generate seafile_settings.py
This commit is contained in:
parent
d3f1c04e72
commit
cb44156519
|
|
@ -20,6 +20,22 @@ let
|
||||||
timeout = 1200
|
timeout = 1200
|
||||||
limit_request_line = 8190
|
limit_request_line = 8190
|
||||||
'';
|
'';
|
||||||
|
seahubConfigFile = pkgs.writeText "seahub_settings.py"
|
||||||
|
''
|
||||||
|
SECRET_KEY = #seckey#
|
||||||
|
|
||||||
|
DATABASES = {
|
||||||
|
'default': {
|
||||||
|
'ENGINE': 'django.db.backends.${if cfg.db.type == "mysql" then
|
||||||
|
"mysql" else abort "invalid db type"}',
|
||||||
|
'NAME': '${cfg.db.dbnameSeahub}',
|
||||||
|
'USER': '${cfg.db.user}',
|
||||||
|
'PASSWORD': '#dbpass#',
|
||||||
|
'HOST': '${cfg.db.host}',
|
||||||
|
'PORT': '${toString cfg.db.port}'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
'';
|
||||||
# fix permissions at start
|
# fix permissions at start
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
@ -287,21 +303,26 @@ in
|
||||||
cp ${ccnetConfigFile} ./conf/ccnet.conf
|
cp ${ccnetConfigFile} ./conf/ccnet.conf
|
||||||
cp ${seafileConfigFile} ./conf/seafile.conf
|
cp ${seafileConfigFile} ./conf/seafile.conf
|
||||||
cp ${gunicornConfigFile} ./conf/gunicorn.conf.py
|
cp ${gunicornConfigFile} ./conf/gunicorn.conf.py
|
||||||
|
cp ${seahubConfigFile} ./conf/seahub_settings.py
|
||||||
|
|
||||||
|
# seahub secret key
|
||||||
|
if [ ! -e .seahubSecret ]; then
|
||||||
|
${pkgs.seafile-server.pythonEnv}/bin/python ${pkgs.seafile-server}/seahub/tools/secret_key_generator.py > .seahubSecret
|
||||||
|
chmod 400 .seahubSecret
|
||||||
|
fi
|
||||||
|
SEAHUB_SECRET="$(head -n1 .seahubSecret)"
|
||||||
|
# TODO: check for special characters needing to be escaped
|
||||||
|
sed -e "s,#seckey#,$SEAHUB_SECRET,g" -i ./conf/seahub_settings.py
|
||||||
|
|
||||||
# replace placeholder secrets with real secret read from file
|
# replace placeholder secrets with real secret read from file
|
||||||
#TODO: unset -x to prevent DBPASS from being leaked in journal
|
#TODO: unset -x to prevent DBPASS from being leaked in journal
|
||||||
${if !(isNull cfg.db.passwordFile) then ''
|
${if !(isNull cfg.db.passwordFile) then ''
|
||||||
DBPASS="$(head -n1 ${toString cfg.db.passwordFile})"
|
DBPASS="$(head -n1 ${toString cfg.db.passwordFile})"
|
||||||
sed -e "s,#dbpass#,$DBPASS,g" -i ./conf/seafile.conf ./conf/ccnet.conf
|
sed -e "s,#dbpass#,$DBPASS,g" -i ./conf/seafile.conf ./conf/ccnet.conf ./conf/seahub_settings.py
|
||||||
''
|
''
|
||||||
else ""
|
else ""
|
||||||
}
|
}
|
||||||
|
|
||||||
# seahub secret key
|
|
||||||
if [ -e .seahubSecret ]; then
|
|
||||||
${pkgs.seafile-server.pythonEnv} ${pkgs.seafile-server}/seahub/tools/secret_key_generator.py > .seahubSecret
|
|
||||||
chmod 400 .seahubSecret
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
# initialise db and other things needed at first run
|
# initialise db and other things needed at first run
|
||||||
if [ -e .initialised ]; then
|
if [ -e .initialised ]; then
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue