greg/nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

secrets: fix setup-secrets in case of no secrets

Browse Source 
Previously, the glob (*) returned '*' when no files existed in the
secrets dir, leading to error `chown: cannot access '*'`.

Now `unprocessedFiles` is empty when there are no secrets.

Also remove the unneeded sorting of `unprocessedFiles` and
remove redundant leading zero in the default mode.
This commit is contained in:
Erik Arvstedt 2021-10-02 11:49:49 +02:00
parent e61c743644
commit 4d5bc810eb
No known key found for this signature in database
GPG Key ID: 33312B944DD97846
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/secrets/secrets.nix
View File

@ -58,7 +58,7 @@ let
};
permissions = mkOption {
type = str;
default = "0440";
default = "440";
};
};
}
@ -205,7 +205,9 @@ in {
}
# Make all other files accessible to root only
unprocessedFiles=$(comm -23 <(printf '%s\n' *) <(printf '%s\n' "''${processedFiles[@]}" | sort))
unprocessedFiles=$(
comm -23 <(shopt -s nullglob; printf '%s\n' *) <(printf '%s\n' "''${processedFiles[@]}")
)
if [[ $unprocessedFiles ]]; then
IFS=$'\n'
chown root: $unprocessedFiles