Set ownership of secrets files.

* genenetwork/services/genenetwork.scm (genenetwork-activation): Set ownership of secrets files. * production-deploy.sh: Mount secrets files read-write.
author: Arun Isaac 2024-03-01 11:28:58 +0000
committer: Arun Isaac 2024-03-01 11:32:41 +0000
commit: 1dc59cdfeeaebdbfe58a4cf7c8a72795e61bbc6a (patch)
tree: 8077df041ac2f9a104f3b5b1be2de45f08b80f76
parent: c032c737b5d2d791d388618e3c79403d3a16fe21 (diff)
download: gn-machines-1dc59cdfeeaebdbfe58a4cf7c8a72795e61bbc6a.tar.gz
2 files changed, 7 insertions, 4 deletions
diff --git a/genenetwork/services/genenetwork.scm b/genenetwork/services/genenetwork.scm
index f5d1e01..5a2dda2 100644
--- a/genenetwork/services/genenetwork.scm
+++ b/genenetwork/services/genenetwork.scm
@@ -100,7 +100,7 @@
 
 (define (genenetwork-activation config)
   (match-record config <genenetwork-configuration>
-    (auth-db)
+    (gn2-secrets gn3-secrets gn-auth-secrets auth-db)
     (with-imported-modules '((guix build utils))
       #~(begin
           (use-modules (guix build utils))
@@ -109,8 +109,11 @@
                       (chown file
                              (passwd:uid (getpw "genenetwork"))
                              (passwd:gid (getpw "genenetwork"))))
-                    (find-files #$(dirname auth-db)
-                                #:directories? #t))))))
+                    (cons* #$gn2-secrets
+                           #$gn3-secrets
+                           #$gn-auth-secrets
+                           (find-files #$(dirname auth-db)
+                                       #:directories? #t)))))))
 
 (define (configuration-file-gexp alist)
   "Return a G-expression that constructs a configuration file of
diff --git a/production-deploy.sh b/production-deploy.sh
index e7c4004..67c1167 100755
--- a/production-deploy.sh
+++ b/production-deploy.sh
@@ -28,7 +28,7 @@ container_script=$(guix system container \
                         --share=/export2/guix-containers/genenetwork/var/lib/acme=/var/lib/acme \
                         --share=/export2/guix-containers/genenetwork/var/lib/mysql=/var/lib/mysql \
                         --share=/export2/guix-containers/genenetwork/var/lib/virtuoso=/var/lib/virtuoso \
-                        --expose=/export2/guix-containers/genenetwork/etc/genenetwork=/etc/genenetwork \
+                        --share=/export2/guix-containers/genenetwork/etc/genenetwork=/etc/genenetwork \
                         --expose=/export/data/genenetwork-xapian \
                         --share=/export/data/genenetwork-sqlite \
                         --expose=/export/data/genenetwork/genotype_files \
author	Arun Isaac	2024-03-01 11:28:58 +0000
committer	Arun Isaac	2024-03-01 11:32:41 +0000
commit	1dc59cdfeeaebdbfe58a4cf7c8a72795e61bbc6a (patch)
tree	8077df041ac2f9a104f3b5b1be2de45f08b80f76
parent	c032c737b5d2d791d388618e3c79403d3a16fe21 (diff)
download	gn-machines-1dc59cdfeeaebdbfe58a4cf7c8a72795e61bbc6a.tar.gz