diff options
| author | Markus Kowalewski <markus.kowalewski@gmail.com> | 2020-11-29 15:58:58 +0100 |
|---|---|---|
| committer | Markus Kowalewski <markus.kowalewski@gmail.com> | 2020-12-16 20:34:14 +0100 |
| commit | 5df0cf7461d09e38c81c3eb6a1e6393c0c40850a (patch) | |
| tree | 60939c746c43399679c2123a88371b23fa82dfe3 /nixos/tests/slurm.nix | |
| parent | f074e879fd5b13891fbcf696411253e645017f4e (diff) | |
| download | nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.tar nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.tar.gz nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.tar.bz2 nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.tar.lz nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.tar.xz nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.tar.zst nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.zip | |
nixos/slurm: fix dbdserver config file handling
Since slurm-20.11.0.1 the dbd server requires slurmdbd.conf to be in mode 600 to protect the database password. This change creates slurmdbd.conf on-the-fly at service startup and thus avoids that the database password ends up in the nix store.
Diffstat (limited to 'nixos/tests/slurm.nix')
| -rw-r--r-- | nixos/tests/slurm.nix | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/nixos/tests/slurm.nix b/nixos/tests/slurm.nix index a54c5d9db48..97e031a6279 100644 --- a/nixos/tests/slurm.nix +++ b/nixos/tests/slurm.nix @@ -86,14 +86,16 @@ in { dbd = { pkgs, ... } : - { + let + passFile = pkgs.writeText "dbdpassword" "password123"; + in { networking.firewall.enable = false; systemd.tmpfiles.rules = [ "f /etc/munge/munge.key 0400 munge munge - mungeverryweakkeybuteasytointegratoinatest" ]; services.slurm.dbdserver = { enable = true; - storagePass = "password123"; + storagePassFile = "${passFile}"; }; services.mysql = { enable = true; |