Compare commits

...

3 Commits

Author SHA1 Message Date
Oystein Kristoffer Tveit 205fba0a10 rebase secrets
Eval nix flake / evals (push) Failing after 1m48s Details
2024-03-30 22:56:01 +01:00
Oystein Kristoffer Tveit ccbf081be2 rebase mediawiki 2024-03-30 22:55:48 +01:00
Oystein Kristoffer Tveit 625fa36e39 rebase idp 2024-03-30 22:55:07 +01:00
4 changed files with 17 additions and 15 deletions

View File

@ -125,8 +125,8 @@ $config = [
* The email address will be used as the recipient address for error reports, and * The email address will be used as the recipient address for error reports, and
* also as the technical contact in generated metadata. * also as the technical contact in generated metadata.
*/ */
'technicalcontact_name' => 'Administrator', 'technicalcontact_name' => $SAML_ADMIN_NAME,
'technicalcontact_email' => 'na@example.org', 'technicalcontact_email' => $SAML_ADMIN_EMAIL,
/* /*
* (Optional) The method by which email is delivered. Defaults to mail which utilizes the * (Optional) The method by which email is delivered. Defaults to mail which utilizes the
@ -476,13 +476,13 @@ $config = [
* Ensure that you have the required PDO database driver installed * Ensure that you have the required PDO database driver installed
* for your connection string. * for your connection string.
*/ */
'database.dsn' => 'postgres:host=bicep.pvv.ntnu.no;dbname=idp', 'database.dsn' => $SAML_DATABASE_DSN,
/* /*
* SQL database credentials * SQL database credentials
*/ */
'database.username' => 'idp', 'database.username' => $SAML_DATABASE_USERNAME,
'database.password' => 'secret', 'database.password' => $SAML_DATABASE_PASSWORD,
'database.options' => [], 'database.options' => [],
/* /*
@ -1195,13 +1195,13 @@ $config = [
* See http://www.php.net/manual/en/pdo.drivers.php for the various * See http://www.php.net/manual/en/pdo.drivers.php for the various
* syntaxes. * syntaxes.
*/ */
'store.sql.dsn' => 'sqlite:$STATE_DIRECTORY/simplesamlphp.sqlite3', 'store.sql.dsn' => $SAML_DATABASE_DSN,
/* /*
* The username and password to use when connecting to the database. * The username and password to use when connecting to the database.
*/ */
'store.sql.username' => null, 'store.sql.username' => $SAML_DATABASE_USERNAME,
'store.sql.password' => null, 'store.sql.password' => $SAML_DATABASE_PASSWORD,
/* /*
* The prefix we should use on our tables. * The prefix we should use on our tables.

View File

@ -86,12 +86,13 @@ let
substituteInPlace "$out" \ substituteInPlace "$out" \
--replace '$SAML_COOKIE_SECURE' 'true' \ --replace '$SAML_COOKIE_SECURE' 'true' \
--replace '$SAML_COOKIE_SALT' 'file_get_contents("${config.sops.secrets."idp/cookie_salt".path}")' \ --replace '$SAML_COOKIE_SALT' 'file_get_contents("${config.sops.secrets."idp/cookie_salt".path}")' \
--replace '$SAML_ADMIN_NAME' '"Drift"' \
--replace '$SAML_ADMIN_EMAIL' '"drift@pvv.ntnu.no"' \
--replace '$SAML_ADMIN_PASSWORD' 'file_get_contents("${config.sops.secrets."idp/admin_password".path}")' \ --replace '$SAML_ADMIN_PASSWORD' 'file_get_contents("${config.sops.secrets."idp/admin_password".path}")' \
--replace '$SAML_TRUSTED_DOMAINS' 'array( "idp2.pvv.ntnu.no" )' \ --replace '$SAML_TRUSTED_DOMAINS' 'array( "idp2.pvv.ntnu.no" )' \
--replace '$SAML_DATABASE_DSN' '"pgsql:host=postgres.pvv.ntnu.no;port=5432;dbname=idp"' \ --replace '$SAML_DATABASE_DSN' '"pgsql:host=postgres.pvv.ntnu.no;port=5432;dbname=idp"' \
--replace '$SAML_DATABASE_USERNAME' '"idp"' \ --replace '$SAML_DATABASE_USERNAME' '"idp"' \
--replace '$SAML_DATABASE_PASSWORD' 'file_get_contents("${config.sops.secrets."idp/postgres_password".path}")' \ --replace '$SAML_DATABASE_PASSWORD' 'file_get_contents("${config.sops.secrets."idp/postgres_password".path}")' \
--replace '$STATE_DIRECTORY' '/var/lib/idp' \
--replace '$CACHE_DIRECTORY' '/var/cache/idp' --replace '$CACHE_DIRECTORY' '/var/cache/idp'
''; '';

