options
author | talyz <kim.lindberger@gmail.com> | 2021-06-04 18:19:04 +0200 |
---|---|---|
committer | Raphael Megzari <raphael@megzari.com> | 2021-06-07 18:00:13 +0900 |
commit | 41387135ddb01d84049d1931292cacabbde54a34 (patch) | |
tree | 5d4a9d78ce8f3dfc45cf94e4e3959a76582c2a20 /nixos/modules/services/monitoring | |
parent | 98f07d6cc5954d82d22ca40cba6fab69003d41d6 (diff) | |
download | nixpkgs-41387135ddb01d84049d1931292cacabbde54a34.tar nixpkgs-41387135ddb01d84049d1931292cacabbde54a34.tar.gz nixpkgs-41387135ddb01d84049d1931292cacabbde54a34.tar.bz2 nixpkgs-41387135ddb01d84049d1931292cacabbde54a34.tar.lz nixpkgs-41387135ddb01d84049d1931292cacabbde54a34.tar.xz nixpkgs-41387135ddb01d84049d1931292cacabbde54a34.tar.zst nixpkgs-41387135ddb01d84049d1931292cacabbde54a34.zip |
nixos/grafana: Add error handling to service script
Without this, the services starts even if files are missing or prerequisite commands fail, which can lead to incorrect initial state.
Diffstat (limited to 'nixos/modules/services/monitoring')
-rw-r--r-- | nixos/modules/services/monitoring/grafana.nix | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/nixos/modules/services/monitoring/grafana.nix b/nixos/modules/services/monitoring/grafana.nix index 1dd740014fa..b243e24591e 100644 --- a/nixos/modules/services/monitoring/grafana.nix +++ b/nixos/modules/services/monitoring/grafana.nix @@ -640,20 +640,28 @@ in { QT_QPA_PLATFORM = "offscreen"; } // mapAttrs' (n: v: nameValuePair "GF_${n}" (toString v)) envOptions; script = '' + set -o errexit -o pipefail -o nounset -o errtrace + shopt -s inherit_errexit + ${optionalString (cfg.auth.google.clientSecretFile != null) '' - export GF_AUTH_GOOGLE_CLIENT_SECRET="$(cat ${escapeShellArg cfg.auth.google.clientSecretFile})" + GF_AUTH_GOOGLE_CLIENT_SECRET="$(<${escapeShellArg cfg.auth.google.clientSecretFile})" + export GF_AUTH_GOOGLE_CLIENT_SECRET ''} ${optionalString (cfg.database.passwordFile != null) '' - export GF_DATABASE_PASSWORD="$(cat ${escapeShellArg cfg.database.passwordFile})" + GF_DATABASE_PASSWORD="$(<${escapeShellArg cfg.database.passwordFile})" + export GF_DATABASE_PASSWORD ''} ${optionalString (cfg.security.adminPasswordFile != null) '' - export GF_SECURITY_ADMIN_PASSWORD="$(cat ${escapeShellArg cfg.security.adminPasswordFile})" + GF_SECURITY_ADMIN_PASSWORD="$(<${escapeShellArg cfg.security.adminPasswordFile})" + export GF_SECURITY_ADMIN_PASSWORD ''} ${optionalString (cfg.security.secretKeyFile != null) '' - export GF_SECURITY_SECRET_KEY="$(cat ${escapeShellArg cfg.security.secretKeyFile})" + GF_SECURITY_SECRET_KEY="$(<${escapeShellArg cfg.security.secretKeyFile})" + export GF_SECURITY_SECRET_KEY ''} ${optionalString (cfg.smtp.passwordFile != null) '' - export GF_SMTP_PASSWORD="$(cat ${escapeShellArg cfg.smtp.passwordFile})" + GF_SMTP_PASSWORD="$(<${escapeShellArg cfg.smtp.passwordFile})" + export GF_SMTP_PASSWORD ''} ${optionalString cfg.provision.enable '' export GF_PATHS_PROVISIONING=${provisionConfDir}; |