diff options
| author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2022-07-25 12:02:27 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-07-25 12:02:27 +0000 |
| commit | d31202e8c3c21d9e4a47267e4cfd21f431c11f44 (patch) | |
| tree | 7f9e03b69cbc88cd6a31af4a0ca771a2d33c379d /nixos | |
| parent | e8387a912dfcf915d8b71f948a100c81a6889a9d (diff) | |
| parent | ded08eff9cea84e3b63437e4fe5568c0ff03d84d (diff) | |
| download | nixpkgs-d31202e8c3c21d9e4a47267e4cfd21f431c11f44.tar nixpkgs-d31202e8c3c21d9e4a47267e4cfd21f431c11f44.tar.gz nixpkgs-d31202e8c3c21d9e4a47267e4cfd21f431c11f44.tar.bz2 nixpkgs-d31202e8c3c21d9e4a47267e4cfd21f431c11f44.tar.lz nixpkgs-d31202e8c3c21d9e4a47267e4cfd21f431c11f44.tar.xz nixpkgs-d31202e8c3c21d9e4a47267e4cfd21f431c11f44.tar.zst nixpkgs-d31202e8c3c21d9e4a47267e4cfd21f431c11f44.zip | |
Merge staging-next into staging
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/web-apps/atlassian/crowd.nix | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/nixos/modules/services/web-apps/atlassian/crowd.nix b/nixos/modules/services/web-apps/atlassian/crowd.nix index 79306541b85..9418aff12ad 100644 --- a/nixos/modules/services/web-apps/atlassian/crowd.nix +++ b/nixos/modules/services/web-apps/atlassian/crowd.nix @@ -14,6 +14,21 @@ let proxyUrl = "${cfg.proxy.scheme}://${cfg.proxy.name}:${toString cfg.proxy.port}"; }); + crowdPropertiesFile = pkgs.writeText "crowd.properties" '' + application.name crowd-openid-server + application.password @NIXOS_CROWD_OPENID_PW@ + application.base.url http://localhost:${toString cfg.listenPort}/openidserver + application.login.url http://localhost:${toString cfg.listenPort}/openidserver + application.login.url.template http://localhost:${toString cfg.listenPort}/openidserver?returnToUrl=''${RETURN_TO_URL} + + crowd.server.url http://localhost:${toString cfg.listenPort}/crowd/services/ + + session.isauthenticated session.isauthenticated + session.tokenkey session.tokenkey + session.validationinterval 0 + session.lastvalidation session.lastvalidation + ''; + in { @@ -53,9 +68,16 @@ in openidPassword = mkOption { type = types.str; + default = "WILL_NEVER_BE_SET"; description = "Application password for OpenID server."; }; + openidPasswordFile = mkOption { + type = types.nullOr types.str; + default = null; + description = "Path to the file containing the application password for OpenID server."; + }; + catalinaOptions = mkOption { type = types.listOf types.str; default = []; @@ -140,6 +162,7 @@ in JAVA_HOME = "${cfg.jrePackage}"; CATALINA_OPTS = concatStringsSep " " cfg.catalinaOptions; CATALINA_TMPDIR = "/tmp"; + JAVA_OPTS = mkIf (cfg.openidPasswordFile != null) "-Dcrowd.properties=${cfg.home}/crowd.properties"; }; preStart = '' @@ -151,6 +174,14 @@ in -e 's,compression="on",compression="off" protocol="HTTP/1.1" proxyName="${cfg.proxy.name}" proxyPort="${toString cfg.proxy.port}" scheme="${cfg.proxy.scheme}" secure="${boolToString cfg.proxy.secure}",' \ '') + '' ${pkg}/apache-tomcat/conf/server.xml.dist > ${cfg.home}/server.xml + + ${optionalString (cfg.openidPasswordFile != null) '' + install -m660 ${crowdPropertiesFile} ${cfg.home}/crowd.properties + ${pkgs.replace-secret}/bin/replace-secret \ + '@NIXOS_CROWD_OPENID_PW@' \ + ${cfg.openidPasswordFile} \ + ${cfg.home}/crowd.properties + ''} ''; serviceConfig = { |