View File

@ -19,12 +19,13 @@
substituteInPlace "$out" \ substituteInPlace "$out" \
--replace '$SAML_COOKIE_SECURE' 'true' \ --replace '$SAML_COOKIE_SECURE' 'true' \
--replace '$SAML_COOKIE_SALT' 'file_get_contents("${config.sops.secrets."mediawiki/simplesamlphp/cookie_salt".path}")' \ --replace '$SAML_COOKIE_SALT' 'file_get_contents("${config.sops.secrets."mediawiki/simplesamlphp/cookie_salt".path}")' \
--replace '$SAML_ADMIN_NAME' '"Drift"' \
--replace '$SAML_ADMIN_EMAIL' '"drift@pvv.ntnu.no"' \
--replace '$SAML_ADMIN_PASSWORD' 'file_get_contents("${config.sops.secrets."mediawiki/simplesamlphp/admin_password".path}")' \ --replace '$SAML_ADMIN_PASSWORD' 'file_get_contents("${config.sops.secrets."mediawiki/simplesamlphp/admin_password".path}")' \
--replace '$SAML_TRUSTED_DOMAINS' 'array( "wiki2.pvv.ntnu.no" )' \ --replace '$SAML_TRUSTED_DOMAINS' 'array( "wiki2.pvv.ntnu.no" )' \
--replace '$SAML_DATABASE_DSN' '"pgsql:host=postgres.pvv.ntnu.no;port=5432;dbname=mediawiki_simplesamlphp"' \ --replace '$SAML_DATABASE_DSN' '"pgsql:host=postgres.pvv.ntnu.no;port=5432;dbname=mediawiki_simplesamlphp"' \
--replace '$SAML_DATABASE_USERNAME' '"mediawiki_simplesamlphp"' \ --replace '$SAML_DATABASE_USERNAME' '"mediawiki_simplesamlphp"' \
--replace '$SAML_DATABASE_PASSWORD' 'file_get_contents("${config.sops.secrets."mediawiki/simplesamlphp/postgres_password".path}")' \ --replace '$SAML_DATABASE_PASSWORD' 'file_get_contents("${config.sops.secrets."mediawiki/simplesamlphp/postgres_password".path}")' \
--replace '$STATE_DIRECTORY' '/var/lib/mediawiki' \
--replace '$CACHE_DIRECTORY' '/var/cache/mediawiki/idp' --replace '$CACHE_DIRECTORY' '/var/cache/mediawiki/idp'
''; '';
}; };

View File

@ -125,8 +125,8 @@ $config = [
* The email address will be used as the recipient address for error reports, and * The email address will be used as the recipient address for error reports, and
* also as the technical contact in generated metadata. * also as the technical contact in generated metadata.
*/ */
'technicalcontact_name' => 'Administrator', 'technicalcontact_name' => $SAML_ADMIN_NAME,
'technicalcontact_email' => 'na@example.org', 'technicalcontact_email' => $SAML_ADMIN_EMAIL,
/* /*
* (Optional) The method by which email is delivered. Defaults to mail which utilizes the * (Optional) The method by which email is delivered. Defaults to mail which utilizes the
@ -1195,13 +1195,13 @@ $config = [
* See http://www.php.net/manual/en/pdo.drivers.php for the various * See http://www.php.net/manual/en/pdo.drivers.php for the various
* syntaxes. * syntaxes.
*/ */
'store.sql.dsn' => 'sqlite:$STATE_DIRECTORY/simplesamlphp.sqlite3', 'store.sql.dsn' => $SAML_DATABASE_DSN,
/* /*
* The username and password to use when connecting to the database. * The username and password to use when connecting to the database.
*/ */
'store.sql.username' => null, 'store.sql.username' => $SAML_DATABASE_USERNAME,
'store.sql.password' => null, 'store.sql.password' => $SAML_DATABASE_PASSWORD,
/* /*
* The prefix we should use on our tables. * The prefix we should use on our tables.