From 0f529485856a91e091f25cebf9db70d192343cf3 Mon Sep 17 00:00:00 2001 From: Munyoki Kilyungi Date: Tue, 4 Feb 2025 15:52:26 +0300 Subject: Update secret file paths and handling in genenetwork container conf. --- genenetwork-local-container.scm | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) (limited to 'genenetwork-local-container.scm') diff --git a/genenetwork-local-container.scm b/genenetwork-local-container.scm index ee65d71..b19c7a1 100644 --- a/genenetwork-local-container.scm +++ b/genenetwork-local-container.scm @@ -194,24 +194,26 @@ server described by CONFIG, a object." (passwd:uid (getpw "genenetwork")) (passwd:gid (getpw "genenetwork")))) (cons* #$gn3-secrets - (append (find-files #$gn2-secrets + (append (find-files "/etc/genenetwork/conf/gn-auth" + #:directories? #t) + (find-files "/etc/genenetwork/conf/gn2" + #:directories? #t) + (find-files "/etc/genenetwork/conf/gn3" #:directories? #t) (find-files "/var/lib/gn-docs" #:directories? #t) (find-files #$(dirname auth-db-path) - #:directories? #t) - (find-files #$gn-auth-secrets #:directories? #t)))) ;; Prevent other users from reading secret files. (for-each (lambda (file) (chmod file #o600)) (append - (find-files #$gn3-secrets - #:directories? #t) - (find-files #$gn2-secrets - #:directories? #t) - (find-files #$gn-auth-secrets - #:directories? #t))))))) + (find-files "/etc/genenetwork/conf/gn-auth/secrets.py" + #:directories? #f) + (find-files "/etc/genenetwork/conf/gn2/secrets.py" + #:directories? #f) + (find-files "/etc/genenetwork/conf/gn3/secrets.py" + #:directories? #f))))))) (define (gn-guile-gexp gn-guile-port) (with-imported-modules '((guix build utils)) -- cgit v1.2.3