aboutsummaryrefslogtreecommitdiff
path: root/genenetwork-development.scm
diff options
context:
space:
mode:
Diffstat (limited to 'genenetwork-development.scm')
-rw-r--r--genenetwork-development.scm14
1 files changed, 11 insertions, 3 deletions
diff --git a/genenetwork-development.scm b/genenetwork-development.scm
index 59fbf37..5848ae5 100644
--- a/genenetwork-development.scm
+++ b/genenetwork-development.scm
@@ -680,17 +680,25 @@ described by CONFIG, a <genenetwork-configuration> object."
(define (genenetwork-activation config)
(match-record config <genenetwork-configuration>
- (auth-db-path)
+ (gn2-secrets gn3-secrets auth-db-path)
(with-imported-modules '((guix build utils))
#~(begin
(use-modules (guix build utils))
+ ;; Set ownership of files.
(for-each (lambda (file)
(chown file
(passwd:uid (getpw "genenetwork"))
(passwd:gid (getpw "genenetwork"))))
- (find-files #$(dirname auth-db-path)
- #:directories? #t))))))
+ (cons* #$gn2-secrets
+ #$gn3-secrets
+ (find-files #$(dirname auth-db-path)
+ #:directories? #t)))
+ ;; Prevent other users from reading secret files.
+ (for-each (lambda (file)
+ (chmod file #o600))
+ (list #$gn2-secrets
+ #$gn3-secrets))))))
(define genenetwork-service-type
(service-type