diff options
author | Max <max@privatevoid.net> | 2022-06-13 21:14:49 +0200 |
---|---|---|
committer | Max <max@privatevoid.net> | 2022-06-17 23:41:27 +0200 |
commit | 2a8bf9777d790bc4a0bc77e523609f1d40694d5b (patch) | |
tree | 086e23e186782362a1dfc53d384a40c6e4ed4343 /nixos/modules/services/network-filesystems/ipfs.nix | |
parent | 914ef51ffa88d9b386c71bdc88bffc5273c08ada (diff) | |
download | nixpkgs-2a8bf9777d790bc4a0bc77e523609f1d40694d5b.tar nixpkgs-2a8bf9777d790bc4a0bc77e523609f1d40694d5b.tar.gz nixpkgs-2a8bf9777d790bc4a0bc77e523609f1d40694d5b.tar.bz2 nixpkgs-2a8bf9777d790bc4a0bc77e523609f1d40694d5b.tar.lz nixpkgs-2a8bf9777d790bc4a0bc77e523609f1d40694d5b.tar.xz nixpkgs-2a8bf9777d790bc4a0bc77e523609f1d40694d5b.tar.zst nixpkgs-2a8bf9777d790bc4a0bc77e523609f1d40694d5b.zip |
nixos/ipfs: do not leak config to journal on startup
The preStart script for the IPFS service will print parts of the configuration to stdout (and therefore, the journal) when applying profiles on startup. This may lead to unwanted disclosure of private information, such as remote pinning service API keys. Fix by sending stdout to /dev/null.
Diffstat (limited to 'nixos/modules/services/network-filesystems/ipfs.nix')
-rw-r--r-- | nixos/modules/services/network-filesystems/ipfs.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/services/network-filesystems/ipfs.nix b/nixos/modules/services/network-filesystems/ipfs.nix index 395b9788855..a5f8f55a682 100644 --- a/nixos/modules/services/network-filesystems/ipfs.nix +++ b/nixos/modules/services/network-filesystems/ipfs.nix @@ -257,7 +257,7 @@ in '' + optionalString cfg.autoMigrate '' ${pkgs.ipfs-migrator}/bin/fs-repo-migrations -to '${cfg.package.repoVersion}' -y '' + '' - ipfs --offline config profile apply ${profile} + ipfs --offline config profile apply ${profile} >/dev/null fi '' + optionalString cfg.autoMount '' ipfs --offline config Mounts.FuseAllowOther --json true |