rebase secrets

rebase mediawiki
rebase idp
2024-03-30 22:56:01 +01:00 · 2024-03-30 22:55:48 +01:00 · 2024-03-30 22:55:07 +01:00
4 changed files with 17 additions and 15 deletions
--- a/hosts/bekkalokk/services/idp-simplesamlphp/config.php
+++ b/hosts/bekkalokk/services/idp-simplesamlphp/config.php
@ -125,8 +125,8 @@ $config = [
     * The email address will be used as the recipient address for error reports, and
     * also as the technical contact in generated metadata.
     */
-    'technicalcontact_name' => 'Administrator',
-    'technicalcontact_email' => 'na@example.org',
+    'technicalcontact_name' => $SAML_ADMIN_NAME,
+    'technicalcontact_email' => $SAML_ADMIN_EMAIL,

    /*
     * (Optional) The method by which email is delivered.  Defaults to mail which utilizes the
@ -476,13 +476,13 @@ $config = [
     * Ensure that you have the required PDO database driver installed
     * for your connection string.
     */
-    'database.dsn' => 'postgres:host=bicep.pvv.ntnu.no;dbname=idp',
+    'database.dsn' => $SAML_DATABASE_DSN,

    /*
     * SQL database credentials
     */
-    'database.username' => 'idp',
-    'database.password' => 'secret',
+    'database.username' => $SAML_DATABASE_USERNAME,
+    'database.password' => $SAML_DATABASE_PASSWORD,
    'database.options' => [],

    /*
@ -1195,13 +1195,13 @@ $config = [
     * See http://www.php.net/manual/en/pdo.drivers.php for the various
     * syntaxes.
     */
-    'store.sql.dsn'                 => 'sqlite:$STATE_DIRECTORY/simplesamlphp.sqlite3',
+    'store.sql.dsn'                 => $SAML_DATABASE_DSN,

    /*
     * The username and password to use when connecting to the database.
     */
-    'store.sql.username' => null,
-    'store.sql.password' => null,
+    'store.sql.username' => $SAML_DATABASE_USERNAME,
+    'store.sql.password' => $SAML_DATABASE_PASSWORD,

    /*
     * The prefix we should use on our tables.
--- a/hosts/bekkalokk/services/idp-simplesamlphp/default.nix
+++ b/hosts/bekkalokk/services/idp-simplesamlphp/default.nix
@ -86,12 +86,13 @@ let
        substituteInPlace "$out" \
          --replace '$SAML_COOKIE_SECURE' 'true' \
          --replace '$SAML_COOKIE_SALT' 'file_get_contents("${config.sops.secrets."idp/cookie_salt".path}")' \
+          --replace '$SAML_ADMIN_NAME' '"Drift"' \
+          --replace '$SAML_ADMIN_EMAIL' '"drift@pvv.ntnu.no"' \
          --replace '$SAML_ADMIN_PASSWORD' 'file_get_contents("${config.sops.secrets."idp/admin_password".path}")' \
          --replace '$SAML_TRUSTED_DOMAINS' 'array( "idp2.pvv.ntnu.no" )' \
          --replace '$SAML_DATABASE_DSN' '"pgsql:host=postgres.pvv.ntnu.no;port=5432;dbname=idp"' \
          --replace '$SAML_DATABASE_USERNAME' '"idp"' \
          --replace '$SAML_DATABASE_PASSWORD' 'file_get_contents("${config.sops.secrets."idp/postgres_password".path}")' \
-          --replace '$STATE_DIRECTORY' '/var/lib/idp' \
          --replace '$CACHE_DIRECTORY' '/var/cache/idp'
      '';

--- a/hosts/bekkalokk/services/mediawiki/default.nix
+++ b/hosts/bekkalokk/services/mediawiki/default.nix
@ -19,12 +19,13 @@
        substituteInPlace "$out" \
          --replace '$SAML_COOKIE_SECURE' 'true' \
          --replace '$SAML_COOKIE_SALT' 'file_get_contents("${config.sops.secrets."mediawiki/simplesamlphp/cookie_salt".path}")' \
+          --replace '$SAML_ADMIN_NAME' '"Drift"' \
+          --replace '$SAML_ADMIN_EMAIL' '"drift@pvv.ntnu.no"' \
          --replace '$SAML_ADMIN_PASSWORD' 'file_get_contents("${config.sops.secrets."mediawiki/simplesamlphp/admin_password".path}")' \
          --replace '$SAML_TRUSTED_DOMAINS' 'array( "wiki2.pvv.ntnu.no" )' \
          --replace '$SAML_DATABASE_DSN' '"pgsql:host=postgres.pvv.ntnu.no;port=5432;dbname=mediawiki_simplesamlphp"' \
          --replace '$SAML_DATABASE_USERNAME' '"mediawiki_simplesamlphp"' \
          --replace '$SAML_DATABASE_PASSWORD' 'file_get_contents("${config.sops.secrets."mediawiki/simplesamlphp/postgres_password".path}")' \
-          --replace '$STATE_DIRECTORY' '/var/lib/mediawiki' \
          --replace '$CACHE_DIRECTORY' '/var/cache/mediawiki/idp'
      '';
    };
--- a/hosts/bekkalokk/services/mediawiki/simplesaml-config.php
+++ b/hosts/bekkalokk/services/mediawiki/simplesaml-config.php
@ -125,8 +125,8 @@ $config = [
     * The email address will be used as the recipient address for error reports, and
     * also as the technical contact in generated metadata.
     */
-    'technicalcontact_name' => 'Administrator',
-    'technicalcontact_email' => 'na@example.org',
+    'technicalcontact_name' => $SAML_ADMIN_NAME,
+    'technicalcontact_email' => $SAML_ADMIN_EMAIL,

    /*
     * (Optional) The method by which email is delivered.  Defaults to mail which utilizes the
@ -1195,13 +1195,13 @@ $config = [
     * See http://www.php.net/manual/en/pdo.drivers.php for the various
     * syntaxes.
     */
-    'store.sql.dsn'                 => 'sqlite:$STATE_DIRECTORY/simplesamlphp.sqlite3',
+    'store.sql.dsn'                 => $SAML_DATABASE_DSN,

    /*
     * The username and password to use when connecting to the database.
     */
-    'store.sql.username' => null,
-    'store.sql.password' => null,
+    'store.sql.username' => $SAML_DATABASE_USERNAME,
+    'store.sql.password' => $SAML_DATABASE_PASSWORD,

    /*
     * The prefix we should use on our tables.
Author	SHA1	Message	Date
Oystein Kristoffer Tveit	205fba0a10	rebase secrets Eval nix flake / evals (push) Failing after 1m48s Details	2024-03-30 22:56:01 +01:00
Oystein Kristoffer Tveit	ccbf081be2	rebase mediawiki	2024-03-30 22:55:48 +01:00
Oystein Kristoffer Tveit	625fa36e39	rebase idp	2024-03-30 22:55:07 +01:00