diff options
| author | Frederick Muriuki Muriithi | 2025-08-22 12:16:32 -0500 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2025-10-08 08:52:32 -0500 |
| commit | d79acdeb57fbb7e6f5aac43b819c67abbc417a79 (patch) | |
| tree | 7d34352ba2f6d4b2b97a517d0ca2a4052ba78982 /genenetwork | |
| parent | 0e5ff000d5493503acac2c7c0c8c87fe9a881776 (diff) | |
| download | gn-machines-d79acdeb57fbb7e6f5aac43b819c67abbc417a79.tar.gz | |
gn-uploader: Change ownership of and map secrets directory.
* Change the ownership of the secrets directory and all its children rather than just the secrets file. * Expose the secrets directory to the application, rather than just the secrets file. Make the directory writable.
Diffstat (limited to 'genenetwork')
| -rw-r--r-- | genenetwork/services/genenetwork.scm | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/genenetwork/services/genenetwork.scm b/genenetwork/services/genenetwork.scm index 0281c5a..99e78b9 100644 --- a/genenetwork/services/genenetwork.scm +++ b/genenetwork/services/genenetwork.scm @@ -744,7 +744,7 @@ a @code{<genenetwork-configuration>} record." (chown file (passwd:uid (getpw "gunicorn-gn-uploader")) (passwd:gid (getpw "gunicorn-gn-uploader")))) - (append (list #$secrets) + (append (list #$(dirname secrets)) (find-files #$sessions-dir #:directories? #t) (find-files #$sqlite-databases-directory @@ -811,8 +811,9 @@ a @code{<genenetwork-configuration>} record." (source gn-uploader-conf) (target source)) (file-system-mapping - (source secrets) - (target source)) + (source (dirname secrets)) + (target source) + (writable? #t)) (file-system-mapping (source data-directory) (target source) |