diff options
Diffstat (limited to 'genenetwork/services')
| -rw-r--r-- | genenetwork/services/genenetwork.scm | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/genenetwork/services/genenetwork.scm b/genenetwork/services/genenetwork.scm index f37a078..aa4ac77 100644 --- a/genenetwork/services/genenetwork.scm +++ b/genenetwork/services/genenetwork.scm @@ -109,10 +109,11 @@ (for-each (lambda (file) (chown file - (passwd:uid (getpw "genenetwork")) - (passwd:gid (getpw "genenetwork")))) - (find-files #$(dirname auth-db) - #:directories? #t)) + (passwd:uid (getpw "gunicorn-gn-auth")) + (passwd:gid (getpw "gunicorn-gn-auth")))) + (cons #$gn-auth-secrets + (find-files #$(dirname auth-db) + #:directories? #t))) ;; Let each service user own their own secrets files. (chown #$gn2-secrets (passwd:uid (getpw "gunicorn-genenetwork2")) @@ -120,9 +121,6 @@ (chown #$gn3-secrets (passwd:uid (getpw "gunicorn-genenetwork3")) (passwd:gid (getpw "gunicorn-genenetwork3"))) - (chown #$gn-auth-secrets - (passwd:uid (getpw "gunicorn-gn-auth")) - (passwd:gid (getpw "gunicorn-gn-auth"))) ;; Set owner-only permissions on secrets files. (for-each (lambda (file) (chmod file #o600)) |