search

NixOS / nixpkgs

Nix Packages collection & NixOS
MIT License
18.36k stars 14.32k forks source link

wiki-js: ssl to database & dynamic user issue #359176

Closed ser closed 3 days ago

ser commented 3 days ago

Describe the bug

There are two bugs I experience during my deployment:

  1. There is no ssl option in settings.db which renders connection to a non-ssl postgresql server impossible.
  2. Dynamic user scenario for wiki-js makes providing environmentFile impossible in secure way using secrets, as it must be public for wiki-js to read the content.

Notify maintainers

@ma27

Note for maintainers: Please tag this issue in your PR.

Add a :+1: reaction to issues you find important.

NyCodeGHG commented 3 days ago

the environmentFile option is read by systemd, not wiki-js, so the file can (and should) only be readable by root

Ma27 commented 3 days ago

There is no ssl option in settings.db which renders connection to a non-ssl postgresql server impossible.

The settings attribute is freeform, so you should be able to just add the ssl setting.

So I don't see anything actionable here.

ser commented 3 days ago

OK, thanks, it was totally not clear from available documentation - I hope someone having similar questions will find this issue and your answers.