aboutsummaryrefslogtreecommitdiff
path: root/nix/compile.nix
diff options
context:
space:
mode:
authorFélix Baylac Jacqué <felix@alternativebit.fr>2023-10-25 11:34:39 +0200
committerFélix Baylac Jacqué <felix@alternativebit.fr>2023-10-26 18:25:13 +0200
commitf83fa021937978e79c917c08b3499ba866120284 (patch)
tree8b87676d871e30a3bfa6a1082d0cbcdda15e2de1 /nix/compile.nix
parent4b3dee2ca3be35d2df73626ad36a8cddedc41e6f (diff)
downloadgarage-f83fa021937978e79c917c08b3499ba866120284.tar.gz
garage-f83fa021937978e79c917c08b3499ba866120284.zip
Add allow_world_readable_secrets option to config file
Sometimes, the secret files permissions checks gets in the way. It's by no mean complete, it doesn't take the Posix ACLs into account among other things. Correctly checking the ACLs would be too involving (see https://git.deuxfleurs.fr/Deuxfleurs/garage/issues/658#issuecomment-7102) and would likely still fail in some weird chmod settings. We're adding a new configuration file key allowing the user to disable this permission check altogether. The (already existing) env variable counterpart always take precedence to this config file option. That's useful in cases where the configuration file is static and cannot be easily altered. Fixes https://git.deuxfleurs.fr/Deuxfleurs/garage/issues/658 Co-authored-by: Florian Klink <flokli@flokli.de>
Diffstat (limited to 'nix/compile.nix')
0 files changed, 0 insertions, 0 deletions