Loading nixos/modules/services/admin/pgadmin.nix +17 −1 Original line number Diff line number Diff line Loading @@ -44,12 +44,19 @@ in initialPasswordFile = mkOption { description = lib.mdDoc '' Initial password file for the pgAdmin account. Initial password file for the pgAdmin account. Minimum length by default is 6. Please see `services.pgadmin.minimumPasswordLength`. NOTE: Should be string not a store path, to prevent the password from being world readable ''; type = types.path; }; minimumPasswordLength = mkOption { description = lib.mdDoc "Minimum length of the password"; type = types.int; default = 6; }; emailServer = { enable = mkOption { description = lib.mdDoc '' Loading Loading @@ -116,6 +123,7 @@ in services.pgadmin.settings = { DEFAULT_SERVER_PORT = cfg.port; PASSWORD_LENGTH_MIN = cfg.minimumPasswordLength; SERVER_MODE = true; UPGRADE_CHECK_ENABLED = false; } // (optionalAttrs cfg.openFirewall { Loading @@ -141,6 +149,14 @@ in preStart = '' # NOTE: this is idempotent (aka running it twice has no effect) # Check here for password length to prevent pgadmin from starting # and presenting a hard to find error message # see https://github.com/NixOS/nixpkgs/issues/270624 PW_LENGTH=$(wc -m < ${escapeShellArg cfg.initialPasswordFile}) if [ $PW_LENGTH -lt ${toString cfg.minimumPasswordLength} ]; then echo "Password must be at least ${toString cfg.minimumPasswordLength} characters long" exit 1 fi ( # Email address: echo ${escapeShellArg cfg.initialEmail} Loading nixos/tests/pgadmin4.nix +39 −17 Original line number Diff line number Diff line Loading @@ -4,7 +4,8 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: name = "pgadmin4"; meta.maintainers = with lib.maintainers; [ mkg20001 gador ]; nodes.machine = { pkgs, ... }: { nodes = { machine = { pkgs, ... }: { imports = [ ./common/user-account.nix ]; Loading @@ -28,6 +29,23 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: initialPasswordFile = pkgs.writeText "pw" "bruh2012!"; }; }; machine2 = { pkgs, ... }: { imports = [ ./common/user-account.nix ]; services.postgresql = { enable = true; }; services.pgadmin = { enable = true; initialEmail = "bruh@localhost.de"; initialPasswordFile = pkgs.writeText "pw" "bruh2012!"; minimumPasswordLength = 12; }; }; }; testScript = '' with subtest("Check pgadmin module"): Loading @@ -49,5 +67,9 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: machine.wait_until_succeeds("curl -sS localhost:5050") machine.wait_until_succeeds("curl -sS localhost:5050/browser/ | grep \"<title>pgAdmin 4</title>\" > /dev/null") machine.succeed("wget -nv --level=1 --spider --recursive localhost:5050/browser") with subtest("Check pgadmin minimum password length"): machine2.wait_for_unit("postgresql") machine2.wait_for_console_text("Password must be at least 12 characters long") ''; }) Loading
nixos/modules/services/admin/pgadmin.nix +17 −1 Original line number Diff line number Diff line Loading @@ -44,12 +44,19 @@ in initialPasswordFile = mkOption { description = lib.mdDoc '' Initial password file for the pgAdmin account. Initial password file for the pgAdmin account. Minimum length by default is 6. Please see `services.pgadmin.minimumPasswordLength`. NOTE: Should be string not a store path, to prevent the password from being world readable ''; type = types.path; }; minimumPasswordLength = mkOption { description = lib.mdDoc "Minimum length of the password"; type = types.int; default = 6; }; emailServer = { enable = mkOption { description = lib.mdDoc '' Loading Loading @@ -116,6 +123,7 @@ in services.pgadmin.settings = { DEFAULT_SERVER_PORT = cfg.port; PASSWORD_LENGTH_MIN = cfg.minimumPasswordLength; SERVER_MODE = true; UPGRADE_CHECK_ENABLED = false; } // (optionalAttrs cfg.openFirewall { Loading @@ -141,6 +149,14 @@ in preStart = '' # NOTE: this is idempotent (aka running it twice has no effect) # Check here for password length to prevent pgadmin from starting # and presenting a hard to find error message # see https://github.com/NixOS/nixpkgs/issues/270624 PW_LENGTH=$(wc -m < ${escapeShellArg cfg.initialPasswordFile}) if [ $PW_LENGTH -lt ${toString cfg.minimumPasswordLength} ]; then echo "Password must be at least ${toString cfg.minimumPasswordLength} characters long" exit 1 fi ( # Email address: echo ${escapeShellArg cfg.initialEmail} Loading
nixos/tests/pgadmin4.nix +39 −17 Original line number Diff line number Diff line Loading @@ -4,7 +4,8 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: name = "pgadmin4"; meta.maintainers = with lib.maintainers; [ mkg20001 gador ]; nodes.machine = { pkgs, ... }: { nodes = { machine = { pkgs, ... }: { imports = [ ./common/user-account.nix ]; Loading @@ -28,6 +29,23 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: initialPasswordFile = pkgs.writeText "pw" "bruh2012!"; }; }; machine2 = { pkgs, ... }: { imports = [ ./common/user-account.nix ]; services.postgresql = { enable = true; }; services.pgadmin = { enable = true; initialEmail = "bruh@localhost.de"; initialPasswordFile = pkgs.writeText "pw" "bruh2012!"; minimumPasswordLength = 12; }; }; }; testScript = '' with subtest("Check pgadmin module"): Loading @@ -49,5 +67,9 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: machine.wait_until_succeeds("curl -sS localhost:5050") machine.wait_until_succeeds("curl -sS localhost:5050/browser/ | grep \"<title>pgAdmin 4</title>\" > /dev/null") machine.succeed("wget -nv --level=1 --spider --recursive localhost:5050/browser") with subtest("Check pgadmin minimum password length"): machine2.wait_for_unit("postgresql") machine2.wait_for_console_text("Password must be at least 12 characters long") ''; })
