christian
/
nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

htpasswd -> mkpasswd

This commit is contained in:
Linus Heckemann 2022-11-27 19:14:22 +00:00 committed by lewo
parent 004c229ca4
commit a40e9c3abb
8 changed files with 22 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitlab-ci.yml
View File

@ -3,11 +3,11 @@ hydra-pr:
- merge_requests - merge_requests
image: nixos/nix image: nixos/nix
script: script:
- nix --extra-experimental-features nix-command run -f channel:nixos-unstable hydra-cli -- -H https://hydra.nix-community.org jobset-wait simple-nixos-mailserver ${CI_MERGE_REQUEST_IID} - nix-shell -I nixpkgs=channel:nixos-unstable -p hydra-cli --run 'hydra-cli -H https://hydra.nix-community.org jobset-wait simple-nixos-mailserver ${CI_MERGE_REQUEST_IID}'
hydra-master: hydra-master:
only: only:
- master - master
image: nixos/nix image: nixos/nix
script: script:
- nix --extra-experimental-features nix-command run -f channel:nixos-unstable hydra-cli -- -H https://hydra.nix-community.org jobset-wait simple-nixos-mailserver master - nix-shell -I nixpkgs=channel:nixos-unstable -p hydra-cli --run 'hydra-cli -H https://hydra.nix-community.org jobset-wait simple-nixos-mailserver master'

2
README.md
View File

@ -96,7 +96,7 @@ D9FE 4119 F082 6F15 93BD BD36 6162 DBA5 635E A16A
domains = [ "example.com" "example2.com" ]; domains = [ "example.com" "example2.com" ];
loginAccounts = { loginAccounts = {
"user1@example.com" = { "user1@example.com" = {
# nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 > /hashed/password/file/location # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt' > /hashed/password/file/location
hashedPasswordFile = "/hashed/password/file/location"; hashedPasswordFile = "/hashed/password/file/location";
aliases = [ aliases = [

12
default.nix
View File

@ -72,10 +72,10 @@ in
default = null; default = null;
example = "$6$evQJs5CFQyPAW09S$Cn99Y8.QjZ2IBnSu4qf1vBxDRWkaIZWOtmu1Ddsm3.H3CFpeVc0JU4llIq8HQXgeatvYhh5O33eWG3TSpjzu6/"; example = "$6$evQJs5CFQyPAW09S$Cn99Y8.QjZ2IBnSu4qf1vBxDRWkaIZWOtmu1Ddsm3.H3CFpeVc0JU4llIq8HQXgeatvYhh5O33eWG3TSpjzu6/";
description = '' description = ''
The user's hashed password. Use `htpasswd` as follows The user's hashed password. Use `mkpasswd` as follows
``` ```
nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
``` ```
Warning: this is stored in plaintext in the Nix store! Warning: this is stored in plaintext in the Nix store!
@ -88,10 +88,10 @@ in
default = null; default = null;
example = "/run/keys/user1-passwordhash"; example = "/run/keys/user1-passwordhash";
description = '' description = ''
A file containing the user's hashed password. Use `htpasswd` as follows A file containing the user's hashed password. Use `mkpasswd` as follows
``` ```
nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
``` ```
''; '';
}; };
@ -184,11 +184,11 @@ in
}; };
description = '' description = ''
The login account of the domain. Every account is mapped to a unix user, The login account of the domain. Every account is mapped to a unix user,
e.g. `user1@example.com`. To generate the passwords use `htpasswd` as e.g. `user1@example.com`. To generate the passwords use `mkpasswd` as
follows follows
``` ```
nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
``` ```
''; '';
default = {}; default = {};

4
docs/add-radicale.rst
View File

@ -4,8 +4,8 @@ Add Radicale
Configuration by @dotlambda Configuration by @dotlambda
Starting with Radicale 3 (first introduced in NixOS 20.09) the traditional Starting with Radicale 3 (first introduced in NixOS 20.09) the traditional
crypt passwords, as generated by `mkpasswd`, are no longer supported. Instead crypt passwords are no longer supported. Instead bcrypt passwords
bcrypt passwords have to be used which can be generated using `htpasswd`. have to be used. These can still be generated using `mkpasswd -m bcrypt`.
.. code:: nix .. code:: nix

12
docs/options.rst
View File

@ -458,11 +458,11 @@ mailserver.loginAccounts
------------------------ ------------------------
The login account of the domain. Every account is mapped to a unix user, The login account of the domain. Every account is mapped to a unix user,
e.g. `user1@example.com`. To generate the passwords use `htpasswd` as e.g. `user1@example.com`. To generate the passwords use `mkpasswd` as
follows follows
``` ```
nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
``` ```
@ -496,10 +496,10 @@ Note: Does not allow sending from all addresses of these domains.
mailserver.loginAccounts.<name>.hashedPassword mailserver.loginAccounts.<name>.hashedPassword
---------------------------------------------- ----------------------------------------------
The user's hashed password. Use `htpasswd` as follows The user's hashed password. Use `mkpasswd` as follows
``` ```
nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
``` ```
Warning: this is stored in plaintext in the Nix store! Warning: this is stored in plaintext in the Nix store!
@ -513,10 +513,10 @@ Use `hashedPasswordFile` instead.
mailserver.loginAccounts.<name>.hashedPasswordFile mailserver.loginAccounts.<name>.hashedPasswordFile
-------------------------------------------------- --------------------------------------------------
A file containing the user's hashed password. Use `htpasswd` as follows A file containing the user's hashed password. Use `mkpasswd` as follows
``` ```
nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
``` ```

2
docs/setup-guide.rst
View File

@ -70,7 +70,7 @@ these should be the most common ones.
domains = [ "example.com" ]; domains = [ "example.com" ];
# A list of all login accounts. To create the password hashes, use # A list of all login accounts. To create the password hashes, use
# nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
loginAccounts = { loginAccounts = {
"user1@example.com" = { "user1@example.com" = {
hashedPasswordFile = "/a/file/containing/a/hashed/password"; hashedPasswordFile = "/a/file/containing/a/hashed/password";

4
tests/internal.nix
View File

@ -29,8 +29,8 @@ let
hashPassword = password: pkgs.runCommand hashPassword = password: pkgs.runCommand
"password-${password}-hashed" "password-${password}-hashed"
{ buildInputs = [ pkgs.apacheHttpd ]; } '' { buildInputs = [ pkgs.mkpasswd ]; inherit password; } ''
htpasswd -nbB "" "${password}" | cut -d: -f2 > $out mkpasswd -sm bcrypt <<<"$password" > $out
''; '';
hashedPasswordFile = hashPassword "my-password"; hashedPasswordFile = hashPassword "my-password";

4
tests/multiple.nix
View File

@ -5,9 +5,9 @@
let let
hashPassword = password: pkgs.runCommand hashPassword = password: pkgs.runCommand
"password-${password}-hashed" "password-${password}-hashed"
{ buildInputs = [ pkgs.apacheHttpd ]; } { buildInputs = [ pkgs.mkpasswd ]; inherit password; }
'' ''
htpasswd -nbB "" "${password}" | cut -d: -f2 > $out mkpasswd -sm bcrypt <<<"$password" > $out
''; '';
password = pkgs.writeText "password" "password"; password = pkgs.writeText "password" "password";