thary/sp-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

auth:module: replace special symbols in generated secrets

Browse Source
This commit is contained in:
Alexander Tomokhov
2025-04-17 12:42:46 +04:00
parent 791e551b93
commit 46971cd2be
1 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
auth/auth-module.nix
View File

@@ -14,9 +14,14 @@ let
in in
pkgs.writeShellScript pkgs.writeShellScript
"${oauthClientID}-kanidm-ExecStartPre-script.sh" '' "${oauthClientID}-kanidm-ExecStartPre-script.sh" ''
[ -f "${secretFP}" ] || \ set -o pipefail
"${lib.getExe pkgs.openssl}" rand -base64 -out "${secretFP}" 32 && \ set -o errexit
if ! [ -f "${secretFP}" ]
then
"${lib.getExe pkgs.openssl}" rand -base64 32 \
| tr "\n:@/+=" "012345" > "${secretFP}"
chmod 640 "${secretFP}" chmod 640 "${secretFP}"
fi
''; '';
mkKanidmExecStartPostScript = oauthClientID: linuxGroup: mkKanidmExecStartPostScript = oauthClientID: linuxGroup:
let let