diff options
author | Andreas Brinner <andreas@everlanes.net> | 2023-04-23 11:35:04 +0200 |
---|---|---|
committer | Andreas Brinner <andreas@everlanes.net> | 2023-04-23 13:11:28 +0200 |
commit | 2af4a9bc09bccb74cda5eefb98193b4bbbb0eba5 (patch) | |
tree | 1d0f028682f3bcc9853d7f567ec22c6f053af7c9 /nixos/modules/services/mail | |
parent | 513975ec4b1fc2293ffd48c984f0913817d78626 (diff) | |
download | nixlib-2af4a9bc09bccb74cda5eefb98193b4bbbb0eba5.tar nixlib-2af4a9bc09bccb74cda5eefb98193b4bbbb0eba5.tar.gz nixlib-2af4a9bc09bccb74cda5eefb98193b4bbbb0eba5.tar.bz2 nixlib-2af4a9bc09bccb74cda5eefb98193b4bbbb0eba5.tar.lz nixlib-2af4a9bc09bccb74cda5eefb98193b4bbbb0eba5.tar.xz nixlib-2af4a9bc09bccb74cda5eefb98193b4bbbb0eba5.tar.zst nixlib-2af4a9bc09bccb74cda5eefb98193b4bbbb0eba5.zip |
nixos/roundcube: fix PostgreSQL password
Extract PostgreSQL database password for Roundcube from .pgpass file. The password file is used in two locations: 1. in the Roundcube config.php 2. in the systemd setup service that initializes the roundcube database These two services need the password in different formats. Keep the password file in PostgreSQL standard format and extract the password for the Roundcube config (see #215986).
Diffstat (limited to 'nixos/modules/services/mail')
-rw-r--r-- | nixos/modules/services/mail/roundcube.nix | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/nixos/modules/services/mail/roundcube.nix b/nixos/modules/services/mail/roundcube.nix index 3aaec145930d..70ec3707dc18 100644 --- a/nixos/modules/services/mail/roundcube.nix +++ b/nixos/modules/services/mail/roundcube.nix @@ -123,7 +123,15 @@ in environment.etc."roundcube/config.inc.php".text = '' <?php - ${lib.optionalString (!localDB) "$password = file_get_contents('${cfg.database.passwordFile}');"} + ${lib.optionalString (!localDB) '' + # Password file should be formated according to PostgreSQL .pgpass standard + # see https://www.postgresql.org/docs/current/libpq-pgpass.html + $password = file_get_contents('${cfg.database.passwordFile}'); + $password = preg_split('~\\\\.(*SKIP)(*FAIL)|\:~s', $password); + $password = end($password); + $password = str_replace("\\:", ":", $password); + $password = str_replace("\\\\", "\\", $password); + ''} $config = array(); $config['db_dsnw'] = 'pgsql://${cfg.database.username}${lib.optionalString (!localDB) ":' . $password . '"}@${if localDB then "unix(/run/postgresql)" else cfg.database.host}/${cfg.database.dbname}'; |