diff options
| author | pennae <github@quasiparticle.net> | 2022-08-30 14:08:50 +0200 |
|---|---|---|
| committer | pennae <github@quasiparticle.net> | 2022-08-31 17:27:36 +0200 |
| commit | f2ea09ecbe1fa1da32eaa6e036d64ac324a2986f (patch) | |
| tree | 8635d6ef91a1d530e32d8eb0e360c42b1c755b6d /nixos/modules/services/web-apps | |
| parent | 722b99bc0eb57711c0498a86a3f55e6c69cdb05f (diff) | |
| download | nixpkgs-f2ea09ecbe1fa1da32eaa6e036d64ac324a2986f.tar nixpkgs-f2ea09ecbe1fa1da32eaa6e036d64ac324a2986f.tar.gz nixpkgs-f2ea09ecbe1fa1da32eaa6e036d64ac324a2986f.tar.bz2 nixpkgs-f2ea09ecbe1fa1da32eaa6e036d64ac324a2986f.tar.lz nixpkgs-f2ea09ecbe1fa1da32eaa6e036d64ac324a2986f.tar.xz nixpkgs-f2ea09ecbe1fa1da32eaa6e036d64ac324a2986f.tar.zst nixpkgs-f2ea09ecbe1fa1da32eaa6e036d64ac324a2986f.zip | |
nixos/*: convert options with listings
minor rendering changes.
Diffstat (limited to 'nixos/modules/services/web-apps')
| -rw-r--r-- | nixos/modules/services/web-apps/discourse.nix | 10 | ||||
| -rw-r--r-- | nixos/modules/services/web-apps/hedgedoc.nix | 14 |
2 files changed, 12 insertions, 12 deletions
diff --git a/nixos/modules/services/web-apps/discourse.nix b/nixos/modules/services/web-apps/discourse.nix index 156a5cf9f83..66b22ec87db 100644 --- a/nixos/modules/services/web-apps/discourse.nix +++ b/nixos/modules/services/web-apps/discourse.nix @@ -57,20 +57,20 @@ in type = with lib.types; nullOr path; default = null; example = "/run/keys/secret_key_base"; - description = '' + description = lib.mdDoc '' The path to a file containing the - <literal>secret_key_base</literal> secret. + `secret_key_base` secret. - Discourse uses <literal>secret_key_base</literal> to encrypt + Discourse uses `secret_key_base` to encrypt the cookie store, which contains session data, and to digest user auth tokens. Needs to be a 64 byte long string of hexadecimal characters. You can generate one by running - <programlisting> + ``` openssl rand -hex 64 >/path/to/secret_key_base_file - </programlisting> + ``` This should be a string, not a nix path, since nix paths are copied into the world-readable nix store. diff --git a/nixos/modules/services/web-apps/hedgedoc.nix b/nixos/modules/services/web-apps/hedgedoc.nix index 9371eae31df..e26dee68615 100644 --- a/nixos/modules/services/web-apps/hedgedoc.nix +++ b/nixos/modules/services/web-apps/hedgedoc.nix @@ -990,27 +990,27 @@ in type = with types; nullOr path; default = null; example = "/var/lib/hedgedoc/hedgedoc.env"; - description = '' - Environment file as defined in <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>. + description = lib.mdDoc '' + Environment file as defined in {manpage}`systemd.exec(5)`. Secrets may be passed to the service without adding them to the world-readable Nix store, by specifying placeholder variables as the option value in Nix and setting these variables accordingly in the environment file. - <programlisting> + ``` # snippet of HedgeDoc-related config services.hedgedoc.configuration.dbURL = "postgres://hedgedoc:\''${DB_PASSWORD}@db-host:5432/hedgedocdb"; services.hedgedoc.configuration.minio.secretKey = "$MINIO_SECRET_KEY"; - </programlisting> + ``` - <programlisting> + ``` # content of the environment file DB_PASSWORD=verysecretdbpassword MINIO_SECRET_KEY=verysecretminiokey - </programlisting> + ``` Note that this file needs to be available on the host on which - <literal>HedgeDoc</literal> is running. + `HedgeDoc` is running. ''; }; |